Trojaner-Board
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Computer Verschlüsselungstrojaner (https://www.trojaner-board.de/117000-computer-verschluesselungstrojaner.html)

cosinus 21.06.2012 19:47
Starte Windows neu im abgesicherten Modus (mit Netzwerktreibern nach Möglichkeit), manchmal hakt das Fixen mit OTL im normalen Modus aber sehr oft funktioniert der Fix im abgesicherte Modus.

magicfortune 23.06.2012 08:46
Habe den Pc im abgesicherten Modus mit und ohne Netzwerkfreigabe gestartet.

Bei beiden ist das System kurz nach dem Klick auf dem Fix-Button abgestürzt, wieder mit der Fehlermeldung.

Hätte ich beim OTL noch irgenwelche Häkchen o.ä machen müssen.
Habe nur alle Benutzer haken gemacht.

mfg
magicfortune

cosinus 24.06.2012 16:10
Probier es bitte mit diesem Sckript aus

Code:
:OTL
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.1&q="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
FF - prefs.js..extensions.enabledItems: ffext@webwebweb:1.0.0.449
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=CDS&o=16225&locale=en_US&apn_uid=6789FF94-1B5C-418F-AB67-D056611F19BA&apn_ptnrs=QQ&apn_sauid=B0654D97-0C66-4B09-B061-B47EE50BE6D3&apn_dtid=YYYYYYYYDE&&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://start.icq.com/"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&q="
[2010.09.16 19:48:38 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Désirée\AppData\Roaming\mozilla\Firefox\Profiles\gjpz37rw.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2010.06.15 17:37:06 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Désirée\AppData\Roaming\mozilla\Firefox\Profiles\gjpz37rw.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.05.18 20:00:22 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Désirée\AppData\Roaming\mozilla\Firefox\Profiles\gjpz37rw.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012.03.28 20:46:06 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Désirée\AppData\Roaming\mozilla\Firefox\Profiles\gjpz37rw.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.12.19 21:52:59 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Désirée\AppData\Roaming\mozilla\Firefox\Profiles\gjpz37rw.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.10.16 13:34:48 | 000,000,000 | ---D | M] (Webfetti) -- C:\Users\Désirée\AppData\Roaming\mozilla\Firefox\Profiles\gjpz37rw.default\extensions\7dffxtbr@Webfetti.com
[2012.05.24 22:42:22 | 000,000,000 | ---D | M] ("Ask Toolbar") -- C:\Users\Désirée\AppData\Roaming\mozilla\Firefox\Profiles\gjpz37rw.default\extensions\toolbar@ask.com
[2012.06.14 21:48:04 | 000,002,572 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\askcom.xml
[2012.06.10 16:55:55 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-1.xml
[2011.12.18 20:03:20 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-10.xml
[2012.01.02 21:24:32 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-11.xml
[2012.01.18 23:27:21 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-12.xml
[2012.02.18 21:29:21 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-13.xml
[2012.02.26 11:15:12 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-14.xml
[2012.02.26 11:22:54 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-15.xml
[2012.03.28 20:46:12 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-16.xml
[2012.05.06 10:51:49 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-17.xml
[2012.05.13 13:48:01 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-18.xml
[2012.06.08 21:04:19 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-19.xml
[2011.06.16 10:34:03 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-2.xml
[2011.08.02 15:23:19 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-3.xml
[2011.08.26 18:29:56 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-4.xml
[2011.09.11 19:14:01 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-5.xml
[2011.09.15 10:34:20 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-6.xml
[2011.10.01 16:04:14 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-7.xml
[2011.10.11 19:50:07 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-8.xml
[2011.11.09 21:37:04 | 000,000,950 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin-9.xml
[2011.03.30 15:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\icqplugin.xml
[2009.08.11 19:23:35 | 000,003,915 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\sweetim.xml
[2011.06.20 23:33:06 | 000,005,218 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\webwebweb.xml
[2009.08.30 16:24:26 | 000,001,201 | ---- | M] () -- C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\searchplugins\winamp-search.xml
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (WebWebWeb) - {BBD43808-9D13-4B0B-B023-178FD1FAE442} - C:\Program Files\WebWebWeb\Plugin\Version_449\link64_plugin.dll File not found
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (ICQ Sparberater) - {FE163F11-1919-4257-A280-FF5AF8DAEECB} - C:\Programme\icq\Internet Explorer\icq.dll (solute gmbh)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-2186960431-4147355705-1044024285-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-2186960431-4147355705-1044024285-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-2186960431-4147355705-1044024285-1000\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4a250eb5-82ae-11de-87e0-002433d377d6}\Shell - "" = AutoRun
O33 - MountPoints2\{4a250eb5-82ae-11de-87e0-002433d377d6}\Shell\AutoRun\command - "" = G:\autorun.exe
[2012.06.08 19:00:30 | 000,000,000 | ---D | C] -- C:\Users\Désirée\AppData\Roaming\Rhiycqnu
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:6017A808
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:6425A235
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:270A3983
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:5E9B629B
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:7FCB9D0D
:Files
C:\Programme\ICQ6Toolbar
C:\Programme\Ask.com
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]

magicfortune 24.06.2012 17:39
Habe es probiert aber wieder Systemabsturz im normalen und im abgesicherten Modus.

Hier die Fehlermeldung Windows.

Code:
Problemsignatur:
  Problemereignisname:        BlueScreen
  Betriebsystemversion:        6.1.7601.2.1.0.768.3
  Gebietsschema-ID:        1031

Zusatzinformationen zum Problem:
  BCCode:        f4
  BCP1:        00000003
  BCP2:        88151C08
  BCP3:        88151D74
  BCP4:        82A19DF0
  OS Version:        6_1_7601
  Service Pack:        1_0
  Product:        768_1

Dateien, die bei der Beschreibung des Problems hilfreich sind:
  C:\Windows\Minidump\062412-33836-01.dmp
  C:\Users\Désirée\AppData\Local\Temp\WER-61323-0.sysdata.xml

Lesen Sie unsere Datenschutzbestimmungen online:
  hxxp://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0407

Wenn die Onlinedatenschutzbestimmungen nicht verfügbar sind, lesen Sie unsere Datenschutzbestimmungen offline:
  C:\Windows\system32\de-DE\erofflps.txt
vllt. hilft es.

Mfg

magicfortune

cosinus 24.06.2012 17:49
Neuer Versuch:

Code:
:OTL
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (WebWebWeb) - {BBD43808-9D13-4B0B-B023-178FD1FAE442} - C:\Program Files\WebWebWeb\Plugin\Version_449\link64_plugin.dll File not found
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (ICQ Sparberater) - {FE163F11-1919-4257-A280-FF5AF8DAEECB} - C:\Programme\icq\Internet Explorer\icq.dll (solute gmbh)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-2186960431-4147355705-1044024285-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-2186960431-4147355705-1044024285-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-2186960431-4147355705-1044024285-1000\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4a250eb5-82ae-11de-87e0-002433d377d6}\Shell - "" = AutoRun
O33 - MountPoints2\{4a250eb5-82ae-11de-87e0-002433d377d6}\Shell\AutoRun\command - "" = G:\autorun.exe
[2012.06.08 19:00:30 | 000,000,000 | ---D | C] -- C:\Users\Désirée\AppData\Roaming\Rhiycqnu
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:6017A808
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:6425A235
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:270A3983
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:5E9B629B
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:7FCB9D0D
:Files
C:\Programme\ICQ6Toolbar
C:\Programme\Ask.com
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]

magicfortune 24.06.2012 18:14
Hat funktioniert :)

Hier das Log

Code:
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}\ deleted successfully.
C:\Programme\Winamp Toolbar\winamptb.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBD43808-9D13-4B0B-B023-178FD1FAE442}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BBD43808-9D13-4B0B-B023-178FD1FAE442}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Programme\Ask.com\GenericAskToolbar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE163F11-1919-4257-A280-FF5AF8DAEECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE163F11-1919-4257-A280-FF5AF8DAEECB}\ deleted successfully.
C:\Programme\icq\Internet Explorer\icq.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
C:\Programme\ICQ6Toolbar\ICQToolBar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}\ deleted successfully.
C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2}\ deleted successfully.
File C:\Programme\Winamp Toolbar\winamptb.dll not found.
Registry value HKEY_USERS\S-1-5-21-2186960431-4147355705-1044024285-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_USERS\S-1-5-21-2186960431-4147355705-1044024285-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-2186960431-4147355705-1044024285-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}\ not found.
File C:\Programme\Winamp Toolbar\winamptb.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater deleted successfully.
C:\Programme\Ask.com\Updater\Updater.exe moved successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4a250eb5-82ae-11de-87e0-002433d377d6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4a250eb5-82ae-11de-87e0-002433d377d6}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4a250eb5-82ae-11de-87e0-002433d377d6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4a250eb5-82ae-11de-87e0-002433d377d6}\ not found.
File G:\autorun.exe not found.
C:\Users\Désirée\AppData\Roaming\Rhiycqnu folder moved successfully.
ADS C:\ProgramData\TEMP:6017A808 deleted successfully.
ADS C:\ProgramData\TEMP:6425A235 deleted successfully.
ADS C:\ProgramData\TEMP:270A3983 deleted successfully.
ADS C:\ProgramData\TEMP:5E9B629B deleted successfully.
ADS C:\ProgramData\TEMP:7FCB9D0D deleted successfully.
========== FILES ==========
File\Folder C:\Programme\ICQ6Toolbar not found.
File\Folder C:\Programme\Ask.com not found.
 
OTL by OldTimer - Version 3.2.49.0 log created on 06242012_191335
MfG

magicfortune

cosinus 24.06.2012 18:16
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

magicfortune 24.06.2012 18:37
Ok hier das TDSS Log

Code:
19:32:52.0848 6056        TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32
19:32:53.0051 6056        ============================================================
19:32:53.0051 6056        Current date / time: 2012/06/24 19:32:53.0051
19:32:53.0051 6056        SystemInfo:
19:32:53.0051 6056       
19:32:53.0051 6056        OS Version: 6.1.7601 ServicePack: 1.0
19:32:53.0051 6056        Product type: Workstation
19:32:53.0051 6056        ComputerName: DÉSIRÉE-PC
19:32:53.0051 6056        UserName: Désirée
19:32:53.0051 6056        Windows directory: C:\Windows
19:32:53.0051 6056        System windows directory: C:\Windows
19:32:53.0051 6056        Processor architecture: Intel x86
19:32:53.0051 6056        Number of processors: 2
19:32:53.0051 6056        Page size: 0x1000
19:32:53.0051 6056        Boot type: Normal boot
19:32:53.0051 6056        ============================================================
19:32:53.0659 6056        Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:32:53.0659 6056        ============================================================
19:32:53.0659 6056        \Device\Harddisk0\DR0:
19:32:53.0659 6056        MBR partitions:
19:32:53.0659 6056        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1462800, BlocksNum 0x23FCBAB0
19:32:53.0659 6056        ============================================================
19:32:53.0722 6056        C: <-> \Device\Harddisk0\DR0\Partition0
19:32:53.0722 6056        ============================================================
19:32:53.0722 6056        Initialize success
19:32:53.0722 6056        ============================================================
19:33:27.0230 6020        ============================================================
19:33:27.0230 6020        Scan started
19:33:27.0230 6020        Mode: Manual; SigCheck; TDLFS;
19:33:27.0230 6020        ============================================================
19:33:27.0666 6020        1394ohci        (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
19:33:27.0776 6020        1394ohci - ok
19:33:27.0932 6020        ABBYY.Licensing.FineReader.Sprint.9.0 (b33cf4de909a5b30f526d82053a63c8e) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
19:33:27.0963 6020        ABBYY.Licensing.FineReader.Sprint.9.0 - ok
19:33:28.0056 6020        ACDaemon        (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
19:33:28.0072 6020        ACDaemon - ok
19:33:28.0150 6020        ACPI            (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
19:33:28.0166 6020        ACPI - ok
19:33:28.0228 6020        AcpiPmi        (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
19:33:28.0322 6020        AcpiPmi - ok
19:33:28.0431 6020        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:33:28.0446 6020        AdobeARMservice - ok
19:33:28.0571 6020        AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:33:28.0587 6020        AdobeFlashPlayerUpdateSvc - ok
19:33:28.0680 6020        adp94xx        (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
19:33:28.0712 6020        adp94xx - ok
19:33:28.0758 6020        adpahci        (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
19:33:28.0790 6020        adpahci - ok
19:33:28.0836 6020        adpu320        (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
19:33:28.0852 6020        adpu320 - ok
19:33:28.0899 6020        AeLookupSvc    (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
19:33:28.0961 6020        AeLookupSvc - ok
19:33:29.0055 6020        AFD            (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
19:33:29.0180 6020        AFD - ok
19:33:29.0258 6020        agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
19:33:29.0273 6020        agp440 - ok
19:33:29.0351 6020        aic78xx        (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
19:33:29.0382 6020        aic78xx - ok
19:33:29.0445 6020        ALG            (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
19:33:29.0507 6020        ALG - ok
19:33:29.0554 6020        aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
19:33:29.0570 6020        aliide - ok
19:33:29.0648 6020        AMD External Events Utility (b19505648f033393e907e2e419fde8b3) C:\Windows\system32\atiesrxx.exe
19:33:29.0726 6020        AMD External Events Utility - ok
19:33:29.0788 6020        amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
19:33:29.0804 6020        amdagp - ok
19:33:29.0835 6020        amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
19:33:29.0866 6020        amdide - ok
19:33:29.0928 6020        AmdK8          (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
19:33:29.0991 6020        AmdK8 - ok
19:33:30.0038 6020        AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
19:33:30.0084 6020        AmdPPM - ok
19:33:30.0162 6020        amdsata        (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
19:33:30.0178 6020        amdsata - ok
19:33:30.0240 6020        amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
19:33:30.0256 6020        amdsbs - ok
19:33:30.0272 6020        amdxata        (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
19:33:30.0287 6020        amdxata - ok
19:33:30.0396 6020        AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files\Avira\AntiVir Desktop\sched.exe
19:33:30.0412 6020        AntiVirSchedulerService - ok
19:33:30.0459 6020        AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
19:33:30.0474 6020        AntiVirService - ok
19:33:30.0537 6020        ApfiltrService  (9159bd0b3f93f4a22264fb3895b4f3f9) C:\Windows\system32\DRIVERS\Apfiltr.sys
19:33:30.0552 6020        ApfiltrService - ok
19:33:30.0615 6020        AppID          (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
19:33:30.0771 6020        AppID - ok
19:33:30.0802 6020        AppIDSvc        (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
19:33:30.0880 6020        AppIDSvc - ok
19:33:30.0927 6020        Appinfo        (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
19:33:30.0974 6020        Appinfo - ok
19:33:31.0020 6020        arc            (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
19:33:31.0036 6020        arc - ok
19:33:31.0052 6020        arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
19:33:31.0067 6020        arcsas - ok
19:33:31.0114 6020        ArcSoftKsUFilter (857b48965a0503b7ab795d4bfe7cbd8b) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
19:33:31.0130 6020        ArcSoftKsUFilter - ok
19:33:31.0145 6020        AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
19:33:31.0270 6020        AsyncMac - ok
19:33:31.0317 6020        atapi          (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
19:33:31.0332 6020        atapi - ok
19:33:31.0754 6020        atikmdag        (04f09923a393e4e0e8453a8f78361e73) C:\Windows\system32\DRIVERS\atikmdag.sys
19:33:31.0910 6020        atikmdag - ok
19:33:32.0112 6020        AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
19:33:32.0175 6020        AudioEndpointBuilder - ok
19:33:32.0175 6020        Audiosrv        (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
19:33:32.0206 6020        Audiosrv - ok
19:33:32.0315 6020        avgntflt        (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys
19:33:32.0346 6020        avgntflt - ok
19:33:32.0409 6020        avipbb          (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys
19:33:32.0424 6020        avipbb - ok
19:33:32.0456 6020        avkmgr          (53e56450da16a1a7f0d002f511113f67) C:\Windows\system32\DRIVERS\avkmgr.sys
19:33:32.0471 6020        avkmgr - ok
19:33:32.0534 6020        AxInstSV        (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
19:33:32.0612 6020        AxInstSV - ok
19:33:32.0690 6020        b06bdrv        (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
19:33:32.0752 6020        b06bdrv - ok
19:33:32.0814 6020        b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
19:33:32.0846 6020        b57nd60x - ok
19:33:32.0908 6020        BDESVC          (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
19:33:32.0955 6020        BDESVC - ok
19:33:32.0970 6020        Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
19:33:33.0017 6020        Beep - ok
19:33:33.0080 6020        BFE            (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
19:33:33.0142 6020        BFE - ok
19:33:33.0204 6020        BITS            (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
19:33:33.0282 6020        BITS - ok
19:33:33.0329 6020        blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
19:33:33.0345 6020        blbdrive - ok
19:33:33.0407 6020        bowser          (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
19:33:33.0454 6020        bowser - ok
19:33:33.0470 6020        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:33:33.0548 6020        BrFiltLo - ok
19:33:33.0579 6020        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:33:33.0594 6020        BrFiltUp - ok
19:33:33.0641 6020        Browser        (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
19:33:33.0704 6020        Browser - ok
19:33:33.0750 6020        Brserid        (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
19:33:33.0797 6020        Brserid - ok
19:33:33.0813 6020        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
19:33:33.0828 6020        BrSerWdm - ok
19:33:33.0844 6020        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:33:33.0875 6020        BrUsbMdm - ok
19:33:33.0891 6020        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
19:33:33.0906 6020        BrUsbSer - ok
19:33:33.0969 6020        BthEnum        (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
19:33:34.0031 6020        BthEnum - ok
19:33:34.0078 6020        BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
19:33:34.0125 6020        BTHMODEM - ok
19:33:34.0156 6020        BthPan          (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
19:33:34.0187 6020        BthPan - ok
19:33:34.0250 6020        BTHPORT        (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\system32\Drivers\BTHport.sys
19:33:34.0312 6020        BTHPORT - ok
19:33:34.0374 6020        bthserv        (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
19:33:34.0421 6020        bthserv - ok
19:33:34.0437 6020        BTHUSB          (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\system32\Drivers\BTHUSB.sys
19:33:34.0468 6020        BTHUSB - ok
19:33:34.0499 6020        btwaudio        (cd956dd816d9959748eb787a5121d1e4) C:\Windows\system32\drivers\btwaudio.sys
19:33:34.0499 6020        btwaudio - ok
19:33:34.0562 6020        btwavdt        (4ca1cc3d13466a3e2e9e9119d00aec78) C:\Windows\system32\DRIVERS\btwavdt.sys
19:33:34.0577 6020        btwavdt - ok
19:33:34.0686 6020        btwdins        (fe7fcace3678200ae202eb29c9b6a8e8) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
19:33:34.0718 6020        btwdins - ok
19:33:34.0749 6020        btwl2cap        (54c2ee0a3cec586629035d771aacae67) C:\Windows\system32\DRIVERS\btwl2cap.sys
19:33:34.0749 6020        btwl2cap - ok
19:33:34.0780 6020        btwrchid        (f857ef2d941530772ae828ecd6d71b22) C:\Windows\system32\DRIVERS\btwrchid.sys
19:33:34.0780 6020        btwrchid - ok
19:33:34.0827 6020        camfilt2        (088c0978203d59425a12b2a53fccd02b) C:\Windows\system32\DRIVERS\camfilt2.sys
19:33:34.0858 6020        camfilt2 - ok
19:33:34.0889 6020        cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
19:33:34.0952 6020        cdfs - ok
19:33:35.0014 6020        cdrom          (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
19:33:35.0045 6020        cdrom - ok
19:33:35.0108 6020        CertPropSvc    (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
19:33:35.0154 6020        CertPropSvc - ok
19:33:35.0186 6020        circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
19:33:35.0186 6020        circlass - ok
19:33:35.0248 6020        CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
19:33:35.0264 6020        CLFS - ok
19:33:35.0342 6020        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:33:35.0373 6020        clr_optimization_v2.0.50727_32 - ok
19:33:35.0435 6020        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:33:35.0482 6020        clr_optimization_v4.0.30319_32 - ok
19:33:35.0513 6020        CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
19:33:35.0544 6020        CmBatt - ok
19:33:35.0607 6020        cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
19:33:35.0622 6020        cmdide - ok
19:33:35.0700 6020        CNG            (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
19:33:35.0747 6020        CNG - ok
19:33:35.0778 6020        Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
19:33:35.0794 6020        Compbatt - ok
19:33:35.0856 6020        CompositeBus    (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
19:33:35.0888 6020        CompositeBus - ok
19:33:35.0919 6020        COMSysApp - ok
19:33:35.0934 6020        crcdisk        (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
19:33:35.0950 6020        crcdisk - ok
19:33:35.0997 6020        CryptSvc        (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
19:33:36.0059 6020        CryptSvc - ok
19:33:36.0122 6020        DcomLaunch      (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
19:33:36.0168 6020        DcomLaunch - ok
19:33:36.0215 6020        defragsvc      (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
19:33:36.0293 6020        defragsvc - ok
19:33:36.0340 6020        DfsC            (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
19:33:36.0402 6020        DfsC - ok
19:33:36.0465 6020        Dhcp            (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
19:33:36.0512 6020        Dhcp - ok
19:33:36.0558 6020        discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
19:33:36.0605 6020        discache - ok
19:33:36.0652 6020        Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
19:33:36.0668 6020        Disk - ok
19:33:36.0699 6020        DMICall        (f206e28ed74c491fd5d7c0a1119ce37f) C:\Windows\system32\DRIVERS\DMICall.sys
19:33:36.0699 6020        DMICall - ok
19:33:36.0746 6020        Dnscache        (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
19:33:36.0792 6020        Dnscache - ok
19:33:36.0839 6020        dot3svc        (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
19:33:36.0917 6020        dot3svc - ok
19:33:36.0964 6020        Dot4            (b5e479eb83707dd698f66953e922042c) C:\Windows\system32\DRIVERS\Dot4.sys
19:33:37.0011 6020        Dot4 - ok
19:33:37.0058 6020        Dot4Print      (caefd09b6a6249c53a67d55a9a9fcabf) C:\Windows\system32\drivers\Dot4Prt.sys
19:33:37.0104 6020        Dot4Print - ok
19:33:37.0120 6020        dot4usb        (cf491ff38d62143203c065260567e2f7) C:\Windows\system32\DRIVERS\dot4usb.sys
19:33:37.0151 6020        dot4usb - ok
19:33:37.0198 6020        DPS            (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
19:33:37.0245 6020        DPS - ok
19:33:37.0292 6020        drmkaud        (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
19:33:37.0323 6020        drmkaud - ok
19:33:37.0416 6020        DXGKrnl        (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
19:33:37.0448 6020        DXGKrnl - ok
19:33:37.0494 6020        EapHost        (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
19:33:37.0557 6020        EapHost - ok
19:33:37.0822 6020        ebdrv          (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
19:33:37.0916 6020        ebdrv - ok
19:33:38.0056 6020        EFS            (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
19:33:38.0103 6020        EFS - ok
19:33:38.0212 6020        ehRecvr        (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
19:33:38.0290 6020        ehRecvr - ok
19:33:38.0321 6020        ehSched        (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
19:33:38.0368 6020        ehSched - ok
19:33:38.0493 6020        elxstor        (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
19:33:38.0524 6020        elxstor - ok
19:33:38.0633 6020        EpsonBidirectionalService (abdd5ad016affd34ad40e944ce94bf59) C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
19:33:38.0633 6020        EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - warning
19:33:38.0633 6020        EpsonBidirectionalService - detected UnsignedFile.Multi.Generic (1)
19:33:38.0696 6020        EPSON_EB_RPCV4_04 (b92f2b3247f0a99490c1298a1d3d7b4c) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
19:33:38.0742 6020        EPSON_EB_RPCV4_04 - ok
19:33:38.0758 6020        EPSON_PM_RPCV4_04 (651336b99c75fb54e4b5971cf458f9bd) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
19:33:38.0805 6020        EPSON_PM_RPCV4_04 - ok
19:33:38.0836 6020        ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
19:33:38.0867 6020        ErrDev - ok
19:33:38.0945 6020        EventSystem    (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
19:33:39.0008 6020        EventSystem - ok
19:33:39.0148 6020        EvtEng          (ba6063e3375f9bc11a9c8450a7f61e70) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
19:33:39.0195 6020        EvtEng ( UnsignedFile.Multi.Generic ) - warning
19:33:39.0195 6020        EvtEng - detected UnsignedFile.Multi.Generic (1)
19:33:39.0226 6020        exfat          (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
19:33:39.0288 6020        exfat - ok
19:33:39.0304 6020        fastfat        (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
19:33:39.0351 6020        fastfat - ok
19:33:39.0460 6020        Fax            (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
19:33:39.0522 6020        Fax - ok
19:33:39.0538 6020        fdc            (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
19:33:39.0569 6020        fdc - ok
19:33:39.0600 6020        fdPHost        (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
19:33:39.0647 6020        fdPHost - ok
19:33:39.0663 6020        FDResPub        (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
19:33:39.0710 6020        FDResPub - ok
19:33:39.0725 6020        FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
19:33:39.0741 6020        FileInfo - ok
19:33:39.0756 6020        Filetrace      (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
19:33:39.0788 6020        Filetrace - ok
19:33:39.0803 6020        flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
19:33:39.0834 6020        flpydisk - ok
19:33:39.0897 6020        FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
19:33:39.0912 6020        FltMgr - ok
19:33:39.0990 6020        FontCache      (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
19:33:40.0068 6020        FontCache - ok
19:33:40.0178 6020        FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:33:40.0193 6020        FontCache3.0.0.0 - ok
19:33:40.0240 6020        FsDepends      (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
19:33:40.0256 6020        FsDepends - ok
19:33:40.0302 6020        fssfltr        (b74b0578fd1d3f897e95f2a2b69ea051) C:\Windows\system32\DRIVERS\fssfltr.sys
19:33:40.0318 6020        fssfltr - ok
19:33:40.0443 6020        fsssvc          (45b52394f9624237f33a8a3d73c0b221) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
19:33:40.0474 6020        fsssvc - ok
19:33:40.0505 6020        Fs_Rec          (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
19:33:40.0521 6020        Fs_Rec - ok
19:33:40.0583 6020        fvevol          (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
19:33:40.0614 6020        fvevol - ok
19:33:40.0646 6020        gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:33:40.0661 6020        gagp30kx - ok
19:33:40.0724 6020        GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
19:33:40.0739 6020        GoogleDesktopManager-051210-111108 - ok
19:33:40.0848 6020        gpsvc          (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
19:33:40.0895 6020        gpsvc - ok
19:33:40.0911 6020        hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
19:33:40.0973 6020        hcw85cir - ok
19:33:41.0036 6020        HDAudBus        (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
19:33:41.0082 6020        HDAudBus - ok
19:33:41.0098 6020        HidBatt        (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
19:33:41.0129 6020        HidBatt - ok
19:33:41.0145 6020        HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
19:33:41.0192 6020        HidBth - ok
19:33:41.0223 6020        HidIr          (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
19:33:41.0238 6020        HidIr - ok
19:33:41.0285 6020        hidserv        (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
19:33:41.0316 6020        hidserv - ok
19:33:41.0332 6020        HidUsb          (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys
19:33:41.0348 6020        HidUsb - ok
19:33:41.0394 6020        hkmsvc          (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
19:33:41.0457 6020        hkmsvc - ok
19:33:41.0504 6020        HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
19:33:41.0550 6020        HomeGroupListener - ok
19:33:41.0613 6020        HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
19:33:41.0660 6020        HomeGroupProvider - ok
19:33:41.0784 6020        hpqcxs08        (fcb563b0a23643e5f80b6ff1e60f610f) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
19:33:41.0816 6020        hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
19:33:41.0816 6020        hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
19:33:41.0847 6020        hpqddsvc        (25e443e27165c652723a92d9bdfd4649) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
19:33:41.0862 6020        hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
19:33:41.0862 6020        hpqddsvc - detected UnsignedFile.Multi.Generic (1)
19:33:41.0925 6020        HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
19:33:41.0940 6020        HpSAMD - ok
19:33:41.0956 6020        HSF_DPV - ok
19:33:41.0956 6020        HSXHWAZL - ok
19:33:42.0034 6020        HTTP            (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
19:33:42.0081 6020        HTTP - ok
19:33:42.0112 6020        hwpolicy        (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
19:33:42.0128 6020        hwpolicy - ok
19:33:42.0159 6020        hxctlflt        (f02ea43ae8f936124debf5b87f12c795) C:\Windows\system32\DRIVERS\hxctlflt.sys
19:33:42.0206 6020        hxctlflt - ok
19:33:42.0268 6020        i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
19:33:42.0284 6020        i8042prt - ok
19:33:42.0346 6020        iaStor          (db0cc620b27a928d968c1a1e9cd9cb87) C:\Windows\system32\DRIVERS\iaStor.sys
19:33:42.0362 6020        iaStor - ok
19:33:42.0424 6020        iaStorV        (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
19:33:42.0440 6020        iaStorV - ok
19:33:42.0564 6020        ICQ Service    (7a95a3ad931b97fec5067e40636ce37f) C:\Program Files\ICQ6Toolbar\ICQ Service.exe
19:33:42.0596 6020        ICQ Service - ok
19:33:42.0767 6020        idsvc          (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:33:42.0814 6020        idsvc - ok
19:33:42.0970 6020        iirsp          (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
19:33:43.0001 6020        iirsp - ok
19:33:43.0110 6020        IKEEXT          (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
19:33:43.0188 6020        IKEEXT - ok
19:33:43.0391 6020        IntcAzAudAddService (3aa1f82efa2b0454af163124c9920d16) C:\Windows\system32\drivers\RTKVHDA.sys
19:33:43.0438 6020        IntcAzAudAddService - ok
19:33:43.0641 6020        intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
19:33:43.0672 6020        intelide - ok
19:33:43.0703 6020        intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
19:33:43.0750 6020        intelppm - ok
19:33:43.0781 6020        IPBusEnum      (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
19:33:43.0828 6020        IPBusEnum - ok
19:33:43.0844 6020        IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:33:43.0906 6020        IpFilterDriver - ok
19:33:43.0984 6020        iphlpsvc        (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
19:33:44.0031 6020        iphlpsvc - ok
19:33:44.0062 6020        IPMIDRV        (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
19:33:44.0109 6020        IPMIDRV - ok
19:33:44.0140 6020        IPNAT          (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
19:33:44.0202 6020        IPNAT - ok
19:33:44.0234 6020        IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
19:33:44.0249 6020        IRENUM - ok
19:33:44.0280 6020        isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
19:33:44.0296 6020        isapnp - ok
19:33:44.0327 6020        iScsiPrt        (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
19:33:44.0358 6020        iScsiPrt - ok
19:33:44.0452 6020        IviRegMgr      (213822072085b5bbad9af30ab577d817) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
19:33:44.0468 6020        IviRegMgr - ok
19:33:44.0499 6020        kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
19:33:44.0514 6020        kbdclass - ok
19:33:44.0546 6020        kbdhid          (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
19:33:44.0592 6020        kbdhid - ok
19:33:44.0624 6020        KeyIso          (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
19:33:44.0639 6020        KeyIso - ok
19:33:44.0655 6020        KSecDD          (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
19:33:44.0670 6020        KSecDD - ok
19:33:44.0686 6020        KSecPkg        (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
19:33:44.0702 6020        KSecPkg - ok
19:33:44.0748 6020        KtmRm          (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
19:33:44.0780 6020        KtmRm - ok
19:33:44.0826 6020        LanmanServer    (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
19:33:44.0873 6020        LanmanServer - ok
19:33:44.0920 6020        LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
19:33:44.0982 6020        LanmanWorkstation - ok
19:33:45.0045 6020        lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
19:33:45.0107 6020        lltdio - ok
19:33:45.0154 6020        lltdsvc        (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
19:33:45.0185 6020        lltdsvc - ok
19:33:45.0185 6020        lmhosts        (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
19:33:45.0216 6020        lmhosts - ok
19:33:45.0248 6020        LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:33:45.0263 6020        LSI_FC - ok
19:33:45.0310 6020        LSI_SAS        (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:33:45.0326 6020        LSI_SAS - ok
19:33:45.0357 6020        LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:33:45.0388 6020        LSI_SAS2 - ok
19:33:45.0435 6020        LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:33:45.0466 6020        LSI_SCSI - ok
19:33:45.0497 6020        luafv          (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
19:33:45.0528 6020        luafv - ok
19:33:45.0591 6020        MBAMProtector  (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
19:33:45.0606 6020        MBAMProtector - ok
19:33:45.0731 6020        MBAMService    (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
19:33:45.0762 6020        MBAMService - ok
19:33:45.0794 6020        Mcx2Svc        (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
19:33:45.0809 6020        Mcx2Svc - ok
19:33:45.0809 6020        mdmxsdk - ok
19:33:45.0825 6020        megasas        (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
19:33:45.0840 6020        megasas - ok
19:33:45.0872 6020        MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
19:33:45.0887 6020        MegaSR - ok
19:33:45.0934 6020        MMCSS          (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
19:33:45.0981 6020        MMCSS - ok
19:33:45.0996 6020        Modem          (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
19:33:46.0043 6020        Modem - ok
19:33:46.0074 6020        monitor        (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
19:33:46.0106 6020        monitor - ok
19:33:46.0152 6020        motccgp - ok
19:33:46.0152 6020        motccgpfl - ok
19:33:46.0168 6020        MotDev - ok
19:33:46.0199 6020        motmodem        (69814acd50a9d6d28296050ef6215d46) C:\Windows\system32\DRIVERS\motmodem.sys
19:33:46.0262 6020        motmodem - ok
19:33:46.0340 6020        MotoHelper      (98a10ac4257a3ba48c9611338544ee49) C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
19:33:46.0371 6020        MotoHelper - ok
19:33:46.0418 6020        mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
19:33:46.0433 6020        mouclass - ok
19:33:46.0480 6020        mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
19:33:46.0511 6020        mouhid - ok
19:33:46.0542 6020        mountmgr        (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
19:33:46.0574 6020        mountmgr - ok
19:33:46.0636 6020        MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:33:46.0667 6020        MozillaMaintenance - ok
19:33:46.0698 6020        mpio            (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
19:33:46.0714 6020        mpio - ok
19:33:46.0730 6020        mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
19:33:46.0761 6020        mpsdrv - ok
19:33:46.0823 6020        MpsSvc          (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
19:33:46.0901 6020        MpsSvc - ok
19:33:46.0932 6020        MRxDAV          (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
19:33:46.0948 6020        MRxDAV - ok
19:33:47.0010 6020        mrxsmb          (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:33:47.0088 6020        mrxsmb - ok
19:33:47.0120 6020        mrxsmb10        (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:33:47.0166 6020        mrxsmb10 - ok
19:33:47.0198 6020        mrxsmb20        (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:33:47.0229 6020        mrxsmb20 - ok
19:33:47.0276 6020        msahci          (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
19:33:47.0291 6020        msahci - ok
19:33:47.0354 6020        msdsm          (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
19:33:47.0385 6020        msdsm - ok
19:33:47.0432 6020        MSDTC          (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
19:33:47.0463 6020        MSDTC - ok
19:33:47.0510 6020        Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
19:33:47.0541 6020        Msfs - ok
19:33:47.0556 6020        mshidkmdf      (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
19:33:47.0588 6020        mshidkmdf - ok
19:33:47.0603 6020        msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
19:33:47.0603 6020        msisadrv - ok
19:33:47.0650 6020        MSiSCSI        (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
19:33:47.0681 6020        MSiSCSI - ok
19:33:47.0681 6020        msiserver - ok
19:33:47.0712 6020        MSKSSRV        (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
19:33:47.0775 6020        MSKSSRV - ok
19:33:47.0806 6020        MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
19:33:47.0837 6020        MSPCLOCK - ok
19:33:47.0868 6020        MSPQM          (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
19:33:47.0915 6020        MSPQM - ok
19:33:47.0931 6020        MsRPC          (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
19:33:47.0978 6020        MsRPC - ok
19:33:48.0009 6020        mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
19:33:48.0040 6020        mssmbios - ok
19:33:48.0056 6020        MSTEE          (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
19:33:48.0071 6020        MSTEE - ok
19:33:48.0087 6020        MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
19:33:48.0102 6020        MTConfig - ok
19:33:48.0118 6020        Mup            (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
19:33:48.0118 6020        Mup - ok
19:33:48.0180 6020        napagent        (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
19:33:48.0227 6020        napagent - ok
19:33:48.0274 6020        NativeWifiP    (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
19:33:48.0321 6020        NativeWifiP - ok
19:33:48.0368 6020        NDIS            (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
19:33:48.0399 6020        NDIS - ok
19:33:48.0430 6020        NdisCap        (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
19:33:48.0477 6020        NdisCap - ok
19:33:48.0492 6020        NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
19:33:48.0539 6020        NdisTapi - ok
19:33:48.0586 6020        Ndisuio        (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
19:33:48.0648 6020        Ndisuio - ok
19:33:48.0680 6020        NdisWan        (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
19:33:48.0758 6020        NdisWan - ok
19:33:48.0804 6020        NDProxy        (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
19:33:48.0851 6020        NDProxy - ok
19:33:48.0851 6020        NetBIOS        (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
19:33:48.0898 6020        NetBIOS - ok
19:33:48.0945 6020        NetBT          (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
19:33:49.0007 6020        NetBT - ok
19:33:49.0038 6020        Netlogon        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
19:33:49.0038 6020        Netlogon - ok
19:33:49.0101 6020        Netman          (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
19:33:49.0163 6020        Netman - ok
19:33:49.0226 6020        netprofm        (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
19:33:49.0272 6020        netprofm - ok
19:33:49.0382 6020        NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:33:49.0397 6020        NetTcpPortSharing - ok
19:33:49.0756 6020        netw5v32        (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
19:33:49.0865 6020        netw5v32 - ok
19:33:50.0068 6020        nfrd960        (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
19:33:50.0084 6020        nfrd960 - ok
19:33:50.0146 6020        NlaSvc          (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
19:33:50.0208 6020        NlaSvc - ok
19:33:50.0224 6020        Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
19:33:50.0302 6020        Npfs - ok
19:33:50.0333 6020        nsi            (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
19:33:50.0364 6020        nsi - ok
19:33:50.0380 6020        nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
19:33:50.0411 6020        nsiproxy - ok
19:33:50.0567 6020        NSUService      (276bff84ad77dd23e1085e191f5a591f) C:\Program Files\sony\Network Utility\NSUService.exe
19:33:50.0598 6020        NSUService ( UnsignedFile.Multi.Generic ) - warning
19:33:50.0598 6020        NSUService - detected UnsignedFile.Multi.Generic (1)
19:33:50.0739 6020        Ntfs            (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
19:33:50.0801 6020        Ntfs - ok
19:33:50.0817 6020        Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
19:33:50.0848 6020        Null - ok
19:33:50.0879 6020        nvraid          (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
19:33:50.0895 6020        nvraid - ok
19:33:50.0957 6020        nvstor          (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
19:33:50.0973 6020        nvstor - ok
19:33:51.0020 6020        nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
19:33:51.0035 6020        nv_agp - ok
19:33:51.0082 6020        ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
19:33:51.0113 6020        ohci1394 - ok
19:33:51.0176 6020        p2pimsvc        (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
19:33:51.0222 6020        p2pimsvc - ok
19:33:51.0285 6020        p2psvc          (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
19:33:51.0316 6020        p2psvc - ok
19:33:51.0425 6020        PACSPTISVR      (b8040c5c1fc1fbbbe5c78cb9eda343ec) C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
19:33:51.0456 6020        PACSPTISVR ( UnsignedFile.Multi.Generic ) - warning
19:33:51.0456 6020        PACSPTISVR - detected UnsignedFile.Multi.Generic (1)
19:33:51.0488 6020        Parport        (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
19:33:51.0534 6020        Parport - ok
19:33:51.0566 6020        partmgr        (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
19:33:51.0597 6020        partmgr - ok
19:33:51.0597 6020        Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
19:33:51.0628 6020        Parvdm - ok
19:33:51.0659 6020        PcaSvc          (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
19:33:51.0690 6020        PcaSvc - ok
19:33:51.0737 6020        pci            (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
19:33:51.0753 6020        pci - ok
19:33:51.0784 6020        pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
19:33:51.0800 6020        pciide - ok
19:33:51.0815 6020        pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
19:33:51.0831 6020        pcmcia - ok
19:33:51.0846 6020        pcw            (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
19:33:51.0862 6020        pcw - ok
19:33:51.0940 6020        PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
19:33:51.0987 6020        PEAUTH - ok
19:33:52.0127 6020        pla            (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
19:33:52.0205 6020        pla - ok
19:33:52.0377 6020        PlugPlay        (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
19:33:52.0424 6020        PlugPlay - ok
19:33:52.0455 6020        PNRPAutoReg    (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
19:33:52.0502 6020        PNRPAutoReg - ok
19:33:52.0548 6020        PNRPsvc        (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
19:33:52.0580 6020        PNRPsvc - ok
19:33:52.0626 6020        PolicyAgent    (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
19:33:52.0673 6020        PolicyAgent - ok
19:33:52.0704 6020        Power          (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
19:33:52.0736 6020        Power - ok
19:33:52.0814 6020        PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
19:33:52.0876 6020        PptpMiniport - ok
19:33:52.0907 6020        Processor      (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
19:33:52.0938 6020        Processor - ok
19:33:52.0970 6020        ProfSvc        (cadefac453040e370a1bdff3973be00d) C:\Windows\system32\profsvc.dll
19:33:53.0016 6020        ProfSvc - ok
19:33:53.0063 6020        ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
19:33:53.0063 6020        ProtectedStorage - ok
19:33:53.0126 6020        Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
19:33:53.0141 6020        Psched - ok
19:33:53.0188 6020        PxHelp20        (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys
19:33:53.0188 6020        PxHelp20 - ok
19:33:53.0313 6020        ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
19:33:53.0391 6020        ql2300 - ok
19:33:53.0562 6020        ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
19:33:53.0594 6020        ql40xx - ok
19:33:53.0625 6020        QWAVE          (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
19:33:53.0656 6020        QWAVE - ok
19:33:53.0687 6020        QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
19:33:53.0703 6020        QWAVEdrv - ok
19:33:53.0703 6020        RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
19:33:53.0750 6020        RasAcd - ok
19:33:53.0812 6020        RasAgileVpn    (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:33:53.0859 6020        RasAgileVpn - ok
19:33:53.0890 6020        RasAuto        (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
19:33:53.0921 6020        RasAuto - ok
19:33:53.0952 6020        Rasl2tp        (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:33:53.0984 6020        Rasl2tp - ok
19:33:54.0030 6020        RasMan          (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
19:33:54.0108 6020        RasMan - ok
19:33:54.0140 6020        RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
19:33:54.0186 6020        RasPppoe - ok
19:33:54.0218 6020        RasSstp        (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
19:33:54.0264 6020        RasSstp - ok
19:33:54.0327 6020        rdbss          (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
19:33:54.0389 6020        rdbss - ok
19:33:54.0405 6020        rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
19:33:54.0420 6020        rdpbus - ok
19:33:54.0452 6020        RDPCDD          (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:33:54.0483 6020        RDPCDD - ok
19:33:54.0514 6020        RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
19:33:54.0545 6020        RDPENCDD - ok
19:33:54.0576 6020        RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
19:33:54.0608 6020        RDPREFMP - ok
19:33:54.0654 6020        RDPWD          (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
19:33:54.0717 6020        RDPWD - ok
19:33:54.0764 6020        rdyboost        (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
19:33:54.0779 6020        rdyboost - ok
19:33:54.0826 6020        regi            (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys
19:33:54.0842 6020        regi - ok
19:33:54.0982 6020        RegSrvc        (7eeeec28a34516e66137f355dcc15bdb) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
19:33:54.0982 6020        RegSrvc ( UnsignedFile.Multi.Generic ) - warning
19:33:54.0998 6020        RegSrvc - detected UnsignedFile.Multi.Generic (1)
19:33:55.0029 6020        RemoteAccess    (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
19:33:55.0091 6020        RemoteAccess - ok
19:33:55.0122 6020        RemoteRegistry  (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
19:33:55.0169 6020        RemoteRegistry - ok
19:33:55.0216 6020        RFCOMM          (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
19:33:55.0278 6020        RFCOMM - ok
19:33:55.0325 6020        rimsptsk        (f7d9ecf41ebd3cf6c65944368150f66b) C:\Windows\system32\DRIVERS\rimsptsk.sys
19:33:55.0388 6020        rimsptsk - ok
19:33:55.0419 6020        risdptsk        (1be6c42767a7c67ba31ae32b293b37a3) C:\Windows\system32\DRIVERS\risdptsk.sys
19:33:55.0450 6020        risdptsk - ok
19:33:55.0481 6020        RpcEptMapper    (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
19:33:55.0528 6020        RpcEptMapper - ok
19:33:55.0559 6020        RpcLocator      (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
19:33:55.0590 6020        RpcLocator - ok
19:33:55.0637 6020        RpcSs          (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
19:33:55.0684 6020        RpcSs - ok
19:33:55.0715 6020        rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
19:33:55.0762 6020        rspndr - ok
19:33:55.0824 6020        RTHDMIAzAudService (a95b16ff762ff217847b97e6f05778ee) C:\Windows\system32\drivers\RtHDMIV.sys
19:33:55.0840 6020        RTHDMIAzAudService - ok
19:33:55.0934 6020        RtkAudioService (4b3795ebecae570def38ba7924c2a3dc) C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
19:33:55.0949 6020        RtkAudioService - ok
19:33:55.0980 6020        SamSs          (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
19:33:55.0996 6020        SamSs - ok
19:33:56.0058 6020        sbp2port        (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
19:33:56.0074 6020        sbp2port - ok
19:33:56.0121 6020        SCardSvr        (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
19:33:56.0152 6020        SCardSvr - ok
19:33:56.0199 6020        scfilter        (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
19:33:56.0246 6020        scfilter - ok
19:33:56.0339 6020        Schedule        (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
19:33:56.0417 6020        Schedule - ok
19:33:56.0448 6020        SCPolicySvc    (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
19:33:56.0480 6020        SCPolicySvc - ok
19:33:56.0542 6020        SDRSVC          (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
19:33:56.0589 6020        SDRSVC - ok
19:33:56.0651 6020        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:33:56.0682 6020        secdrv - ok
19:33:56.0729 6020        seclogon        (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
19:33:56.0776 6020        seclogon - ok
19:33:56.0792 6020        SENS            (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
19:33:56.0823 6020        SENS - ok
19:33:56.0870 6020        SensrSvc        (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
19:33:56.0885 6020        SensrSvc - ok
19:33:56.0916 6020        Serenum        (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
19:33:56.0948 6020        Serenum - ok
19:33:56.0979 6020        Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
19:33:57.0010 6020        Serial - ok
19:33:57.0057 6020        sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
19:33:57.0088 6020        sermouse - ok
19:33:57.0150 6020        SessionEnv      (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
19:33:57.0182 6020        SessionEnv - ok
19:33:57.0228 6020        SFEP            (8b7c1768d2cde2e02e09a66563ddfd16) C:\Windows\system32\DRIVERS\SFEP.sys
19:33:57.0275 6020        SFEP - ok
19:33:57.0338 6020        sffdisk        (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
19:33:57.0384 6020        sffdisk - ok
19:33:57.0416 6020        sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
19:33:57.0431 6020        sffp_mmc - ok
19:33:57.0462 6020        sffp_sd        (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
19:33:57.0478 6020        sffp_sd - ok
19:33:57.0556 6020        sfloppy        (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
19:33:57.0587 6020        sfloppy - ok
19:33:57.0634 6020        SharedAccess    (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
19:33:57.0681 6020        SharedAccess - ok
19:33:57.0743 6020        ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
19:33:57.0806 6020        ShellHWDetection - ok
19:33:57.0852 6020        sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
19:33:57.0868 6020        sisagp - ok
19:33:57.0899 6020        SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:33:57.0915 6020        SiSRaid2 - ok
19:33:57.0946 6020        SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
19:33:57.0962 6020        SiSRaid4 - ok
19:33:57.0993 6020        Smb            (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
19:33:58.0008 6020        Smb - ok
19:33:58.0071 6020        SNMPTRAP        (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
19:33:58.0102 6020        SNMPTRAP - ok
19:33:58.0898 6020        SNPSTD3        (9cd6ffc9f5b999eb5df69b9177d9848f) C:\Windows\system32\DRIVERS\snpstd3.sys
19:33:59.0210 6020        SNPSTD3 - ok
19:33:59.0397 6020        SOHCImp        (7b24efa2a60ba7388fecda63ab24560a) C:\Program Files\Common Files\Sony Shared\SOHLib\SOHCImp.exe
19:33:59.0412 6020        SOHCImp - ok
19:33:59.0444 6020        SOHDBSvr        (140fcf5ffae4efba9740a9fd8b49e0bf) C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
19:33:59.0459 6020        SOHDBSvr - ok
19:33:59.0490 6020        SOHDms          (d8c244121a06b581b097d9617d94cff1) C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDms.exe
19:33:59.0522 6020        SOHDms - ok
19:33:59.0537 6020        SOHDs          (2db561887ea122b946bbe2821473edd8) C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDs.exe
19:33:59.0553 6020        SOHDs - ok
19:33:59.0568 6020        SOHPlMgr        (ab9ee246a1eb2c3c7c6cb16e0b9462f7) C:\Program Files\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
19:33:59.0568 6020        SOHPlMgr - ok
19:33:59.0740 6020        spldr          (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
19:33:59.0771 6020        spldr - ok
19:33:59.0834 6020        Spooler        (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
19:33:59.0896 6020        Spooler - ok
19:34:00.0161 6020        sppsvc          (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
19:34:00.0286 6020        sppsvc - ok
19:34:00.0442 6020        sppuinotify    (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
19:34:00.0473 6020        sppuinotify - ok
19:34:00.0582 6020        srv            (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
19:34:00.0629 6020        srv - ok
19:34:00.0660 6020        srv2            (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
19:34:00.0707 6020        srv2 - ok
19:34:00.0754 6020        SrvHsfHDA      (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
19:34:00.0816 6020        SrvHsfHDA - ok
19:34:00.0926 6020        SrvHsfV92      (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
19:34:00.0972 6020        SrvHsfV92 - ok
19:34:01.0050 6020        SrvHsfWinac    (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
19:34:01.0082 6020        SrvHsfWinac - ok
19:34:01.0128 6020        srvnet          (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
19:34:01.0144 6020        srvnet - ok
19:34:01.0191 6020        SSDPSRV        (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
19:34:01.0238 6020        SSDPSRV - ok
19:34:01.0284 6020        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
19:34:01.0300 6020        ssmdrv - ok
19:34:01.0331 6020        SstpSvc        (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
19:34:01.0362 6020        SstpSvc - ok
19:34:01.0409 6020        stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
19:34:01.0425 6020        stexstor - ok
19:34:01.0503 6020        StiSvc          (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
19:34:01.0565 6020        StiSvc - ok
19:34:01.0596 6020        swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
19:34:01.0612 6020        swenum - ok
19:34:01.0643 6020        swprv          (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
19:34:01.0674 6020        swprv - ok
19:34:01.0799 6020        SysMain        (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
19:34:01.0862 6020        SysMain - ok
19:34:01.0893 6020        TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
19:34:01.0908 6020        TabletInputService - ok
19:34:01.0955 6020        TapiSrv        (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
19:34:02.0002 6020        TapiSrv - ok
19:34:02.0033 6020        TBS            (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
19:34:02.0080 6020        TBS - ok
19:34:02.0283 6020        Tcpip          (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
19:34:02.0361 6020        Tcpip - ok
19:34:02.0392 6020        TCPIP6          (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
19:34:02.0423 6020        TCPIP6 - ok
19:34:02.0486 6020        tcpipreg        (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
19:34:02.0548 6020        tcpipreg - ok
19:34:02.0595 6020        TDPIPE          (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
19:34:02.0642 6020        TDPIPE - ok
19:34:02.0688 6020        TDTCP          (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
19:34:02.0720 6020        TDTCP - ok
19:34:02.0751 6020        tdx            (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
19:34:02.0813 6020        tdx - ok
19:34:02.0844 6020        TermDD          (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
19:34:02.0860 6020        TermDD - ok
19:34:02.0922 6020        TermService    (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
19:34:02.0969 6020        TermService - ok
19:34:03.0000 6020        Themes          (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
19:34:03.0032 6020        Themes - ok
19:34:03.0063 6020        THREADORDER    (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
19:34:03.0094 6020        THREADORDER - ok
19:34:03.0125 6020        TrkWks          (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
19:34:03.0172 6020        TrkWks - ok
19:34:03.0234 6020        TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
19:34:03.0297 6020        TrustedInstaller - ok
19:34:03.0312 6020        tssecsrv        (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:34:03.0344 6020        tssecsrv - ok
19:34:03.0390 6020        TsUsbFlt        (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
19:34:03.0453 6020        TsUsbFlt - ok
19:34:03.0515 6020        tunnel          (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
19:34:03.0562 6020        tunnel - ok
19:34:03.0609 6020        uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
19:34:03.0609 6020        uagp35 - ok
19:34:03.0718 6020        uCamMonitor    (63f6d08c54d5b3c1b12a6172032055c7) C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
19:34:03.0734 6020        uCamMonitor - ok
19:34:03.0796 6020        udfs            (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
19:34:03.0843 6020        udfs - ok
19:34:03.0890 6020        UI0Detect      (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
19:34:03.0936 6020        UI0Detect - ok
19:34:03.0983 6020        uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
19:34:03.0999 6020        uliagpkx - ok
19:34:04.0092 6020        umbus          (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
19:34:04.0124 6020        umbus - ok
19:34:04.0155 6020        UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
19:34:04.0202 6020        UmPass - ok
19:34:04.0233 6020        upnphost        (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
19:34:04.0280 6020        upnphost - ok
19:34:04.0311 6020        usbaudio        (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
19:34:04.0342 6020        usbaudio - ok
19:34:04.0373 6020        usbccgp        (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
19:34:04.0420 6020        usbccgp - ok
19:34:04.0451 6020        usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
19:34:04.0467 6020        usbcir - ok
19:34:04.0529 6020        usbehci        (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\drivers\usbehci.sys
19:34:04.0545 6020        usbehci - ok
19:34:04.0592 6020        usbhub          (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
19:34:04.0623 6020        usbhub - ok
19:34:04.0654 6020        usbohci        (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
19:34:04.0670 6020        usbohci - ok
19:34:04.0701 6020        usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
19:34:04.0716 6020        usbprint - ok
19:34:04.0748 6020        usbscan        (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
19:34:04.0779 6020        usbscan - ok
19:34:04.0810 6020        USBSTOR        (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:34:04.0857 6020        USBSTOR - ok
19:34:04.0919 6020        usbuhci        (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
19:34:04.0935 6020        usbuhci - ok
19:34:04.0997 6020        usbvideo        (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
19:34:05.0044 6020        usbvideo - ok
19:34:05.0075 6020        UxSms          (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
19:34:05.0122 6020        UxSms - ok
19:34:05.0262 6020        VAIO Entertainment TV Device Arbitration Service (4e7135d6d0127067e4cfee12259f895d) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
19:34:05.0278 6020        VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - warning
19:34:05.0278 6020        VAIO Entertainment TV Device Arbitration Service - detected UnsignedFile.Multi.Generic (1)
19:34:05.0387 6020        VAIO Event Service (73328c784ecfe7072bd102f370076b50) C:\Program Files\sony\VAIO Event Service\VESMgr.exe
19:34:05.0403 6020        VAIO Event Service - ok
19:34:05.0481 6020        VAIO Power Management (45a9ae4768840830d0239b52dfdc806a) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
19:34:05.0496 6020        VAIO Power Management - ok
19:34:05.0528 6020        VaultSvc        (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
19:34:05.0543 6020        VaultSvc - ok
19:34:05.0980 6020        VCFw            (0ed1d51dcec67f96cc313d02a1741cf3) C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
19:34:06.0120 6020        VCFw - ok
19:34:06.0276 6020        VcmIAlzMgr      (7295a2b5795e7b8aa128e5df5a29b656) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
19:34:06.0292 6020        VcmIAlzMgr - ok
19:34:06.0370 6020        VcmXmlIfHelper  (69c36d2a7b2169c336d9ce193c9b655e) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
19:34:06.0386 6020        VcmXmlIfHelper - ok
19:34:06.0417 6020        Vcsw - ok
19:34:06.0635 6020        vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
19:34:06.0666 6020        vdrvroot - ok
19:34:06.0729 6020        vds            (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
19:34:06.0776 6020        vds - ok
19:34:06.0822 6020        vga            (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
19:34:06.0854 6020        vga - ok
19:34:06.0885 6020        VgaSave        (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
19:34:06.0916 6020        VgaSave - ok
19:34:06.0947 6020        vhdmp          (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
19:34:06.0963 6020        vhdmp - ok
19:34:06.0978 6020        viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
19:34:06.0994 6020        viaagp - ok
19:34:07.0010 6020        ViaC7          (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
19:34:07.0041 6020        ViaC7 - ok
19:34:07.0056 6020        viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
19:34:07.0072 6020        viaide - ok
19:34:07.0119 6020        volmgr          (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
19:34:07.0134 6020        volmgr - ok
19:34:07.0166 6020        volmgrx        (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
19:34:07.0197 6020        volmgrx - ok
19:34:07.0244 6020        volsnap        (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
19:34:07.0259 6020        volsnap - ok
19:34:07.0306 6020        vsmraid        (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
19:34:07.0322 6020        vsmraid - ok
19:34:07.0446 6020        VSS            (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
19:34:07.0571 6020        VSS - ok
19:34:07.0587 6020        vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
19:34:07.0618 6020        vwifibus - ok
19:34:07.0774 6020        VzCdbSvc        (79eb419f4a694b4514249e0d3db16ecf) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
19:34:07.0805 6020        VzCdbSvc ( UnsignedFile.Multi.Generic ) - warning
19:34:07.0805 6020        VzCdbSvc - detected UnsignedFile.Multi.Generic (1)
19:34:07.0868 6020        W32Time        (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
19:34:07.0930 6020        W32Time - ok
19:34:07.0961 6020        WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
19:34:07.0992 6020        WacomPen - ok
19:34:08.0055 6020        WANARP          (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
19:34:08.0117 6020        WANARP - ok
19:34:08.0117 6020        Wanarpv6        (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
19:34:08.0133 6020        Wanarpv6 - ok
19:34:08.0258 6020        wbengine        (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
19:34:08.0336 6020        wbengine - ok
19:34:08.0382 6020        WbioSrvc        (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
19:34:08.0429 6020        WbioSrvc - ok
19:34:08.0492 6020        wcncsvc        (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
19:34:08.0538 6020        wcncsvc - ok
19:34:08.0570 6020        WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
19:34:08.0616 6020        WcsPlugInService - ok
19:34:08.0694 6020        Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
19:34:08.0710 6020        Wd - ok
19:34:08.0757 6020        Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
19:34:08.0772 6020        Wdf01000 - ok
19:34:08.0804 6020        WdiServiceHost  (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
19:34:08.0882 6020        WdiServiceHost - ok
19:34:08.0897 6020        WdiSystemHost  (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
19:34:08.0913 6020        WdiSystemHost - ok
19:34:08.0960 6020        WebClient      (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
19:34:08.0991 6020        WebClient - ok
19:34:09.0100 6020        WebfettiService (98a64d4207d5957a57b3aa8e510a5bfb) C:\PROGRA~1\Webfetti\bar\2.bin\7dbarsvc.exe
19:34:09.0116 6020        WebfettiService ( UnsignedFile.Multi.Generic ) - warning
19:34:09.0116 6020        WebfettiService - detected UnsignedFile.Multi.Generic (1)
19:34:09.0178 6020        Wecsvc          (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
19:34:09.0225 6020        Wecsvc - ok
19:34:09.0240 6020        wercplsupport  (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
19:34:09.0287 6020        wercplsupport - ok
19:34:09.0334 6020        WerSvc          (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
19:34:09.0365 6020        WerSvc - ok
19:34:09.0412 6020        WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
19:34:09.0443 6020        WfpLwf - ok
19:34:09.0490 6020        WimFltr        (090a2b8f055343815556a01f725f6c35) C:\Windows\system32\DRIVERS\wimfltr.sys
19:34:09.0506 6020        WimFltr - ok
19:34:09.0521 6020        WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
19:34:09.0537 6020        WIMMount - ok
19:34:09.0537 6020        winachsf - ok
19:34:09.0677 6020        WinDefend      (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
19:34:09.0724 6020        WinDefend - ok
19:34:09.0740 6020        WinHttpAutoProxySvc - ok
19:34:09.0818 6020        Winmgmt        (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
19:34:09.0880 6020        Winmgmt - ok
19:34:09.0989 6020        WinRM          (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
19:34:10.0083 6020        WinRM - ok
19:34:10.0192 6020        WinUsb          (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
19:34:10.0239 6020        WinUsb - ok
19:34:10.0332 6020        Wlansvc        (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
19:34:10.0364 6020        Wlansvc - ok
19:34:10.0395 6020        WmiAcpi        (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
19:34:10.0410 6020        WmiAcpi - ok
19:34:10.0488 6020        wmiApSrv        (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
19:34:10.0535 6020        wmiApSrv - ok
19:34:10.0722 6020        WMPNetworkSvc  (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
19:34:10.0769 6020        WMPNetworkSvc - ok
19:34:10.0800 6020        WPCSvc          (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
19:34:10.0832 6020        WPCSvc - ok
19:34:10.0863 6020        WPDBusEnum      (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
19:34:10.0894 6020        WPDBusEnum - ok
19:34:10.0941 6020        ws2ifsl        (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
19:34:10.0988 6020        ws2ifsl - ok
19:34:11.0019 6020        wscsvc          (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
19:34:11.0066 6020        wscsvc - ok
19:34:11.0066 6020        WSearch - ok
19:34:11.0237 6020        wuauserv        (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
19:34:11.0331 6020        wuauserv - ok
19:34:11.0487 6020        WudfPf          (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
19:34:11.0534 6020        WudfPf - ok
19:34:11.0565 6020        WUDFRd          (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:34:11.0596 6020        WUDFRd - ok
19:34:11.0643 6020        wudfsvc        (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
19:34:11.0674 6020        wudfsvc - ok
19:34:11.0721 6020        WwanSvc        (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
19:34:11.0768 6020        WwanSvc - ok
19:34:11.0846 6020        yukonw7        (b07c5b7efdf936ff93d4f540938725be) C:\Windows\system32\DRIVERS\yk62x86.sys
19:34:11.0861 6020        yukonw7 - ok
19:34:11.0892 6020        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:34:12.0298 6020        \Device\Harddisk0\DR0 - ok
19:34:12.0314 6020        Boot (0x1200)  (2b905d939a30e773cfb21b98b962b1bb) \Device\Harddisk0\DR0\Partition0
19:34:12.0314 6020        \Device\Harddisk0\DR0\Partition0 - ok
19:34:12.0314 6020        ============================================================
19:34:12.0314 6020        Scan finished
19:34:12.0314 6020        ============================================================
19:34:12.0392 2244        Detected object count: 10
19:34:12.0392 2244        Actual detected object count: 10
19:34:35.0604 2244        EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - skipped by user
19:34:35.0604 2244        EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:34:35.0604 2244        EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
19:34:35.0604 2244        EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:34:35.0604 2244        hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
19:34:35.0604 2244        hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:34:35.0620 2244        hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:34:35.0620 2244        hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:34:35.0620 2244        NSUService ( UnsignedFile.Multi.Generic ) - skipped by user
19:34:35.0620 2244        NSUService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:34:35.0620 2244        PACSPTISVR ( UnsignedFile.Multi.Generic ) - skipped by user
19:34:35.0620 2244        PACSPTISVR ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:34:35.0620 2244        RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:34:35.0620 2244        RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:34:35.0620 2244        VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:34:35.0620 2244        VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:34:35.0620 2244        VzCdbSvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:34:35.0620 2244        VzCdbSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:34:35.0620 2244        WebfettiService ( UnsignedFile.Multi.Generic ) - skipped by user
19:34:35.0620 2244        WebfettiService ( UnsignedFile.Multi.Generic ) - User select action: Skip

cosinus 25.06.2012 07:52
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

magicfortune 25.06.2012 10:10
So hier ist der Combofix log

Code:
ComboFix 12-06-25.02 - Désirée 25.06.2012  10:55:55.1.2 - x86
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.3039.1682 [GMT 2:00]
ausgeführt von:: c:\users\DÚsirÚe\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files\Webfetti\bar\2.bin\7dBAr.dll
c:\programdata\Roaming
c:\users\Désirée\Kq1vga41c.exe
c:\windows\IsUn0407.exe
c:\windows\security\Database\tmp.edb
c:\windows\system32\SET560C.tmp
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-05-25 bis 2012-06-25  ))))))))))))))))))))))))))))))
.
.
2012-06-25 09:04 . 2012-06-25 09:04        --------        d-----w-        c:\users\Default\AppData\Local\temp
2012-06-25 08:47 . 2012-06-25 08:47        --------        d-----w-        C:\c30a2a61f5015bb8fe48004e
2012-06-23 17:24 . 2012-06-25 08:59        56200        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{0C4BD307-405B-41EF-9691-60466410D2AE}\offreg.dll
2012-06-23 17:06 . 2012-06-23 17:06        476936        ----a-w-        c:\windows\system32\npdeployJava1.dll
2012-06-23 07:45 . 2012-05-31 03:41        6762896        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{0C4BD307-405B-41EF-9691-60466410D2AE}\mpengine.dll
2012-06-23 07:27 . 2012-06-23 07:27        --------        d-----w-        C:\fe76a9076969f8e450ab0fd38fee7b
2012-06-23 07:27 . 2012-06-23 07:27        --------        d-----w-        c:\windows\CheckSur
2012-06-21 18:04 . 2012-06-21 18:04        770384        ----a-w-        c:\program files\Mozilla Firefox\msvcr100.dll
2012-06-21 18:04 . 2012-06-21 18:04        421200        ----a-w-        c:\program files\Mozilla Firefox\msvcp100.dll
2012-06-21 17:58 . 2012-06-02 22:19        53784        ----a-w-        c:\windows\system32\wuauclt.exe
2012-06-21 17:58 . 2012-06-02 22:19        45080        ----a-w-        c:\windows\system32\wups2.dll
2012-06-21 17:58 . 2012-06-02 22:19        1933848        ----a-w-        c:\windows\system32\wuaueng.dll
2012-06-21 17:58 . 2012-06-02 22:12        2422272        ----a-w-        c:\windows\system32\wucltux.dll
2012-06-21 17:57 . 2012-06-02 13:19        171904        ----a-w-        c:\windows\system32\wuwebv.dll
2012-06-21 17:57 . 2012-06-02 13:12        33792        ----a-w-        c:\windows\system32\wuapp.exe
2012-06-20 15:08 . 2012-06-20 15:08        --------        d-----w-        C:\found.000
2012-06-20 14:29 . 2012-06-20 14:29        --------        d-----w-        C:\_OTL
2012-06-14 19:48 . 2012-06-14 19:48        --------        d-----w-        c:\users\Désirée\AppData\Local\Macromedia
2012-06-13 18:01 . 2012-04-28 03:17        183808        ----a-w-        c:\windows\system32\drivers\rdpwd.sys
2012-06-12 15:59 . 2012-06-12 15:59        --------        d-----w-        c:\program files\ESET
2012-06-10 18:23 . 2012-06-10 18:23        --------        d-----w-        c:\users\Désirée\AppData\Roaming\Avira
2012-06-10 18:17 . 2012-04-16 19:17        36000        ----a-w-        c:\windows\system32\drivers\avkmgr.sys
2012-06-10 18:17 . 2012-04-27 08:20        137928        ----a-w-        c:\windows\system32\drivers\avipbb.sys
2012-06-10 18:17 . 2012-04-24 22:32        83392        ----a-w-        c:\windows\system32\drivers\avgntflt.sys
2012-06-10 18:17 . 2012-06-10 18:17        --------        d-----w-        c:\programdata\Avira
2012-06-10 18:17 . 2012-06-10 18:17        --------        d-----w-        c:\program files\Avira
2012-06-10 14:56 . 2012-06-10 14:56        --------        d-----w-        c:\users\Désirée\AppData\Roaming\Malwarebytes
2012-06-10 14:56 . 2012-06-10 14:56        --------        d-----w-        c:\programdata\Malwarebytes
2012-06-10 14:56 . 2012-06-10 14:56        --------        d-----w-        c:\program files\Malwarebytes' Anti-Malware
2012-06-10 14:56 . 2012-04-04 13:56        22344        ----a-w-        c:\windows\system32\drivers\mbam.sys
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-23 17:06 . 2010-05-02 19:13        472840        ----a-w-        c:\windows\system32\deployJava1.dll
2012-06-23 17:04 . 2012-04-12 19:44        426184        ----a-w-        c:\windows\system32\FlashPlayerApp.exe
2012-06-23 17:04 . 2011-06-15 21:42        70344        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-31 04:39 . 2012-05-12 08:55        3968368        ----a-w-        c:\windows\system32\ntkrnlpa.exe
2012-03-31 04:39 . 2012-05-12 08:55        3913072        ----a-w-        c:\windows\system32\ntoskrnl.exe
2012-03-30 10:23 . 2012-05-12 08:55        1291632        ----a-w-        c:\windows\system32\drivers\tcpip.sys
2012-03-08 18:50 . 2012-03-08 18:50        8862099        ----a-w-        c:\program files\Setup_MHRemake.exe
2012-06-21 18:05 . 2011-04-09 18:24        85472        ----a-w-        c:\program files\mozilla firefox\components\browsercomps.dll
2010-07-30 20:10 . 2010-07-30 20:10        119808        ----a-w-        c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-12-21 274432]
"DriverScanner"="c:\program files\Uniblue\DriverScanner\launcher.exe" [2011-05-16 338296]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2009-04-13 155648]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-01-06 6703648]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-01-06 1833504]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-30 30192]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2008-12-18 317288]
"MarketingTools"="c:\program files\Sony\Marketing Tools\MarketingTools.exe" [2009-06-17 26624]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2009-05-20 111928]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-12-09 74752]
"mumservice"="c:\program files\Motorola\Software Update\mumservice.exe" [2011-02-02 1066304]
"EEventManager"="c:\program files\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 976320]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-05-01 348624]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\users\Désirée\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-3-1 789032]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-01-19 10:49        98304        ------w-        c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=""
"FirewallOverride"=""
.
R2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2008-12-19 415592]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 250056]
R3 camfilt2;camfilt2;c:\windows\system32\DRIVERS\camfilt2.sys [2007-08-06 94720]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-07-30 30192]
R3 hxctlflt;hxctlflt;c:\windows\system32\DRIVERS\hxctlflt.sys [2009-02-09 99968]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 22344]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [x]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [x]
R3 MotDev;Motorola Inc. USB Device;c:\windows\system32\DRIVERS\motodrv.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-21 113120]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-02-05 120104]
R3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-02-05 70952]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-02-05 390440]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-02-05 75048]
R3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-02-05 91432]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2009-01-16 83240]
R4 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-04-16 36000]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 176128]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2012-05-01 86224]
S2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE [2009-09-14 153600]
S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE [2009-09-14 121856]
S2 MotoHelper;MotoHelper Service;c:\program files\Motorola\MotoHelper\MotoHelperService.exe [2011-08-10 227184]
S2 NSUService;NSUService;c:\program files\sony\Network Utility\NSUService.exe [2008-12-21 303104]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 11032]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService.exe [2009-01-06 109088]
S2 uCamMonitor;CamMonitor;c:\program files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 VCFw;VAIO Content Folder Watcher;c:\program files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-01-14 5184872]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-01-19 394536]
S2 WebfettiService;Webfetti Service;c:\progra~1\Webfetti\bar\2.bin\7dbarsvc.exe [2011-04-02 36864]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2008-04-24 17920]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-10 29736]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000-Serie - Adaptertreiber für Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2008-11-19 9344]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
S3 yukonw7;NDIS6.2-Miniporttreiber für Marvell Yukon-Ethernet-Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 24769774
*Deregistered* - 24769774
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt        REG_MULTI_SZ          hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-06-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 17:04]
.
2012-06-24 c:\windows\Tasks\DriverScanner.job
- c:\program files\Uniblue\DriverScanner\dsmonitor.exe [2011-08-03 09:22]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://start.icq.com/
mStart Page = hxxp://home.sweetim.com
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Free YouTube Download - c:\users\Désirée\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1
Handler: webwebweb - {879506D7-73DF-8D45-BBDD-123467926D12} -
FF - ProfilePath - c:\users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\gjpz37rw.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.1&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=CDS&o=16225&locale=en_US&apn_uid=6789FF94-1B5C-418F-AB67-D056611F19BA&apn_ptnrs=QQ&apn_sauid=B0654D97-0C66-4B09-B061-B47EE50BE6D3&apn_dtid=YYYYYYYYDE&&q=
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
pref('extensions.shownSelectionUI',true);
pref('extensions.autoDisableScopes',0);
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files\Ask.com\GenericAskToolbar.dll
URLSearchHooks-{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - c:\program files\Winamp Toolbar\winamptb.dll
URLSearchHooks-{EEE6C35D-6118-11DC-9C72-001320C79847} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
AddRemove-Adobe Acrobat 5.0 - c:\windows\ISUN0407.EXE
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000004
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-06-25  11:07:21
ComboFix-quarantined-files.txt  2012-06-25 09:07
.
Vor Suchlauf: 15 Verzeichnis(se), 219.246.903.296 Bytes frei
Nach Suchlauf: 24 Verzeichnis(se), 219.706.195.968 Bytes frei
.
- - End Of File - - 03A80E941127607E1C65280131679266
mfg
magicfortune

cosinus 25.06.2012 12:09
Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

magicfortune 25.06.2012 13:26
So hier erstmal das gmer Log
Code:
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-06-25 14:23:14
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD32 rev.11.0
Running: 6jb2pnmk.exe; Driver: C:\Users\DSIRE~1\AppData\Local\Temp\kxdiifod.sys


---- System - GMER 1.0.15 ----

SSDT  905D4DBE                                                                                          ZwCreateSection
SSDT  905D4DC8                                                                                          ZwRequestWaitReplyPort
SSDT  905D4DC3                                                                                          ZwSetContextThread
SSDT  905D4DCD                                                                                          ZwSetSecurityObject
SSDT  905D4DD2                                                                                          ZwSystemDebugControl
SSDT  905D4D5F                                                                                          ZwTerminateProcess

---- Kernel code sections - GMER 1.0.15 ----

.text  ntkrnlpa.exe!ZwRollbackEnlistment + 140D                                                          834403C9 1 Byte  [06]
.text  ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                            83479D52 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text  ntkrnlpa.exe!KeRemoveQueueEx + 11F7                                                                83480EAC 4 Bytes  [BE, 4D, 5D, 90]
.text  ntkrnlpa.exe!KeRemoveQueueEx + 1553                                                                83481208 4 Bytes  [C8, 4D, 5D, 90] {ENTER 0x5d4d, 0x90}
.text  ntkrnlpa.exe!KeRemoveQueueEx + 1597                                                                8348124C 4 Bytes  [C3, 4D, 5D, 90] {RET ; DEC EBP; POP EBP; NOP }
.text  ntkrnlpa.exe!KeRemoveQueueEx + 1613                                                                834812C8 4 Bytes  [CD, 4D, 5D, 90] {INT 0x4d; POP EBP; NOP }
.text  ntkrnlpa.exe!KeRemoveQueueEx + 1667                                                                8348131C 4 Bytes  [D2, 4D, 5D, 90] {ROR BYTE [EBP+0x5d], CL; NOP }
.text  ...                                                                                               
.text  C:\Windows\system32\DRIVERS\atikmdag.sys                                                          section is writeable [0x91E1A000, 0x2D5378, 0xE8000020]

---- User IAT/EAT - GMER 1.0.15 ----

IAT    C:\Windows\Explorer.EXE[2444] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc]                    [741424CB] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2444] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup]              [7412562E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2444] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown]              [741256EC] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2444] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree]                    [74142546] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2444] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics]          [741385AA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2444] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage]            [74134D5E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2444] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth]            [74135105] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2444] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight]          [741351DA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2444] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP]  [74136707] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2444] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC]            [74138301] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2444] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode]      [74138850] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2444] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode]    [741390B1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2444] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI]          [7413E254] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[2444] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage]              [74134C90] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002433d377d6                       
Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002433d377d6@0017e6f42513          0xDB 0xB4 0x05 0xC5 ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings                         
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002433d377d6 (not active ControlSet)   
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002433d377d6@0017e6f42513              0xDB 0xB4 0x05 0xC5 ...
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings (not active ControlSet)     

---- EOF - GMER 1.0.15 ----
So und hier das osam log

Code:
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 14:40:35 on 25.06.2012

OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 32-bit
Default Browser: Mozilla Corporation Firefox 13.0.1

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[AppInit DLLs]
-----( HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows )-----
"AppInit_DLLs" - "Google" - c:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll

[Common]
-----( %SystemRoot%\Tasks )-----
"DriverScanner.job" - "Uniblue Systems Limited" - C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
"Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl
"iproset.cpl" - "Intel(R) Corporation" - C:\Windows\system32\iproset.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"PROSet Tools" - "Intel(R) Corporation" - C:\Windows\System32\iPROSet.cpl
"QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys
"avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys
"catchme" (catchme) - ? - C:\Users\DSIRE~1\AppData\Local\Temp\catchme.sys  (File not found)
"FssFltr" (fssfltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\fssfltr.sys
"HSF_DPV" (HSF_DPV) - ? - C:\Windows\System32\DRIVERS\HSX_DPV.sys  (File not found)
"HSXHWAZL" (HSXHWAZL) - ? - C:\Windows\System32\DRIVERS\HSXHWAZL.sys  (File not found)
"kxdiifod" (kxdiifod) - ? - C:\Users\DSIRE~1\AppData\Local\Temp\kxdiifod.sys  (Hidden registry entry, rootkit activity | File not found)
"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys
"mdmxsdk" (mdmxsdk) - ? - C:\Windows\System32\DRIVERS\mdmxsdk.sys  (File not found)
"MotCcgpFlService" (motccgpfl) - ? - C:\Windows\System32\DRIVERS\motccgpfl.sys  (File not found)
"Motorola Inc. USB Device" (MotDev) - ? - C:\Windows\System32\DRIVERS\motodrv.sys  (File not found)
"Motorola USB Composite Device Driver" (motccgp) - ? - C:\Windows\System32\DRIVERS\motccgp.sys  (File not found)
"regi" (regi) - "InterVideo" - C:\Windows\System32\drivers\regi.sys
"Sony DMI Call service" (DMICall) - "Sony Corporation" - C:\Windows\System32\DRIVERS\DMICall.sys
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys
"WimFltr" (WimFltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\wimfltr.sys
"winachsf" (winachsf) - ? - C:\Windows\System32\DRIVERS\HSX_CNXT.sys  (File not found)

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
{0561EC90-CE54-4f0c-9C55-E226110A740C} "{0561EC90-CE54-4f0c-9C55-E226110A740C}" - ? -  (File not found | COM-object registry key not found)
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
-----( HKLM\Software\Classes\Protocols\Handler )-----
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
{B658800C-F66E-4EF3-AB85-6C0C227862A9} "ViProtocolOLE Class" - ? - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll
{879506D7-73DF-8D45-BBDD-123467926D12} "Webwebweb Pluggable Protocol" - ? - C:\Program Files\WebWebWeb\Plugin\Version_449\link64_plugin.dll  (File not found)
{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? -  (File not found | COM-object registry key not found)
{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files\7-Zip\7-zip.dll
{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? -  (File not found | COM-object registry key not found)
{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? -  (File not found | COM-object registry key not found)
{0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? -  (File not found | COM-object registry key not found)
{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? -  (File not found | COM-object registry key not found)
{327669A0-59A7-4be9-B99E-1C9F3A57611A} "Haali Matroska Thumbnail Exctractor" - ? -  (File not found | COM-object registry key not found)
{00020d75-0000-0000-c000-000000000046} "lnkfile" - ? -  (File not found | COM-object registry key not found)
{7842554E-6BED-11D2-8CDB-B05550C10000} "Monitor Class" - "Broadcom Corporation." - C:\Program Files\WIDCOMM\Bluetooth Software\btncopy.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{AE424E85-F6DF-4910-A6A9-438797986431} "OpenOffice.org Property Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\propertyhdl.dll
{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? -  (File not found | COM-object registry key not found)
{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? -  (File not found | COM-object registry key not found)
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll
{5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - "Advanced Micro Devices, Inc." - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
{6F5C0F40-1419-4DC8-8D2F-D5EC5FCF07AB} "Sprint.ExplorerIntegration.9" - "ABBYY" - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Integration\SprintIntegration.dll
{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -  (File not found | COM-object registry key not found)
{E0D79304-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - C:\Program Files\WinZip\wzshlstb.dll
{E0D79305-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - C:\Program Files\WinZip\wzshlstb.dll
{E0D79306-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - C:\Program Files\WinZip\wzshlstb.dll
{E0D79307-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - C:\Program Files\WinZip\wzshlstb.dll
{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -  (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -  (File not found | COM-object registry key not found)
-----( HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks )-----
 "{855F3B16-6D32-4fe6-8A56-BBB695989046}" - ? -  (File not found | COM-object registry key not found)
{855F3B16-6D32-4fe6-8A56-BBB695989046} "{855F3B16-6D32-4fe6-8A56-BBB695989046}" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} "Java Plug-in 1.6.0_07" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_33" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} "Java Plug-in 1.6.0_33" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_33" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_33.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
"@C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015" - ? - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
{5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
"PokerStars.net" - "PokerStars" - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "AVG Security Toolbar" - ? - C:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "Adobe PDF Reader" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
{95B7759C-8C7F-4BF1-B163-73684A933233} "AVG Security Toolbar" - ? - C:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
{3E532CE8-C6D9-4A10-8ACE-4348C96E8B6A} "FastestTubeBHO Class" - "Kwizzu" - C:\Program Files\FastestTube\1.2.12\WombatBHO.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\ssv.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} "{9421DD08-935F-4701-A9CA-22DF90AC4EA6}" - ? -  (File not found | COM-object registry key not found)

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Désirée\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"OpenOffice.org 3.3.lnk" - ? - C:\Program Files\OpenOffice.org 3\program\quickstart.exe  (Shortcut exists | File found, but it contains no detailed information | File exists)
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"HP Digital Imaging Monitor.lnk" - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe  (Shortcut exists | File exists)
"Bluetooth.lnk" - "Broadcom Corporation." - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe  (Shortcut exists | File exists)
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"DriverScanner" - "Uniblue Systems Limited" - "C:\Program Files\Uniblue\DriverScanner\launcher.exe" delay 20000
"NSUFloatingUI" - "Sony Corporation" - "C:\Program Files\Sony\Network Utility\LANUtil.exe"
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
"EEventManager" - "SEIKO EPSON CORPORATION" - "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
"Google Desktop Search" - "Google" - "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
"HP Software Update" - "Hewlett-Packard Co." - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
"ISBMgr.exe" - ? - "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
"MarketingTools" - "Sony Corporation" - C:\Program Files\Sony\Marketing Tools\MarketingTools.exe
"mumservice" - "Motorola" - C:\Program Files\Motorola\Software Update\mumservice.exe
"QuickTime Task" - "Apple Inc." - "C:\Program Files\QuickTime\QTTask.exe" -atboottime
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"SweetIM" - "SweetIM Technologies Ltd." - C:\Program Files\SweetIM\Messenger\SweetIM.exe
"vProt" - ? - "C:\Program Files\AVG Secure Search\vprot.exe"
"WinampAgent" - "Nullsoft, Inc." - "C:\Program Files\Winamp\winampa.exe"

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"EpsonNet Print Port" - "SEIKO EPSON CORPORATION" - C:\Windows\system32\enppmon.dll
"LIDIL hpzlllhn" - "Hewlett-Packard Company" - C:\Windows\system32\hpzlllhn.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"ABBYY FineReader 9.0 Sprint Licensing Service" (ABBYY.Licensing.FineReader.Sprint.9.0) - "ABBYY" - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
"Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
"Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
"ArcSoft Connect Daemon" (ACDaemon) - "ArcSoft Inc." - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
"Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
"Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\sched.exe
"Bluetooth Service" (btwdins) - "Broadcom Corporation." - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
"CamMonitor" (uCamMonitor) - "ArcSoft, Inc." - C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
"EpsonBidirectionalService" (EpsonBidirectionalService) - "SEIKO EPSON CORPORATION" - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
"Google Desktop Manager 5.9.1005.12335" (GoogleDesktopManager-051210-111108) - "Google" - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
"HP CUE DeviceDiscovery Service" (hpqddsvc) - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
"hpqcxs08" (hpqcxs08) - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
"Intel® PROSet/Wireless Event Log" (EvtEng) - "Intel(R) Corporation" - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
"Intel® PROSet/Wireless Registry Service" (RegSrvc) - "Intel(R) Corporation" - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
"IviRegMgr" (IviRegMgr) - "InterVideo" - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"MotoHelper Service" (MotoHelper) - ? - C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
"Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
"NSUService" (NSUService) - "Sony Corporation" - C:\Program Files\sony\Network Utility\NSUService.exe
"PACSPTISVR" (PACSPTISVR) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
"VAIO Content Folder Watcher" (VCFw) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
"VAIO Content Metadata Intelligent Analyzing Manager" (VcmIAlzMgr) - "Sony Corporation" - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
"VAIO Content Metadata XML Interface" (VcmXmlIfHelper) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
"VAIO Entertainment Database Service" (VzCdbSvc) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
"VAIO Entertainment TV Device Arbitration Service" (VAIO Entertainment TV Device Arbitration Service) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
"VAIO Entertainment UPnP Client Adapter" (Vcsw) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
"VAIO Event Service" (VAIO Event Service) - "Sony Corporation" - C:\Program Files\sony\VAIO Event Service\VESMgr.exe
"VAIO Media plus Content Importer" (SOHCImp) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHCImp.exe
"VAIO Media plus Database Manager" (SOHDBSvr) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
"VAIO Media plus Device Searcher" (SOHDs) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDs.exe
"VAIO Media plus Digital Media Server" (SOHDms) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDms.exe
"VAIO Media plus Playlist Manager" (SOHPlMgr) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
"VAIO Power Management" (VAIO Power Management) - "Sony Corporation" - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
"vToolbarUpdater11.1.0" (vToolbarUpdater11.1.0) - ? - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
"Webfetti Service" (WebfettiService) - "Webfetti" - C:\PROGRA~1\Webfetti\bar\2.bin\7dbarsvc.exe
"Windows Live Family Safety-Dienst" (fsssvc) - "Microsoft Corporation" - C:\Program Files\Windows Live\Family Safety\fsssvc.exe

[Winlogon]
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----
"VESWinlogon" - "Sony Corporation" - C:\Windows\system32\VESWinlogon.dll

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

cosinus 25.06.2012 14:48
ok fehlt noch aswMBR

magicfortune 25.06.2012 15:24
Und hier endlich das aswlog

Code:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-06-25 14:43:04
-----------------------------
14:43:04.440    OS Version: Windows 6.1.7601 Service Pack 1
14:43:04.440    Number of processors: 2 586 0x170A
14:43:04.440    ComputerName: DÉSIRÉE-PC  UserName: Désirée
14:43:05.750    Initialize success
14:44:09.392    AVAST engine defs: 12062500
14:46:05.391    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:46:05.395    Disk 0 Vendor: WDC_WD32 11.0 Size: 305245MB BusType: 3
14:46:05.398    Disk 1  \Device\Harddisk1\DR1 -> \Device\00000069
14:46:05.401    Disk 1 Vendor: RICOH 01 Size: 305245MB BusType: 0
14:46:05.404    Disk 2  \Device\Harddisk2\DR2 -> \Device\0000006a
14:46:05.407    Disk 2 Vendor: RICOH 02 Size: 305245MB BusType: 0
14:46:05.504    Disk 0 MBR read successfully
14:46:05.511    Disk 0 MBR scan
14:46:05.581    Disk 0 Windows 7 default MBR code
14:46:05.696    Disk 0 Partition 1 00    27 Hidden NTFS WinRE NTFS        10436 MB offset 2048
14:46:05.766    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS      294807 MB offset 21374976
14:46:05.827    Disk 0 scanning sectors +625140400
14:46:06.252    Disk 0 scanning C:\Windows\system32\drivers
14:47:34.663    Service scanning
14:48:19.384    Modules scanning
14:50:06.320    Disk 0 trace - called modules:
14:50:06.367   
14:50:07.724    AVAST engine scan C:\Windows
14:51:50.778    AVAST engine scan C:\Windows\system32
15:14:44.033    AVAST engine scan C:\Windows\system32\drivers
15:16:52.405    AVAST engine scan C:\Users\Désirée
15:56:40.568    AVAST engine scan C:\ProgramData
15:59:00.326    Scan finished successfully
16:22:56.608    Disk 0 MBR has been saved successfully to "C:\Users\Désirée\Desktop\MBR.dat"
16:22:56.616    The log file has been saved successfully to "C:\Users\Désirée\Desktop\aswMBR.txt"

cosinus 25.06.2012 16:13
Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!


Alle Zeitangaben in WEZ +1. Es ist jetzt 16:23 Uhr.
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131