Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   GVU Trojaner, ukash usw. (https://www.trojaner-board.de/124574-gvu-trojaner-ukash-usw.html)

buergi 23.09.2012 16:55
GVU Trojaner, ukash usw.
 
Hallo zusammen,

Ich habe mir gestern Nachmittag ebenfalls diesen GVU Trojaner (oder wie auch immer das genannt wird..) eingefangen.

D.h. weisser Sperrbildschirm mit ukash Zahlungsaufforderung, oben offizielle Logos und Webcam-Frenster (habe aber keine) und deaktivierter Explorer.

Hier ist was ich bisher gemacht habe:
1)Bevor ich mehr darüber gelesen habe, habe ich Kaspersky WindowsUnlocker versucht -> ohne Erfolg.

2)Abgesicherter Modus mit Netzwerktreibern hat funktioniert.

3) Defogger angewendet

4) OTL Quickscan durchgeführt (logs siehe unten)

5) Malwarebytes Quickscan durchgeführt und die drei gefundenen Dateien gelöscht bzw. in Quarantäne gesetzt.

6) PC startet wieder normal, kein weißer Sperrbildschirm mehr

Erstmal bin ich jetzt erleichtert, aber mir ist klar, dass das noch nicht alles ist.
Daher würde ich mich freuen, wenn Ihr mir sagen könntet, was ich noch machen muss!

Vielen Dank im Voraus!

Hier sind die Logs (meinen Namen habe ich durch 'xxxx' ersetzt.

OTL:
Code:
OTL logfile created on: 23.09.2012 12:19:04 - Run 1
OTL by OldTimer - Version 3.2.66.0    Folder = C:\Users\xxxx\Desktop
64bit- Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 2,77 Gb Available Physical Memory | 85,17% Memory free
6,50 Gb Paging File | 6,04 Gb Available in Paging File | 92,94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,51 Gb Total Space | 844,35 Gb Free Space | 90,64% Space Free | Partition Type: NTFS
Drive E: | 49,36 Gb Total Space | 4,36 Gb Free Space | 8,84% Space Free | Partition Type: NTFS
Drive F: | 100,00 Mb Total Space | 71,69 Mb Free Space | 71,69% Space Free | Partition Type: NTFS
Drive G: | 323,25 Gb Total Space | 106,36 Gb Free Space | 32,90% Space Free | Partition Type: NTFS
Drive H: | 420,60 Gb Total Space | 267,86 Gb Free Space | 63,68% Space Free | Partition Type: NTFS
Drive I: | 976,56 Gb Total Space | 313,50 Gb Free Space | 32,10% Space Free | Partition Type: NTFS
 
Computer Name: xxxx-PC | User Name: xxxx | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.09.23 12:18:10 | 000,601,600 | ---- | M] (OldTimer Tools) -- C:\Users\xxxx\Desktop\OTL.exe
 
 
========== Moxxxxs (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2009.08.18 02:36:20 | 000,203,264 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.09.10 21:44:12 | 004,537,664 | ---- | M] () [Auto | Stopped] -- c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll -- (Akamai)
SRV - [2012.09.07 21:16:40 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.08 18:31:35 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchexxxxrService)
SRV - [2012.05.08 18:31:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.04.22 13:51:04 | 000,720,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.09.09 18:08:54 | 000,475,088 | ---- | M] (Cisco Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent)
SRV - [2011.08.01 18:24:00 | 003,889,424 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2011.03.31 16:08:14 | 000,080,896 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2010.11.24 22:33:26 | 000,921,600 | ---- | M] () [Auto | Stopped] -- C:\ProgramData\TVersity\Media Server\MediaServer.exe -- (TVersityMediaServer)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.05.08 18:31:35 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.08 18:31:35 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.04.22 13:51:38 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.09 17:28:20 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2012.01.09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2012.01.09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012.01.09 17:28:18 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.12.15 15:00:00 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.09.09 18:00:05 | 000,026,536 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64.sys -- (vpnva)
DRV:64bit: - [2011.09.09 17:59:19 | 000,106,408 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acsock64.sys -- (acsock)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 05:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.06.25 16:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2009.11.01 19:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009.08.18 03:48:48 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:09:02 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
DRV:64bit: - [2009.06.10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.01.19 06:36:12 | 000,027,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irsir.sys -- (irsir)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005.01.01 11:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hiergehtslos.de
IE - HKCU\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.4
FF - prefs.js..extensions.enabledAddons: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:1.1
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.07 21:16:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.07 21:16:40 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.06.10 12:54:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxxx\AppData\Roaming\mozilla\Extensions
[2012.06.10 12:54:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxxx\AppData\Roaming\mozilla\Extensions\ideskbrowser@haufe.de
[2012.09.15 08:43:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxxx\AppData\Roaming\mozilla\Firefox\Profiles\uhewijt8.default\extensions
[2012.08.27 18:18:59 | 000,167,303 | ---- | M] () (No name found) -- C:\Users\xxxx\AppData\Roaming\mozilla\firefox\profiles\uhewijt8.default\extensions\jid1-0FHdJAAQ7Nb73Q@jetpack.xpi
[2012.03.31 18:08:23 | 000,129,384 | ---- | M] () (No name found) -- C:\Users\xxxx\AppData\Roaming\mozilla\firefox\profiles\uhewijt8.default\extensions\SciLorsGrooveUnlocker@scilor.com.xpi
[2012.09.15 08:43:13 | 000,270,876 | ---- | M] () (No name found) -- C:\Users\xxxx\AppData\Roaming\mozilla\firefox\profiles\uhewijt8.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2012.09.07 21:16:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.09.07 21:16:40 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.08 09:09:29 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.30 17:49:04 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.08 09:09:29 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.08 09:09:29 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.08 09:09:29 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.08 09:09:29 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.05.06 10:25:02 | 000,000,893 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\xxxx\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O4 - HKCU..\Run: [phonostarTimer] C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe ()
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\xxxx\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKCU..\Run: [Unified Remote v2] C:\Program Files (x86)\Unified Remote\RemoteServer.exe (Unified Remote)
O4 - Startup: C:\Users\xxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk = C:\ProgramData\lsass.exe (Microsoft Corporation)
O4 - Startup: C:\Users\xxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\xxxx\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 1
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: 55963676-2F5E-4BAF-AC28-CF26AA587566 vpnweb.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{992F9A60-2520-4B78-8219-E071AE899109}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\haufereader - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\haufereader - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.07.01 16:48:10 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{8ba7debf-6c33-11e0-94cf-002522896cc3}\Shell - "" = AutoRun
O33 - MountPoints2\{8ba7debf-6c33-11e0-94cf-002522896cc3}\Shell\AutoRun\command - "" = J:\iStudio.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.23 12:18:09 | 000,601,600 | ---- | C] (OldTimer Tools) -- C:\Users\xxxx\Desktop\OTL.exe
[2012.09.22 14:20:08 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\lsass.exe
[2012.09.14 19:45:55 | 000,000,000 | ---D | C] -- C:\Users\xxxx\AppData\Local\roomeon
[2012.09.14 19:45:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\roomeon 3D-Planer
[2012.09.14 19:45:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\roomeon GmbH
[2012.09.07 21:16:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.23 12:18:10 | 000,601,600 | ---- | M] (OldTimer Tools) -- C:\Users\xxxx\Desktop\OTL.exe
[2012.09.23 12:17:21 | 000,000,000 | ---- | M] () -- C:\Users\xxxx\defogger_reenable
[2012.09.23 12:13:43 | 000,050,477 | ---- | M] () -- C:\Users\xxxx\Desktop\Defogger.exe
[2012.09.23 12:07:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.23 12:07:10 | 2616,696,832 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.22 20:17:53 | 083,023,306 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012.09.22 15:25:09 | 000,019,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.22 15:25:09 | 000,019,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.22 14:20:17 | 000,000,824 | ---- | M] () -- C:\Users\xxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.09.22 12:04:46 | 000,011,776 | ---- | M] () -- C:\Users\xxxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.09.22 11:35:59 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.09.22 11:35:59 | 000,654,150 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.09.22 11:35:59 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.09.22 11:35:59 | 000,130,022 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.09.22 11:35:59 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.09.01 06:41:55 | 417,261,835 | ---- | M] () -- C:\Windows\MEMORY.DMP
 
========== Files Created - No Company Name ==========
 
[2012.09.23 12:17:21 | 000,000,000 | ---- | C] () -- C:\Users\xxxx\defogger_reenable
[2012.09.23 12:13:42 | 000,050,477 | ---- | C] () -- C:\Users\xxxx\Desktop\Defogger.exe
[2012.09.22 14:20:17 | 000,000,824 | ---- | C] () -- C:\Users\xxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.09.22 14:20:16 | 083,023,306 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012.04.06 00:28:43 | 000,000,020 | ---- | C] () -- C:\Windows\mafosav.INI
[2011.12.12 00:17:38 | 000,003,460 | ---- | C] () -- C:\Users\xxxx\.recently-used.xbel
[2011.08.07 20:43:47 | 000,011,776 | ---- | C] () -- C:\Users\xxxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.04.17 17:13:27 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.04.17 16:12:13 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\pxhpinst.exe
[2011.04.17 16:11:58 | 000,001,125 | ---- | C] () -- C:\Windows\winamp.ini
[2011.04.16 23:31:00 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.01.21 12:30:06 | 000,311,296 | ---- | C] () -- C:\Windows\SysWow64\EMRegSys.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2011.04.28 18:06:38 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\aicon
[2011.11.13 13:12:05 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\calibre
[2011.05.17 21:10:02 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Canneverbe Limited
[2011.09.23 19:32:51 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Dexpot
[2012.09.22 20:17:38 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Dropbox
[2011.08.04 21:47:15 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\DVDVideoSoft
[2011.08.04 21:41:40 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.06.02 19:55:17 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Engelmann Media
[2011.06.01 00:40:19 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\FileZilla
[2011.12.12 00:17:38 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\gtk-2.0
[2012.06.10 12:54:27 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Haufe Mediengruppe
[2011.08.06 08:46:11 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\HTC
[2012.04.13 12:56:56 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2011.07.07 23:20:45 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\IrfanView
[2011.04.22 10:12:21 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Juan M. Aguirregabiria
[2012.06.10 12:44:43 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Lexware
[2011.05.07 12:47:19 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Mp3tag
[2011.07.07 23:20:44 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\MusicBee
[2012.01.02 18:51:01 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\MyPhoneExplorer
[2012.09.23 12:36:28 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\NetSpeedMonitor
[2012.07.27 22:08:41 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Nokia
[2012.07.27 22:08:08 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Nokia Suite
[2012.07.27 22:06:40 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\PC Suite
[2012.04.06 19:32:34 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\pdfforge
[2011.12.03 12:01:47 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\phonostar GmbH
[2011.11.07 20:37:04 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Rainmeter
[2011.10.25 22:23:49 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Simfy
[2012.09.14 23:54:47 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Spotify
[2012.05.12 00:51:00 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.01.03 16:17:36 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Teeworlds
[2012.01.10 09:49:34 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Unified Remote
 
========== Purity Check ==========
 
 

< End of report >
OTL, Extras

Code:
OTL Extras logfile created on: 23.09.2012 12:19:04 - Run 1
OTL by OldTimer - Version 3.2.66.0    Folder = C:\Users\xxxx\Desktop
64bit- Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 2,77 Gb Available Physical Memory | 85,17% Memory free
6,50 Gb Paging File | 6,04 Gb Available in Paging File | 92,94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,51 Gb Total Space | 844,35 Gb Free Space | 90,64% Space Free | Partition Type: NTFS
Drive E: | 49,36 Gb Total Space | 4,36 Gb Free Space | 8,84% Space Free | Partition Type: NTFS
Drive F: | 100,00 Mb Total Space | 71,69 Mb Free Space | 71,69% Space Free | Partition Type: NTFS
Drive G: | 323,25 Gb Total Space | 106,36 Gb Free Space | 32,90% Space Free | Partition Type: NTFS
Drive H: | 420,60 Gb Total Space | 267,86 Gb Free Space | 63,68% Space Free | Partition Type: NTFS
Drive I: | 976,56 Gb Total Space | 313,50 Gb Free Space | 32,10% Space Free | Partition Type: NTFS
 
Computer Name: xxxx-PC | User Name: xxxx | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [TVersity] -- "C:\ProgramData\TVersity\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [TVersity] -- "C:\ProgramData\TVersity\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D92B3B0-0CC6-4E23-B73A-BA44A10E0A36}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{20628B1A-6C84-4602-981A-502AED7007AE}" = lport=139 | protocol=6 | dir=in | app=system |
"{235BA6CF-D19D-4358-890A-1D538347B914}" = rport=139 | protocol=6 | dir=out | app=system |
"{27B0A41D-CC89-4E86-A9F6-F9384A719F5E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3215E2D9-D8BE-44A3-A1B5-431462CD41C6}" = lport=138 | protocol=17 | dir=in | app=system |
"{389C3B93-671D-4C7C-A0D1-8C4EC11B2423}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4C6FE2ED-4A14-4908-AE01-66DD3C8E921B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{58DC1872-9FAF-406B-80B0-B8A3B46F5EE0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5C98731E-DD5C-41D3-B2DB-D9B141888CB2}" = lport=137 | protocol=17 | dir=in | app=system |
"{708552EF-CB4F-4FB1-917E-6C5CE0FC2327}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{71D2EF07-E508-43D3-AF5D-B4098513E545}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{8C54F55C-C1D2-4182-8F38-5B013679FCE9}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{A0B1161F-5946-4928-8654-25E4C9225DE8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AF31DAFA-6F58-4A46-ADB2-59BDF0BA7706}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B3C3F369-79A2-48C9-9B4B-1E40D68991EC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BC5B9AF3-4F6E-4BC2-9065-F3EECBB21AD0}" = rport=445 | protocol=6 | dir=out | app=system |
"{BCDA8288-BC9F-47B5-A838-1234E4F5D59C}" = rport=137 | protocol=17 | dir=out | app=system |
"{D3B8D857-5B11-4FDB-A6D9-CE9C703DA2B4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DC64A6E6-7C5A-40A2-8E05-D4F923E6CABD}" = rport=138 | protocol=17 | dir=out | app=system |
"{E533FFE9-8177-4C51-80D5-25ACCAA77B82}" = rport=10243 | protocol=6 | dir=out | app=system |
"{F993779C-3D19-4D3E-A95B-C2BAACB69A40}" = lport=445 | protocol=6 | dir=in | app=system |
"{FA11BFEE-64AC-4306-B613-36739659034B}" = lport=10243 | protocol=6 | dir=in | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{13AC5299-CF48-4CC2-97C1-1DF583E2FF44}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{14B4A7AF-9512-40BA-99C0-9BC696B4C5F5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{218D28E3-DC3A-4B8E-A535-53E2326EC288}" = protocol=17 | dir=in | app=c:\programdata\tversity\media server\mediaserver.exe |
"{29721439-4681-488D-B703-911CCA0F3995}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2B04283A-B6BC-4DB2-AA6B-63CBD014BC96}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4EA6525A-F5D8-4BB7-AA72-33A5DDF70E72}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{519EAFED-4CF8-472C-85E5-AC417E287ED7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5B006470-6B3B-4FA0-BEE6-2E4D3DE2B53E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{5C864325-0397-4868-83A4-2C06FA44C801}" = protocol=6 | dir=out | app=system |
"{6384F34C-0C16-4176-BDEB-A8EEBE952796}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{65694C10-F118-4ACF-B9F2-C9E490EE38B1}" = protocol=6 | dir=in | app=c:\programdata\tversity\media server\mediaserver.exe |
"{67284C68-FCCA-456E-BC5B-8BC3E1CC6C3A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{775700B5-383F-4D42-8990-EE4AFFE874B1}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{80713038-5B3E-47FA-9164-D4F049F62E31}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{8127C50C-807B-473D-9CA5-DFF3CC83F97F}" = protocol=6 | dir=in | app=c:\users\xxxx\appdata\roaming\dropbox\bin\dropbox.exe |
"{8A62BDB0-5A86-4D94-801F-F03EB8E59CDD}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"{8EA53724-DDFA-498B-BEE3-F4AFB17F6376}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A42E3A03-98FB-42AC-A4CD-51DCC70BB852}" = protocol=17 | dir=in | app=c:\users\xxxx\appdata\local\akamai\netsession_win.exe |
"{AA971658-C874-455B-AA46-15C9609D93AC}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B48C666B-0CBF-4A29-B75E-41131EA1AA7B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B6269A6A-54CF-4A03-B263-40E676B36B29}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C06576D6-6EBA-4D1D-8496-EA2144FE5883}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C1B3C31F-49E2-485B-9600-DF905676821A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C4EAC606-02FA-4F09-85E7-06DA0C69BB1F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D619DF87-A875-4347-B74B-4C5C6EA611C6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{DE30FA9D-B974-42E2-858F-EB8C31B6B16B}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{E25F31E0-8DCE-4BA5-8433-12CE06BAB30E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E3EC467F-6661-48BF-B0AE-EF87F286555B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EE800FB1-CE3E-4099-9675-FC0B0701ADAB}" = protocol=17 | dir=in | app=c:\users\xxxx\appdata\roaming\dropbox\bin\dropbox.exe |
"{F6EC5D69-BD99-4FB9-928E-214AED4433EC}" = protocol=6 | dir=in | app=c:\users\xxxx\appdata\local\akamai\netsession_win.exe |
"{F89B53DF-2CA3-49D3-9885-F46C53F06CE9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{FD9BA477-55F9-4E65-9DA1-AB1726ABA03E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{5681AC84-3B23-496E-9F6B-99FA7B08D286}C:\program files (x86)\unified remote\remoteserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\unified remote\remoteserver.exe |
"TCP Query User{582DDAFF-8030-4B39-B849-718A74049AFF}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\myphoneexplorer\myphoneexplorer.exe |
"TCP Query User{60242BA5-0077-42DE-B1AE-87B561A98108}C:\program files (x86)\unified remote\remoteserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\unified remote\remoteserver.exe |
"TCP Query User{C07279C0-66BB-4FE7-82BD-B38A50A96959}C:\users\xxxx\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\xxxx\appdata\roaming\spotify\spotify.exe |
"TCP Query User{C0CA9434-736A-49D1-A19F-C246BEEA4A9A}C:\spiele\aeriagames\wolfteam-de\wolfteam.bin" = protocol=6 | dir=in | app=c:\spiele\aeriagames\wolfteam-de\wolfteam.bin |
"TCP Query User{CB44C21D-8E04-4D54-8BD6-FF000824215C}C:\users\xxxx\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\xxxx\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{D2C12DA7-B1FB-451C-B374-1C8C9209CBA3}C:\users\xxxx\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\xxxx\appdata\local\akamai\netsession_win.exe |
"UDP Query User{64ADCFBA-7B53-42B7-9DBE-C89F29F9B717}C:\users\xxxx\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\xxxx\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{866E4C36-4AFE-4A40-94BE-D3E933FA54D0}C:\program files (x86)\unified remote\remoteserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\unified remote\remoteserver.exe |
"UDP Query User{A9E91041-BEDE-47CB-B5BC-F249E938AF51}C:\program files (x86)\unified remote\remoteserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\unified remote\remoteserver.exe |
"UDP Query User{C1AC76B0-6EA6-48E6-AA67-476F93E23004}C:\spiele\aeriagames\wolfteam-de\wolfteam.bin" = protocol=17 | dir=in | app=c:\spiele\aeriagames\wolfteam-de\wolfteam.bin |
"UDP Query User{C393C822-AF6D-47DB-B4E9-24665AD19C94}C:\users\xxxx\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\xxxx\appdata\local\akamai\netsession_win.exe |
"UDP Query User{E53340F7-B5F8-46B3-BAFB-4B3BD464DD57}C:\users\xxxx\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\xxxx\appdata\roaming\spotify\spotify.exe |
"UDP Query User{ECA3425E-0B2A-4C08-BC0B-89CDF5143A60}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\myphoneexplorer\myphoneexplorer.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}" = NetSpeedMonitor 2.5.4.0 x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"WinRAR archiver" = WinRAR 4.00 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"@icon sushi_is1" = @icon sushi 1.21
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0138F525-6C8A-333F-A105-14AE030B9A54}" = Visual C++ 9.0 CRT (x86) WinSXS MSM
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D3CECCA-A589-ECCA-EC0B-2F98F2789F60}" = simfy
"{0D55297D-C424-4A2F-BE94-BEAE479EBBB8}" = roomeon 3D-Planer
"{0F32914F-A633-4516-B531-7084C8F19F93}" = Haufe iDesk-Browser
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{15B2BC56-D179-4450-84B9-7A8D7F4CE1B9}" = Lexware Info Service
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 5
"{27F10580-E040-11DF-8C28-005056B12123}" = Haufe iDesk-Service
"{29205904-A7A8-4545-0001-697935602C90}" = SimplyGoodPictures
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{3BEFC315-7F74-4F71-B704-2CAF4DC046BB}" = Steuer-Hilfesammlung 2010
"{406A89D6-09E6-4550-B370-8D376DDB56BE}" = Adobe Flash Player 10 ActiveX
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B526075-AF27-47A2-860D-3DA92928A051}" = Steuer 2010
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{66A722B4-C3A4-4599-A1AF-AAF8E808AF5D}" = calibre
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{75F509C3-5F01-48C1-ACB9-B9B38A952E6C}" = Unified Remote
"{7964AE02-9127-42C0-A917-2CE4CD4EFE3B}" = Nokia Suite
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{ADB1DE83-FC42-4C3F-B64B-2AF2215EF88B}" = Cisco AnyConnect Secure Mobility Client
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{C6427F6A-9013-43A6-BE2A-BA6C1B04DF88}" = Cisco AnyConnect VPN Client Start Before Login Components
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA5B2BDC-F654-4A88-A669-4D34BC7846A1}" = PC Connectivity Solution
"{DD8D87E5-C372-462F-B168-94612B1D9451}" = HTC Sync
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E8828ACA-EB7B-4412-856D-E79318840919}" = MusicBee
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"ABC Amber NBU Converter" = ABC Amber NBU Converter
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Akamai" = Akamai NetSession Interface Service
"Avira AntiVir Desktop" = Avira Free Antivirus
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Directory Compare_is1" = Directory Compare
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ffdshow_is1" = ffdshow [rev 3154] [2009-12-09]
"FileZilla Client" = FileZilla Client 3.5.0
"Intelli-studio" = SAMSUNG Intelli-studio
"IrfanView" = IrfanView (remove only)
"Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.48
"MPE" = MyPhoneExplorer
"Nokia Suite" = Nokia Suite
"phonostar3RadioPlayer_is1" = phonostar-Player Version 3.02.2
"Rainmeter" = Rainmeter
"Simfy" = simfy
"TVersity Codec Pack" = TVersity Codec Pack 1.4
"TVersity Media Server" = TVersity Media Server 1.9.3
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.9
"Winamp" = Winamp (remove only)
"WinGimp-2.0_is1" = GIMP 2.6.11
"WolfTeam-DE" = WolfTeam-DE
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Dexpot" = Dexpot
"Dropbox" = Dropbox
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"Spotify" = Spotify
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 22.09.2012 10:02:21 | Computer Name = xxxx-PC | Source = vpnplap | ID = 67108866
Description =
 
Error - 22.09.2012 10:02:21 | Computer Name = xxxx-PC | Source = vpnplap | ID = 67108866
Description =
 
Error - 22.09.2012 14:17:06 | Computer Name = xxxx-PC | Source = vpnplap | ID = 67108866
Description =
 
Error - 22.09.2012 14:17:06 | Computer Name = xxxx-PC | Source = vpnplap | ID = 67108866
Description =
 
Error - 22.09.2012 14:18:21 | Computer Name = xxxx-PC | Source = vpnplap | ID = 67108866
Description =
 
Error - 22.09.2012 14:18:21 | Computer Name = xxxx-PC | Source = vpnplap | ID = 67108866
Description =
 
Error - 22.09.2012 14:18:28 | Computer Name = xxxx-PC | Source = vpnplap | ID = 67108866
Description =
 
Error - 22.09.2012 14:18:28 | Computer Name = xxxx-PC | Source = vpnplap | ID = 67108866
Description =
 
Error - 22.09.2012 14:18:30 | Computer Name = xxxx-PC | Source = vpnplap | ID = 67108866
Description =
 
Error - 22.09.2012 14:18:30 | Computer Name = xxxx-PC | Source = vpnplap | ID = 67108866
Description =
 
Error - 23.09.2012 06:14:14 | Computer Name = xxxx-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
 (x86)\phonostar-Player\phonostar.exe". Fehler in  Manifest- oder Richtliniendatei
 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
 mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt stehende Komponenten:.
Komponente
 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
[ Cisco AnyConnect Secure Mobility Client Events ]
Error - 22.09.2012 09:24:50 | Computer Name = xxxx-PC | Source = acvpnagent | ID = 67108866
Description = Function: CTcpTransport::writeSocketBlocking File: .\IPC\SocketTransport.cpp
Line:
 1676 Invoked Function: WSASend Return Code: 10054 (0x00002746) Description: Eine vorhandene
 Verbindung wurde vom Remotehost geschlossen. 
 
Error - 22.09.2012 09:24:50 | Computer Name = xxxx-PC | Source = acvpnagent | ID = 67108866
Description = Function: CIpcTransport::terminateIpcConnection File: .\IPC\IPCTransport.cpp
Line:
 384 Invoked Function: CSocketTransport::writeSocketBlocking Return Code: -31522805
 (0xFE1F000B) Description: SOCKETTRANSPORT_ERROR_WRITE
 
Error - 22.09.2012 14:17:32 | Computer Name = xxxx-PC | Source = acvpnagent | ID = 67108866
Description = Function: CThread::invokeRun File: .\Utility\Thread.cpp Line: 376 Invoked
 Function: IRunnable::Run Return Code: -32047093 (0xFE17000B) Description: BROWSERPROXY_ERROR_NO_PROXY_FILE

 
Error - 22.09.2012 14:17:58 | Computer Name = xxxx-PC | Source = acvpnui | ID = 67108866
Description = Function: CMainFrame::getDARTInstallDir File: .\mainfrm.cpp Line: 4214
Invoked
 Function: MsiEnumProductsExW Return Code: 259 (0x00000103) Description: Es sind keine
 Daten mehr verfügbar. 
 
Error - 22.09.2012 14:17:59 | Computer Name = xxxx-PC | Source = acvpnui | ID = 67108865
Description = Function: ConnectMgr::activateConnectEvent File: .\ConnectMgr.cpp Line:
 1089 NULL object. Cannot establish a connection at this time.
 
Error - 22.09.2012 14:18:25 | Computer Name = xxxx-PC | Source = acvpnagent | ID = 67108866
Description = Function: CSocketTransport::callbackHandler File: .\IPC\SocketTransport.cpp
Line:
 1280 Invoked Function: WSAGetOverlappedResult Return Code: 10054 (0x00002746) Description:
 Eine vorhandene Verbindung wurde vom Remotehost geschlossen. 
 
Error - 22.09.2012 14:18:25 | Computer Name = xxxx-PC | Source = acvpnagent | ID = 67108866
Description = Function: CSocketTransport::callbackHandler File: .\IPC\SocketTransport.cpp
Line:
 1281 Invoked Function: WSARecv/WSARecvFrom Return Code: 0 (0x00000000) Description:
 unknown
 
Error - 22.09.2012 14:18:25 | Computer Name = xxxx-PC | Source = acvpnagent | ID = 67108866
Description = Function: CIpcTransport::OnSocketReadComplete File: .\IPC\IPCTransport.cpp
Line:
 873 Invoked Function: CSocketTransport::readSocket Return Code: -31522801 (0xFE1F000F)
Description:
 SOCKETTRANSPORT_ERROR_TRANSPORT_FAILURE
 
Error - 22.09.2012 14:18:25 | Computer Name = xxxx-PC | Source = acvpnagent | ID = 67108866
Description = Function: CIpcDepot::OnIpcMessageReceived File: .\IPC\IPCDepot.cpp Line:
 832 Invoked Function: CIpcTransport::OnSocketReadComplete Return Code: -31522801
(0xFE1F000F) Description: SOCKETTRANSPORT_ERROR_TRANSPORT_FAILURE
 
Error - 22.09.2012 14:18:25 | Computer Name = xxxx-PC | Source = acvpnagent | ID = 67108866
Description = Function: CTcpTransport::writeSocketBlocking File: .\IPC\SocketTransport.cpp
Line:
 1676 Invoked Function: WSASend Return Code: 10054 (0x00002746) Description: Eine vorhandene
 Verbindung wurde vom Remotehost geschlossen. 
 
[ System Events ]
Error - 14.02.2012 14:59:52 | Computer Name = xxxx-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 14.02.2012 14:59:52 | Computer Name = xxxx-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 14.02.2012 18:30:57 | Computer Name = xxxx-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 15.02.2012 13:26:22 | Computer Name = xxxx-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
 an den Computerhersteller, um aktualisierte Firmware zu erhalten.
 
Error - 15.02.2012 13:26:37 | Computer Name = xxxx-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 15.02.2012 13:26:37 | Computer Name = xxxx-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 16.02.2012 14:11:34 | Computer Name = xxxx-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
 an den Computerhersteller, um aktualisierte Firmware zu erhalten.
 
Error - 16.02.2012 14:12:39 | Computer Name = xxxx-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
 an den Computerhersteller, um aktualisierte Firmware zu erhalten.
 
Error - 16.02.2012 14:12:54 | Computer Name = xxxx-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 16.02.2012 14:12:54 | Computer Name = xxxx-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
 
< End of report >
Code:
Malwarebytes Anti-Malware (Test) 1.65.0.1400
www.malwarebytes.org

Datenbank Version: v2012.09.23.02

Windows 7 Service Pack 1 x64 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 9.0.8112.16421
xxxx :: xxxx-PC [Administrator]

Schutz: Deaktiviert

23.09.2012 13:43:15
mbam-log-2012-09-23 (13-43-15).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 202207
Laufzeit: 1 Minute(n), 42 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermoxxxx: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 3
C:\Users\xxxx\AppData\Local\Temp\wgsdgsdgdsgsd.exe (Trojan.Ransom) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\lsass.exe (Trojan.Delf) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\xxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk (Trojan.Ransom.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

cosinus 24.09.2012 11:40
Bitte erstmal routinemäßig einen Vollscan mit malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Die Funde mit Malwarebytes bitte alle entfernen, sodass sie in der Quarantäne von Malwarebytes aufgehoben werden! NICHTS voreilig aus der Quarantäne entfernen!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset




Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

buergi 26.09.2012 19:12
Hallo,

Danke, dass Du Dich meines Problems angenommen hast.
Hat wegen Arbeit und ewig dauernder scans leider ein bisschen gedauert.

Bevor die Frage kommt:
Rechner läuft wieder normal und nichts fehlt und keine leeren Ordner

Danke!

Hier sind die logs (Name durch xxxx ersetzt):

Malwarbytes:
Code:
Malwarebytes Anti-Malware (Test) 1.65.0.1400
www.malwarebytes.org

Datenbank Version: v2012.09.25.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
xxxx :: xxxx-PC [Administrator]

Schutz: Aktiviert

25.09.2012 08:17:23
mbam-log-2012-09-25 (17-58-35)_full.txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|F:\|G:\|H:\|I:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 1082429
Laufzeit: 8 Stunde(n), 47 Minute(n), 11 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermoxxxx: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
I:\alt_eigene_Dat\program_files\SoftonicDownloader_fuer_directory-compare.exe (PUP.OfferBundler.ST) -> Keine Aktion durchgeführt.

(Ende)

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=87458dcfa76a434c811db637174cab3f
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-26 05:22:45
# local_time=2012-09-26 07:22:45 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1792 16777215 100 0 12296888 12296888 0 0
# compatibility_mode=5893 16776574 100 94 45559553 100219511 0 0
# compatibility_mode=8192 67108863 100 0 188 188 0 0
# scanned=875651
# found=54
# cleaned=0
# scan_time=4104
C:\Users\xxxx\AppData\Local\Mozilla\Firefox\Profiles\uhewijt8.default\Cache\7\35\593F6d01        JS/Exploit.Pdfka.PRY trojan (unable to clean)        00000000000000000000000000000000        I
C:\Users\xxxx\AppData\Local\Temp\ICReinstall\cnet2_abcnbu_zip.exe        a variant of Win32/InstallCore.D application (unable to clean)        00000000000000000000000000000000        I
C:\Users\xxxx\AppData\Local\Temp\is1598539481\MyBabylonTB.exe        Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\13b50ff1-7901b12d        multiple threats (unable to clean)        00000000000000000000000000000000        I
C:\Users\xxxx\Downloads\cnet2_abcnbu_zip.exe        a variant of Win32/InstallCore.D application (unable to clean)        00000000000000000000000000000000        I
C:\Users\xxxx\Downloads\SciLorsGroovesharkcomDownloader.exe        a variant of Win32/Somoto.A application (unable to clean)        00000000000000000000000000000000        I
C:\Users\xxxx\Downloads\vlc-1.1.9-win32.exe        Win32/StartPage.OIE trojan (unable to clean)        00000000000000000000000000000000        I
G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\plugins\DEV9null.dll        probably a variant of Win32/Agent.NYQTMI trojan (unable to clean)        00000000000000000000000000000000        I
I:\alt_eigene_Dat\program_files\SoftonicDownloader_fuer_directory-compare.exe        a variant of Win32/SoftonicDownloader.A application (unable to clean)        00000000000000000000000000000000        I
I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC.zip        probably a variant of Win32/Agent.NYQTMI trojan (unable to clean)        00000000000000000000000000000000        I
I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\plugins\DEV9null.dll        probably a variant of Win32/Agent.NYQTMI trojan (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2011-04-22 235536\Backup Files 2011-04-22 235536\Backup files 2.zip        Win32/StartPage.OIE trojan (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2011-05-29 173218\Backup Files 2011-05-29 173218\Backup files 18.zip        Win32/StartPage.OIE trojan (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2011-06-19 190001\Backup Files 2011-06-19 190001\Backup files 20.zip        Win32/StartPage.OIE trojan (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2011-07-02 104640\Backup Files 2011-07-02 104640\Backup files 3.zip        Win32/StartPage.OIE trojan (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2011-07-10 195002\Backup Files 2011-07-10 195002\Backup files 3.zip        Win32/StartPage.OIE trojan (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2011-07-10 195002\Backup Files 2011-08-07 190002\Backup files 1.zip        HTML/Iframe.B.Gen virus (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2011-07-10 195002\Backup Files 2011-08-07 190002\Backup files 4.zip        multiple threats (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2011-07-10 195002\Backup Files 2011-08-07 190002\Backup files 5.zip        HTML/ScrInject.B.Gen virus (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2011-07-10 195002\Backup Files 2011-08-07 190002\Backup files 8.zip        HTML/ScrInject.B.Gen virus (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2011-08-14 220235\Backup Files 2011-08-14 220235\Backup files 10.zip        HTML/ScrInject.B.Gen virus (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2011-08-14 220235\Backup Files 2011-08-14 220235\Backup files 11.zip        HTML/ScrInject.B.Gen virus (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2011-08-14 220235\Backup Files 2011-08-14 220235\Backup files 17.zip        Win32/StartPage.OIE trojan (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2011-08-14 220235\Backup Files 2011-08-14 220235\Backup files 3.zip        HTML/Iframe.B.Gen virus (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2011-08-14 220235\Backup Files 2011-08-14 220235\Backup files 6.zip        multiple threats (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2011-08-14 220235\Backup Files 2011-08-14 220235\Backup files 7.zip        HTML/ScrInject.B.Gen virus (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2011-08-14 220235\Backup Files 2011-08-28 195603\Backup files 10.zip        JS/Kryptik.DX trojan (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2011-09-04 190012\Backup Files 2011-09-04 190012\Backup files 5.zip        Win32/StartPage.OIE trojan (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2011-10-16 190002\Backup Files 2011-10-16 190002\Backup files 11.zip        Win32/StartPage.OIE trojan (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2011-11-06 190002\Backup Files 2011-11-06 190002\Backup files 5.zip        Win32/StartPage.OIE trojan (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2011-11-06 190002\Backup Files 2011-11-13 190002\Backup files 1.zip        JS/Agent.NEJ trojan (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2011-11-06 190002\Backup Files 2011-11-13 190002\Backup files 2.zip        HTML/Iframe.B.Gen virus (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2011-11-06 190002\Backup Files 2011-11-13 190002\Backup files 3.zip        HTML/Iframe.B.Gen virus (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2011-12-11 190004\Backup Files 2011-12-11 190004\Backup files 14.zip        Win32/StartPage.OIE trojan (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2011-12-11 190004\Backup Files 2012-01-01 192928\Backup files 1.zip        HTML/Fraud.BG trojan (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2012-01-22 204700\Backup Files 2012-01-22 204700\Backup files 5.zip        Win32/StartPage.OIE trojan (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2012-01-22 204700\Backup Files 2012-01-29 190012\Backup files 3.zip        JS/Kryptik.GM trojan (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2012-01-22 204700\Backup Files 2012-03-18 190013\Backup files 10.zip        HTML/Iframe.B.Gen virus (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2012-01-22 204700\Backup Files 2012-03-18 190013\Backup files 16.zip        HTML/ScrInject.B.Gen virus (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2012-01-22 204700\Backup Files 2012-03-18 190013\Backup files 17.zip        HTML/Iframe.B.Gen virus (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2012-01-22 204700\Backup Files 2012-03-18 190013\Backup files 18.zip        HTML/ScrInject.B.Gen virus (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2012-01-22 204700\Backup Files 2012-03-18 190013\Backup files 20.zip        HTML/Iframe.B.Gen virus (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2012-01-22 204700\Backup Files 2012-03-18 190013\Backup files 6.zip        HTML/ScrInject.B.Gen virus (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2012-01-22 204700\Backup Files 2012-03-25 190014\Backup files 20.zip        JS/Kryptik.KP.Gen trojan (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2012-01-22 204700\Backup Files 2012-03-25 190014\Backup files 6.zip        JS/Kryptik.KP.Gen trojan (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2012-04-01 190003\Backup Files 2012-04-01 190003\Backup files 10.zip        Win32/StartPage.OIE trojan (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2012-04-01 190003\Backup Files 2012-06-03 201426\Backup files 2.zip        JS/Kryptik.PB trojan (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2012-04-01 190003\Backup Files 2012-07-15 190013\Backup files 4.zip        multiple threats (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2012-04-01 190003\Backup Files 2012-07-22 223707\Backup files 2.zip        HTML/ScrInject.B.Gen virus (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2012-04-01 190003\Backup Files 2012-08-07 011410\Backup files 3.zip        a variant of Win32/InstallCore.D application (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2012-04-01 190003\Backup Files 2012-09-17 194311\Backup files 4.zip        a variant of Win32/Somoto.A application (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2012-09-24 181630\Backup Files 2012-09-24 181630\Backup files 17.zip        multiple threats (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2012-09-24 181630\Backup Files 2012-09-24 181630\Backup files 19.zip        multiple threats (unable to clean)        00000000000000000000000000000000        I
I:\xxxx-PC\Backup Set 2012-09-24 181630\Backup Files 2012-09-24 181630\Backup files 6.zip        JS/Exploit.Pdfka.PRY trojan (unable to clean)        00000000000000000000000000000000        I

cosinus 27.09.2012 15:20
Code:
C:\Users\xxxx\Downloads\vlc-1.1.9-win32.exe
Aus welcher Quelle hast du diesen VLC-Player?
Software lädt man sich von der Herstellerseite (notfalls gehen auch vertrauenswürdige Portale wie zB Chip.de), beim VLC-Player ist das nicht vlc.de! Die Heimat von VLC ist videolan.org

Code:
I:\alt_eigene_Dat\program_files\SoftonicDownloader_fuer_directory-compare.exe
Vermüllte Software von Softonic scheint gerade stark in Mode zu sein! :stirn:

Finger weg von Softonic!! :pfui:

Softonic ist eine Toolbar- und Adwareschleuder! Finger weg! Software lädt man sich mit oberster Priorität direkt vom Hersteller und nicht von solchen Toolbarklitschen wie Softonic! Im Notfall würde natürlich chip.de gehen


adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)

buergi 28.09.2012 18:25
Hallo,

Woher ich den vlc-player habe, weiß ich leider nicht mehr.
Normalerweise kurz gegoogelt und von der erstbesten Quelle runtergeladen.
Jetzt wird mir klar, dass ich das besser ändern und in Zukunft anders machen sollte..

Hier ist der Adw log (Name durch xxxx ersetzt):

Code:
# AdwCleaner v2.003 - Datei am 09/28/2012 um 19:15:48 erstellt
# Aktualisiert am 23/09/2012 von Xplode
# Betriebssystem : Windows 7 Enterprise Service Pack 1 (64 bits)
# Benutzer : xxxx - xxxx-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\xxxx\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gefunden : C:\Users\xxxx\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\xxxx\AppData\LocalLow\PriceGong
Ordner Gefunden : C:\Users\xxxx\AppData\Roaming\pdfforge

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2851647
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v15.0 (de)

Profilname : default
Datei : C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\uhewijt8.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [1545 octets] - [28/09/2012 19:15:48]

########## EOF - C:\AdwCleaner[R1].txt - [1605 octets] ##########

cosinus 28.09.2012 19:44
adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)

buergi 28.09.2012 20:21
Hier ist der Inhalt der Logdatei:

Code:
# AdwCleaner v2.003 - Datei am 09/28/2012 um 21:15:56 erstellt
# Aktualisiert am 23/09/2012 von Xplode
# Betriebssystem : Windows 7 Enterprise Service Pack 1 (64 bits)
# Benutzer : xxxx - xxxx-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\xxxx\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\Users\xxxx\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\xxxx\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\xxxx\AppData\Roaming\pdfforge

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2851647
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

Wiederhergestellt : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v15.0 (de)

Profilname : default
Datei : C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\uhewijt8.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [1670 octets] - [28/09/2012 19:15:48]
AdwCleaner[S1].txt - [1969 octets] - [28/09/2012 21:15:56]

########## EOF - C:\AdwCleaner[S1].txt - [2029 octets] ##########

cosinus 28.09.2012 20:46
Hätte da mal zwei Fragen bevor es weiter geht (wir sind noch nicht fertig!)

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

buergi 28.09.2012 21:32
Windows läuft seit dem Malwarebytes wieder ganz normal.
Im Startmenü ist, soweit ich das übeblicken kann, alles da!

cosinus 28.09.2012 21:33
Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log
CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

buergi 30.09.2012 22:34
ok, hier das OTL-log.
Danke, wieder im Voraus!

OTL Logfile:
Code:
OTL logfile created on: 30.09.2012 22:37:48 - Run 2
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\xxxx\Desktop
64bit- Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 1,73 Gb Available Physical Memory | 53,29% Memory free
6,50 Gb Paging File | 3,92 Gb Available in Paging File | 60,37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,51 Gb Total Space | 841,32 Gb Free Space | 90,32% Space Free | Partition Type: NTFS
Drive E: | 49,36 Gb Total Space | 4,36 Gb Free Space | 8,84% Space Free | Partition Type: NTFS
Drive F: | 100,00 Mb Total Space | 71,69 Mb Free Space | 71,69% Space Free | Partition Type: NTFS
Drive G: | 323,25 Gb Total Space | 108,57 Gb Free Space | 33,59% Space Free | Partition Type: NTFS
Drive H: | 420,60 Gb Total Space | 267,86 Gb Free Space | 63,68% Space Free | Partition Type: NTFS
Drive I: | 976,56 Gb Total Space | 267,80 Gb Free Space | 27,42% Space Free | Partition Type: NTFS
Drive J: | 29,71 Gb Total Space | 16,65 Gb Free Space | 56,05% Space Free | Partition Type: FAT32
 
Computer Name: xxxx-PC | User Name: xxxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.09.30 22:35:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\xxxx\Desktop\OTL.exe
PRC - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamschexxxxr.exe
PRC - [2012.09.07 17:04:44 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.08.23 19:19:23 | 001,193,176 | ---- | M] () -- C:\Users\xxxx\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012.08.14 19:41:18 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.08.10 18:59:52 | 004,440,896 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\xxxx\AppData\Local\Akamai\netsession_win.exe
PRC - [2012.05.24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\xxxx\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.05.16 15:44:58 | 001,084,840 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
PRC - [2012.05.08 18:31:35 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.08 18:31:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.04.22 13:51:04 | 000,720,936 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012.04.22 13:50:32 | 000,148,520 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2011.12.02 23:32:44 | 000,226,816 | ---- | M] (Unified Remote) -- C:\Program Files (x86)\Unified Remote\RemoteServer.exe
PRC - [2011.11.06 22:57:04 | 005,505,536 | ---- | M] (Steven Mayall) -- C:\Program Files (x86)\MusicBee\MusicBee.exe
PRC - [2011.09.09 18:09:37 | 000,523,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
PRC - [2011.09.09 18:08:54 | 000,475,088 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
PRC - [2011.06.20 18:05:30 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
PRC - [2011.03.31 16:08:14 | 000,080,896 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2010.11.24 22:33:26 | 000,921,600 | ---- | M] () -- C:\ProgramData\TVersity\Media Server\MediaServer.exe
PRC - [2010.09.15 10:11:22 | 000,339,312 | ---- | M] (Haufe-Lexware GmbH & Co. KG) -- C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe
 
 
========== Moxxxxs (No Company Name) ==========
 
MOD - [2012.08.23 19:19:23 | 001,193,176 | ---- | M] () -- C:\Users\xxxx\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
MOD - [2012.06.17 10:44:11 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll
MOD - [2012.06.17 10:43:36 | 000,593,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\2b4d6976393bf5643a4ef2d8dffdf75b\System.Messaging.ni.dll
MOD - [2012.06.17 10:28:53 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012.06.17 10:28:26 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012.06.17 10:28:18 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012.06.14 23:41:14 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll
MOD - [2012.06.14 23:41:06 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll
MOD - [2012.05.16 15:45:56 | 000,276,392 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll
MOD - [2012.05.16 15:45:40 | 002,652,584 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll
MOD - [2012.05.16 15:45:40 | 000,363,944 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll
MOD - [2012.05.16 15:45:38 | 011,166,120 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll
MOD - [2012.05.16 15:45:36 | 001,346,472 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll
MOD - [2012.05.16 15:45:36 | 000,205,736 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll
MOD - [2012.05.16 15:45:34 | 001,013,672 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll
MOD - [2012.05.16 15:45:34 | 000,720,296 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll
MOD - [2012.05.16 15:45:32 | 008,506,280 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll
MOD - [2012.05.16 15:45:32 | 000,520,104 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll
MOD - [2012.05.16 15:45:30 | 002,480,552 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll
MOD - [2012.05.16 15:45:30 | 002,353,576 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll
MOD - [2012.05.16 15:45:28 | 000,445,864 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
MOD - [2012.05.16 15:45:22 | 000,206,760 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll
MOD - [2012.05.16 15:45:22 | 000,035,240 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll
MOD - [2012.05.16 15:45:20 | 000,032,680 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll
MOD - [2012.05.16 15:44:54 | 000,437,672 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll
MOD - [2012.05.16 15:44:16 | 000,604,072 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll
MOD - [2012.05.16 13:46:28 | 000,391,056 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll
MOD - [2012.05.16 13:46:28 | 000,059,280 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll
MOD - [2012.05.16 13:45:30 | 000,110,080 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\mediaservice\dsengine.dll
MOD - [2012.05.11 17:45:19 | 018,058,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\cfece6f67593b4d8bb58d23b7fdcc470\System.ServiceModel.ni.dll
MOD - [2012.05.11 17:43:27 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8a9fac9cb825b5d2db0bdb867fff940e\System.Runtime.Serialization.ni.dll
MOD - [2012.05.11 17:40:46 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\626d0ac2f4ada682d7ca6c4ebf821469\CustomMarshalers.ni.dll
MOD - [2012.05.11 17:38:29 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012.05.11 17:37:38 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012.05.11 17:37:34 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012.05.11 17:37:33 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.05.11 17:37:26 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012.05.11 00:01:02 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll
MOD - [2012.05.11 00:00:58 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll
MOD - [2012.05.11 00:00:55 | 006,815,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\99d0f7ba920eea1117e45dcd9fec0eb5\System.Data.ni.dll
MOD - [2012.05.11 00:00:51 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll
MOD - [2012.05.11 00:00:44 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll
MOD - [2012.05.11 00:00:38 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
MOD - [2011.06.20 18:05:30 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
MOD - [2011.06.15 15:07:10 | 002,293,248 | ---- | M] () -- C:\Program Files (x86)\phonostar-Player\QtCore4.dll
MOD - [2011.03.30 12:46:40 | 000,416,256 | ---- | M] () -- C:\Program Files (x86)\phonostar-Player\plugins\sqldrivers\qsqlite4.dll
MOD - [2011.03.30 09:16:34 | 008,173,568 | ---- | M] () -- C:\Program Files (x86)\phonostar-Player\QtGui4.dll
MOD - [2011.03.30 08:59:40 | 000,191,488 | ---- | M] () -- C:\Program Files (x86)\phonostar-Player\QtSql4.dll
MOD - [2010.11.21 08:21:24 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2010.11.21 05:24:01 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2010.11.13 01:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2009.08.18 02:36:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.09.10 21:44:12 | 004,537,664 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll -- (Akamai)
SRV - [2012.09.07 21:16:40 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamschexxxxr.exe -- (MBAMSchexxxxr)
SRV - [2012.05.08 18:31:35 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchexxxxrService)
SRV - [2012.05.08 18:31:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.04.22 13:51:04 | 000,720,936 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.09.09 18:08:54 | 000,475,088 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent)
SRV - [2011.08.01 18:24:00 | 003,889,424 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2011.03.31 16:08:14 | 000,080,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2010.11.24 22:33:26 | 000,921,600 | ---- | M] () [Auto | Running] -- C:\ProgramData\TVersity\Media Server\MediaServer.exe -- (TVersityMediaServer)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.05.08 18:31:35 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.08 18:31:35 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.04.22 13:51:38 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.09 17:28:20 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2012.01.09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2012.01.09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012.01.09 17:28:18 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.12.15 15:00:00 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.09.09 18:00:05 | 000,026,536 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64.sys -- (vpnva)
DRV:64bit: - [2011.09.09 17:59:19 | 000,106,408 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acsock64.sys -- (acsock)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 05:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.06.25 16:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2009.11.01 19:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009.08.18 03:48:48 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:09:02 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
DRV:64bit: - [2009.06.10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.01.19 06:36:12 | 000,027,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\irsir.sys -- (irsir)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005.01.01 11:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKU\S-1-5-21-3520745990-2397459756-1707785564-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hiergehtslos.de
IE - HKU\S-1-5-21-3520745990-2397459756-1707785564-1000\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No CLSID value found
IE - HKU\S-1-5-21-3520745990-2397459756-1707785564-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3520745990-2397459756-1707785564-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.4
FF - prefs.js..extensions.enabledAddons: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:1.1
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.07 21:16:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.07 21:16:40 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.06.10 12:54:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxxx\AppData\Roaming\mozilla\Extensions
[2012.06.10 12:54:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxxx\AppData\Roaming\mozilla\Extensions\ideskbrowser@haufe.de
[2012.09.15 08:43:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxxx\AppData\Roaming\mozilla\Firefox\Profiles\uhewijt8.default\extensions
[2012.08.27 18:18:59 | 000,167,303 | ---- | M] () (No name found) -- C:\Users\xxxx\AppData\Roaming\mozilla\firefox\profiles\uhewijt8.default\extensions\jid1-0FHdJAAQ7Nb73Q@jetpack.xpi
[2012.03.31 18:08:23 | 000,129,384 | ---- | M] () (No name found) -- C:\Users\xxxx\AppData\Roaming\mozilla\firefox\profiles\uhewijt8.default\extensions\SciLorsGrooveUnlocker@scilor.com.xpi
[2012.09.15 08:43:13 | 000,270,876 | ---- | M] () (No name found) -- C:\Users\xxxx\AppData\Roaming\mozilla\firefox\profiles\uhewijt8.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2012.09.07 21:16:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.09.07 21:16:40 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.08 09:09:29 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.30 17:49:04 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.08 09:09:29 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.08 09:09:29 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.08 09:09:29 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.08 09:09:29 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.05.06 10:25:02 | 000,000,893 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\S-1-5-21-3520745990-2397459756-1707785564-1000\..\Toolbar\WebBrowser: (no name) - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3520745990-2397459756-1707785564-1000..\Run: []  File not found
O4 - HKU\S-1-5-21-3520745990-2397459756-1707785564-1000..\Run: [Akamai NetSession Interface] C:\Users\xxxx\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-3520745990-2397459756-1707785564-1000..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O4 - HKU\S-1-5-21-3520745990-2397459756-1707785564-1000..\Run: [phonostarTimer] C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe ()
O4 - HKU\S-1-5-21-3520745990-2397459756-1707785564-1000..\Run: [Spotify Web Helper] C:\Users\xxxx\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKU\S-1-5-21-3520745990-2397459756-1707785564-1000..\Run: [Unified Remote v2] C:\Program Files (x86)\Unified Remote\RemoteServer.exe (Unified Remote)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\xxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\xxxx\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 1
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: 55963676-2F5E-4BAF-AC28-CF26AA587566 vpnweb.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{992F9A60-2520-4B78-8219-E071AE899109}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\haufereader - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\haufereader - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.07.01 16:48:10 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{8ba7debf-6c33-11e0-94cf-002522896cc3}\Shell - "" = AutoRun
O33 - MountPoints2\{8ba7debf-6c33-11e0-94cf-002522896cc3}\Shell\AutoRun\command - "" = J:\iStudio.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
MsConfig:64bit - StartUpFolder: C:^Users^xxxx^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk - C:\Users\xxxx\AppData\Roaming\Dropbox\bin\Dropbox.exe - (Dropbox, Inc.)
MsConfig:64bit - StartUpReg: HTC Sync Loader - hkey= - key= - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
MsConfig:64bit - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files (x86)\Winamp\winampa.exe ()
MsConfig:64bit - State: "startup" - Reg Error: Key error.
MsConfig:64bit - State: "services" - Reg Error: Key error.
 
SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.30 22:35:48 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\xxxx\Desktop\OTL.exe
[2012.09.25 18:11:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.09.25 18:10:28 | 002,322,184 | ---- | C] (ESET) -- C:\Users\xxxx\Desktop\esetsmartinstaller_enu.exe
[2012.09.24 18:24:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.09.24 18:22:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012.09.23 13:42:02 | 000,000,000 | ---D | C] -- C:\Users\xxxx\AppData\Roaming\Malwarebytes
[2012.09.23 13:41:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.09.23 13:41:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.09.23 13:41:35 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.09.23 13:41:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.09.23 13:38:35 | 010,524,080 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\xxxx\Desktop\mbam-setup-1.65.0.1400.exe
[2012.09.14 19:45:55 | 000,000,000 | ---D | C] -- C:\Users\xxxx\AppData\Local\roomeon
[2012.09.14 19:45:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\roomeon 3D-Planer
[2012.09.14 19:45:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\roomeon GmbH
[2012.09.07 21:16:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.30 22:35:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\xxxx\Desktop\OTL.exe
[2012.09.30 22:23:41 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.09.30 22:23:41 | 000,654,150 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.09.30 22:23:41 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.09.30 22:23:41 | 000,130,022 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.09.30 22:23:41 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.09.30 22:05:03 | 000,000,040 | ---- | M] () -- C:\Users\xxxx\AppData\Roaming\cdr.ini
[2012.09.30 22:05:02 | 000,001,008 | ---- | M] () -- C:\Users\xxxx\Desktop\Free CD to MP3 Converter.lnk
[2012.09.30 21:42:51 | 000,002,238 | ---- | M] () -- C:\Users\xxxx\Desktop\Free Audio Converter.lnk
[2012.09.30 21:16:38 | 000,019,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.30 21:16:38 | 000,019,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.30 21:03:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.30 21:03:33 | 2616,696,832 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.28 19:13:50 | 000,513,501 | ---- | M] () -- C:\Users\xxxx\Desktop\adwcleaner.exe
[2012.09.25 18:10:30 | 002,322,184 | ---- | M] (ESET) -- C:\Users\xxxx\Desktop\esetsmartinstaller_enu.exe
[2012.09.23 13:41:36 | 000,001,119 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.09.23 13:38:35 | 010,524,080 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\xxxx\Desktop\mbam-setup-1.65.0.1400.exe
[2012.09.23 12:17:21 | 000,000,000 | ---- | M] () -- C:\Users\xxxx\defogger_reenable
[2012.09.23 12:13:43 | 000,050,477 | ---- | M] () -- C:\Users\xxxx\Desktop\Defogger.exe
[2012.09.22 20:17:53 | 083,023,306 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012.09.22 12:04:46 | 000,011,776 | ---- | M] () -- C:\Users\xxxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.09.01 06:41:55 | 417,261,835 | ---- | M] () -- C:\Windows\MEMORY.DMP
 
========== Files Created - No Company Name ==========
 
[2012.09.28 19:13:49 | 000,513,501 | ---- | C] () -- C:\Users\xxxx\Desktop\adwcleaner.exe
[2012.09.23 13:41:36 | 000,001,119 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.09.23 12:17:21 | 000,000,000 | ---- | C] () -- C:\Users\xxxx\defogger_reenable
[2012.09.23 12:13:42 | 000,050,477 | ---- | C] () -- C:\Users\xxxx\Desktop\Defogger.exe
[2012.09.22 14:20:16 | 083,023,306 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012.04.06 00:28:43 | 000,000,020 | ---- | C] () -- C:\Windows\mafosav.INI
[2011.12.12 00:17:38 | 000,003,460 | ---- | C] () -- C:\Users\xxxx\.recently-used.xbel
[2011.08.07 20:43:47 | 000,011,776 | ---- | C] () -- C:\Users\xxxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.04.17 17:13:27 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.04.17 16:12:13 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\pxhpinst.exe
[2011.04.17 16:11:58 | 000,001,125 | ---- | C] () -- C:\Windows\winamp.ini
[2011.04.16 23:31:00 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.01.21 12:30:06 | 000,311,296 | ---- | C] () -- C:\Windows\SysWow64\EMRegSys.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2011.04.28 18:06:38 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\aicon
[2011.11.13 13:12:05 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\calibre
[2011.05.17 21:10:02 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Canneverbe Limited
[2011.09.23 19:32:51 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Dexpot
[2012.09.30 21:05:00 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Dropbox
[2011.06.02 19:55:17 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Engelmann Media
[2011.06.01 00:40:19 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\FileZilla
[2011.12.12 00:17:38 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\gtk-2.0
[2012.06.10 12:54:27 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Haufe Mediengruppe
[2011.08.06 08:46:11 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\HTC
[2012.04.13 12:56:56 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2011.07.07 23:20:45 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\IrfanView
[2011.04.22 10:12:21 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Juan M. Aguirregabiria
[2012.06.10 12:44:43 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Lexware
[2011.05.07 12:47:19 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Mp3tag
[2011.07.07 23:20:44 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\MusicBee
[2012.01.02 18:51:01 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\MyPhoneExplorer
[2012.09.30 23:02:07 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\NetSpeedMonitor
[2012.07.27 22:08:41 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Nokia
[2012.07.27 22:08:08 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Nokia Suite
[2012.07.27 22:06:40 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\PC Suite
[2011.12.03 12:01:47 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\phonostar GmbH
[2011.11.07 20:37:04 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Rainmeter
[2011.10.25 22:23:49 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Simfy
[2012.09.14 23:54:47 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Spotify
[2012.05.12 00:51:00 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.01.03 16:17:36 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Teeworlds
[2012.01.10 09:49:34 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Unified Remote
[2012.09.22 01:11:18 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\uTorrent
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.09.28 22:27:57 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Adobe
[2011.04.28 18:06:38 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\aicon
[2012.05.06 10:31:45 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Avira
[2011.11.13 13:12:05 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\calibre
[2011.05.17 21:10:02 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Canneverbe Limited
[2011.09.23 19:32:51 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Dexpot
[2012.09.30 21:05:00 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Dropbox
[2011.06.02 19:55:17 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Engelmann Media
[2011.06.01 00:40:19 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\FileZilla
[2011.12.12 00:17:38 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\gtk-2.0
[2012.06.10 12:54:27 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Haufe Mediengruppe
[2011.08.06 08:46:11 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\HTC
[2012.04.13 12:56:56 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2011.04.16 23:37:52 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Identities
[2011.06.10 00:15:25 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Intelli-studio
[2011.07.07 23:20:45 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\IrfanView
[2011.04.22 10:12:21 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Juan M. Aguirregabiria
[2012.06.10 12:44:43 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Lexware
[2011.04.17 11:12:52 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Macromedia
[2012.09.23 13:42:02 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Malwarebytes
[2010.11.21 08:28:37 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Media Center Programs
[2011.11.20 13:05:23 | 000,000,000 | --SD | M] -- C:\Users\xxxx\AppData\Roaming\Microsoft
[2011.04.17 10:47:12 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Mozilla
[2011.05.07 12:47:19 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Mp3tag
[2011.07.07 23:20:44 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\MusicBee
[2012.01.02 18:51:01 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\MyPhoneExplorer
[2012.09.30 23:02:07 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\NetSpeedMonitor
[2012.07.27 22:08:41 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Nokia
[2012.07.27 22:08:08 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Nokia Suite
[2012.07.27 22:06:40 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\PC Suite
[2011.12.03 12:01:47 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\phonostar GmbH
[2011.11.07 20:37:04 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Rainmeter
[2011.10.25 22:23:49 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Simfy
[2012.09.14 23:54:47 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Spotify
[2012.05.12 00:51:00 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.01.03 16:17:36 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Teeworlds
[2012.02.05 02:13:23 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\tor
[2012.01.10 09:49:34 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Unified Remote
[2012.09.22 01:11:18 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\uTorrent
[2012.02.05 03:47:09 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\Vidalia
[2012.09.22 11:40:00 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\vlc
[2011.04.23 00:17:26 | 000,000,000 | ---D | M] -- C:\Users\xxxx\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2012.05.24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\xxxx\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2012.05.24 20:39:24 | 000,872,144 | ---- | M] (Dropbox, Inc.) -- C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2012.05.24 20:39:56 | 000,177,280 | ---- | M] (Dropbox, Inc.) -- C:\Users\xxxx\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2011.08.05 11:59:28 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\xxxx\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2012.08.23 19:19:23 | 005,576,408 | ---- | M] (Spotify Ltd) -- C:\Users\xxxx\AppData\Roaming\Spotify\spotify.exe
[2012.08.23 19:19:23 | 000,114,904 | ---- | M] () -- C:\Users\xxxx\AppData\Roaming\Spotify\SpotifyLauncher.exe
[2012.08.23 19:19:23 | 001,193,176 | ---- | M] () -- C:\Users\xxxx\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2009.07.14 03:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\FirewallAPI.dll

< End of report >
--- --- ---
[/code]

cosinus 01.10.2012 13:20
Hast du OTL wirklich neu runtergeladen?
Weil wir sind jetzt schon bei Version 3.2.70.0 - aber ich weiß nicht, ob diese Version schon gestern oder erst heute rauskam

buergi 01.10.2012 21:39
Hallo,
Habe OTL neu runtergeladen.
Allerdings am Sonntag abend.
Ich kann den scan, wenn nötig, morgen abend mit einer neueren version nochmal machen.

cosinus 02.10.2012 14:47
Vergiss diese Version, die hatte eh einen Bug :(
Jetzt aktuell ist 3.2.70.1

Ich schau mir erstmal dein zuletzt gepostetes an


Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Hinweis: Falls Du Deinen Benutzernamen unkenntlich gemacht hast, musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!!

Code:
:OTL
FF - user.js - File not found
IE - HKU\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>
O3 - HKU\S-1-5-21-3520745990-2397459756-1707785564-1000\..\Toolbar\WebBrowser: (no name) - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - No CLSID value found.
O4 - HKU\S-1-5-21-3520745990-2397459756-1707785564-1000..\Run: []  File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 1
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.07.01 16:48:10 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{8ba7debf-6c33-11e0-94cf-002522896cc3}\Shell - "" = AutoRun
O33 - MountPoints2\{8ba7debf-6c33-11e0-94cf-002522896cc3}\Shell\AutoRun\command - "" = J:\iStudio.exe
:Files
C:\ProgramData\*.pad
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache
C:\Users\xxxx\Downloads\cnet2_abcnbu_zip.exe
C:\Users\xxxx\Downloads\SciLorsGroovesharkcomDownloader.exe
C:\Users\xxxx\Downloads\vlc-1.1.9-win32.exe
G:\zock\old_school_emulatoren\PS2.Emulator.For.PC
I:\alt_eigene_Dat\program_files\SoftonicDownloader_fuer_directory-compare.exe
I:\backup_E\zock\old_school_emulatoren\PS2*
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

buergi 03.10.2012 12:08
hier ist das logfile nach dem Fix.
Ist das alles ok?

Code:
All processes killed
========== OTL ==========
HKU\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}\ not found.
Registry value HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableCAD deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\HideFastUserSwitching deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
E:\AUTOEXEC.BAT moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8ba7debf-6c33-11e0-94cf-002522896cc3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8ba7debf-6c33-11e0-94cf-002522896cc3}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8ba7debf-6c33-11e0-94cf-002522896cc3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8ba7debf-6c33-11e0-94cf-002522896cc3}\ not found.
File J:\iStudio.exe not found.
========== FILES ==========
C:\ProgramData\dsgsdgdsgdsgw.pad moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\tmp folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully.
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully.
Folder move failed. C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 schexxxxd to be moved on reboot.
Folder move failed. C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache schexxxxd to be moved on reboot.
C:\Users\xxxx\Downloads\cnet2_abcnbu_zip.exe moved successfully.
C:\Users\xxxx\Downloads\SciLorsGroovesharkcomDownloader.exe moved successfully.
C:\Users\xxxx\Downloads\vlc-1.1.9-win32.exe moved successfully.
G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\snap folder moved successfully.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\plugins schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\patches schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs schexxxxd to be moved on reboot.
G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\host folder moved successfully.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Docs schexxxxd to be moved on reboot.
G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\bios folder moved successfully.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6 schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC schexxxxd to be moved on reboot.
I:\alt_eigene_Dat\program_files\SoftonicDownloader_fuer_directory-compare.exe moved successfully.
I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\snap folder moved successfully.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\plugins schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\patches schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs schexxxxd to be moved on reboot.
I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\host folder moved successfully.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Docs schexxxxd to be moved on reboot.
I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\bios folder moved successfully.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6 schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC schexxxxd to be moved on reboot.
I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC.zip moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\xxxx\Desktop\cmd.bat deleted successfully.
C:\Users\xxxx\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56466 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: xxxx
->Temp folder emptied: 969116559 bytes
->Temporary Internet Files folder emptied: 107544501 bytes
->Java cache emptied: 1 bytes
->FireFox cache emptied: 1100034386 bytes
->Flash cache emptied: 257949 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 303489478 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36048861 bytes
RecycleBin emptied: 1203712 bytes
 
Total Files Cleaned = 2.401,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.70.1 log created on 10032012_111903

Files\Folders moved on Reboot...
File\Folder C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 not found!
C:\Users\xxxx\AppData\LocalLow\Sun\Java\Deployment\cache folder moved successfully.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\plugins schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\patches schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Docs schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\plugins schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\patches schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Docs schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6 schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\plugins schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\patches schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\CVS schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Docs schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6 schexxxxd to be moved on reboot.
Folder move failed. G:\zock\old_school_emulatoren\PS2.Emulator.For.PC schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\plugins schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\patches schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Docs schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\plugins schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\patches schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Docs schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6 schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\plugins schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\patches schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\tr schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ro schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\nl schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ja schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\it schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\fr schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\es schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\el schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\de schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\ca schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\LC_MESSAGES\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\LC_MESSAGES schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg\CVS schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs\bg schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Langs schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6\Docs schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC\pcsx2_0.6 schexxxxd to be moved on reboot.
Folder move failed. I:\backup_E\zock\old_school_emulatoren\PS2.Emulator.For.PC schexxxxd to be moved on reboot.
C:\Users\xxxx\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

cosinus 03.10.2012 19:13
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtg4nzy0ywy5/settings_2012-09-04.png

buergi 03.10.2012 22:04
ok, hier das nächste logfile..

Vielen Dank!

Code:
22:53:38.0377 4880  TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
22:53:38.0529 4880  ============================================================
22:53:38.0529 4880  Current date / time: 2012/10/03 22:53:38.0529
22:53:38.0529 4880  SystemInfo:
22:53:38.0529 4880 
22:53:38.0529 4880  OS Version: 6.1.7601 ServicePack: 1.0
22:53:38.0529 4880  Product type: Workstation
22:53:38.0529 4880  ComputerName: xxxx-PC
22:53:38.0530 4880  UserName: xxxx
22:53:38.0530 4880  Windows directory: C:\Windows
22:53:38.0530 4880  System windows directory: C:\Windows
22:53:38.0530 4880  Running under WOW64
22:53:38.0530 4880  Processor architecture: Intel x64
22:53:38.0530 4880  Number of processors: 2
22:53:38.0530 4880  Page size: 0x1000
22:53:38.0530 4880  Boot type: Normal boot
22:53:38.0530 4880  ============================================================
22:53:39.0392 4880  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x700FC, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040
22:53:39.0795 4880  Drive \Device\Harddisk2\DR2 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0xE596D, SectorsPerTrack: 0x13, TracksPerCylinder: 0xA4, Type 'K0', Flags 0x00000040
22:53:39.0796 4880  Drive \Device\Harddisk0\DR0 - Size: 0x5D27216000 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:53:39.0800 4880  ============================================================
22:53:39.0800 4880  \Device\Harddisk1\DR1:
22:53:39.0801 4880  MBR partitions:
22:53:39.0801 4880  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x13, BlocksNum 0x74705D6D
22:53:39.0801 4880  \Device\Harddisk2\DR2:
22:53:39.0801 4880  MBR partitions:
22:53:39.0801 4880  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:53:39.0801 4880  \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x34934800
22:53:39.0801 4880  \Device\Harddisk2\DR2\Partition3: MBR, Type 0x7, StartLBA 0x34967000, BlocksNum 0x7A120000
22:53:39.0801 4880  \Device\Harddisk0\DR0:
22:53:39.0801 4880  MBR partitions:
22:53:39.0801 4880  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x62B7DB1
22:53:39.0801 4880  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x62BA22C, BlocksNum 0x2867DA95
22:53:39.0801 4880  ============================================================
22:53:39.0824 4880  C: <-> \Device\Harddisk1\DR1\Partition1
22:53:39.0844 4880  E: <-> \Device\Harddisk0\DR0\Partition1
22:53:39.0853 4880  F: <-> \Device\Harddisk2\DR2\Partition1
22:53:39.0882 4880  G: <-> \Device\Harddisk0\DR0\Partition2
22:53:39.0906 4880  H: <-> \Device\Harddisk2\DR2\Partition2
22:53:39.0935 4880  I: <-> \Device\Harddisk2\DR2\Partition3
22:53:39.0935 4880  ============================================================
22:53:39.0936 4880  Initialize success
22:53:39.0936 4880  ============================================================
22:54:44.0002 2780  ============================================================
22:54:44.0002 2780  Scan started
22:54:44.0002 2780  Mode: Manual; SigCheck; TDLFS;
22:54:44.0002 2780  ============================================================
22:54:45.0169 2780  ================ Scan system memory ========================
22:54:45.0169 2780  System memory - ok
22:54:45.0169 2780  ================ Scan services =============================
22:54:45.0297 2780  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
22:54:45.0397 2780  1394ohci - ok
22:54:45.0418 2780  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:54:45.0436 2780  ACPI - ok
22:54:45.0454 2780  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
22:54:45.0517 2780  AcpiPmi - ok
22:54:45.0567 2780  [ E42F90B27BDDDD611FA7040AFD256FDA ] acsock          C:\Windows\system32\DRIVERS\acsock64.sys
22:54:45.0585 2780  acsock - ok
22:54:45.0713 2780  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx        C:\Windows\system32\drivers\adp94xx.sys
22:54:45.0733 2780  adp94xx - ok
22:54:45.0754 2780  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci        C:\Windows\system32\drivers\adpahci.sys
22:54:45.0770 2780  adpahci - ok
22:54:45.0790 2780  [ E109549C90F62FB570B9540C4B148E54 ] adpu320        C:\Windows\system32\drivers\adpu320.sys
22:54:45.0802 2780  adpu320 - ok
22:54:45.0822 2780  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
22:54:45.0917 2780  AeLookupSvc - ok
22:54:45.0962 2780  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD            C:\Windows\system32\drivers\afd.sys
22:54:46.0013 2780  AFD - ok
22:54:46.0027 2780  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
22:54:46.0039 2780  agp440 - ok
22:54:46.0314 2780  [ 0923671CF87CD511E46D4668B53F5E76 ] Akamai          c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll
22:54:46.0314 2780  Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll. md5: 0923671CF87CD511E46D4668B53F5E76
22:54:46.0326 2780  Akamai ( HiddenFile.Multi.Generic ) - warning
22:54:46.0326 2780  Akamai - detected HiddenFile.Multi.Generic (1)
22:54:46.0349 2780  [ 3290D6946B5E30E70414990574883DDB ] ALG            C:\Windows\System32\alg.exe
22:54:46.0398 2780  ALG - ok
22:54:46.0422 2780  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:54:46.0435 2780  aliide - ok
22:54:46.0483 2780  [ D696F317BD465A602566F8E1DCCE15F7 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:54:46.0546 2780  AMD External Events Utility - ok
22:54:46.0578 2780  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
22:54:46.0588 2780  amdide - ok
22:54:46.0616 2780  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8          C:\Windows\system32\DRIVERS\amdk8.sys
22:54:46.0645 2780  AmdK8 - ok
22:54:46.0651 2780  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
22:54:46.0668 2780  AmdPPM - ok
22:54:46.0708 2780  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
22:54:46.0719 2780  amdsata - ok
22:54:46.0749 2780  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
22:54:46.0763 2780  amdsbs - ok
22:54:46.0779 2780  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata        C:\Windows\system32\drivers\amdxata.sys
22:54:46.0790 2780  amdxata - ok
22:54:46.0833 2780  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchexxxxrService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
22:54:46.0844 2780  AntiVirSchexxxxrService - ok
22:54:46.0875 2780  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
22:54:46.0886 2780  AntiVirService - ok
22:54:46.0913 2780  [ 89A69C3F2F319B43379399547526D952 ] AppID          C:\Windows\system32\drivers\appid.sys
22:54:47.0014 2780  AppID - ok
22:54:47.0030 2780  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:54:47.0083 2780  AppIDSvc - ok
22:54:47.0118 2780  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo        C:\Windows\System32\appinfo.dll
22:54:47.0168 2780  Appinfo - ok
22:54:47.0202 2780  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt        C:\Windows\System32\appmgmts.dll
22:54:47.0229 2780  AppMgmt - ok
22:54:47.0254 2780  [ C484F8CEB1717C540242531DB7845C4E ] arc            C:\Windows\system32\drivers\arc.sys
22:54:47.0266 2780  arc - ok
22:54:47.0272 2780  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
22:54:47.0285 2780  arcsas - ok
22:54:47.0311 2780  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:54:47.0369 2780  AsyncMac - ok
22:54:47.0375 2780  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi          C:\Windows\system32\drivers\atapi.sys
22:54:47.0385 2780  atapi - ok
22:54:47.0476 2780  [ 52BD95CAA9CAE8977FE043E9AD6D2D0E ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
22:54:47.0592 2780  atikmdag - ok
22:54:47.0634 2780  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:54:47.0701 2780  AudioEndpointBuilder - ok
22:54:47.0711 2780  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
22:54:47.0751 2780  AudioSrv - ok
22:54:47.0790 2780  [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
22:54:47.0801 2780  avgntflt - ok
22:54:47.0838 2780  [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
22:54:47.0850 2780  avipbb - ok
22:54:47.0869 2780  [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
22:54:47.0878 2780  avkmgr - ok
22:54:47.0898 2780  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:54:47.0968 2780  AxInstSV - ok
22:54:48.0000 2780  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv        C:\Windows\system32\drivers\bxvbda.sys
22:54:48.0037 2780  b06bdrv - ok
22:54:48.0069 2780  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
22:54:48.0104 2780  b57nd60a - ok
22:54:48.0139 2780  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
22:54:48.0169 2780  BDESVC - ok
22:54:48.0195 2780  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:54:48.0245 2780  Beep - ok
22:54:48.0286 2780  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE            C:\Windows\System32\bfe.dll
22:54:48.0330 2780  BFE - ok
22:54:48.0365 2780  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
22:54:48.0433 2780  BITS - ok
22:54:48.0464 2780  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
22:54:48.0493 2780  blbdrive - ok
22:54:48.0528 2780  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:54:48.0572 2780  bowser - ok
22:54:48.0583 2780  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
22:54:48.0609 2780  BrFiltLo - ok
22:54:48.0627 2780  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
22:54:48.0641 2780  BrFiltUp - ok
22:54:48.0667 2780  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser        C:\Windows\System32\browser.dll
22:54:48.0680 2780  Browser - ok
22:54:48.0688 2780  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
22:54:48.0720 2780  Brserid - ok
22:54:48.0744 2780  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:54:48.0775 2780  BrSerWdm - ok
22:54:48.0796 2780  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:54:48.0826 2780  BrUsbMdm - ok
22:54:48.0851 2780  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:54:48.0863 2780  BrUsbSer - ok
22:54:48.0878 2780  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
22:54:48.0893 2780  BTHMODEM - ok
22:54:48.0913 2780  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv        C:\Windows\system32\bthserv.dll
22:54:48.0949 2780  bthserv - ok
22:54:48.0963 2780  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:54:49.0012 2780  cdfs - ok
22:54:49.0041 2780  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
22:54:49.0054 2780  cdrom - ok
22:54:49.0072 2780  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc    C:\Windows\System32\certprop.dll
22:54:49.0124 2780  CertPropSvc - ok
22:54:49.0142 2780  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
22:54:49.0157 2780  circlass - ok
22:54:49.0185 2780  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
22:54:49.0204 2780  CLFS - ok
22:54:49.0262 2780  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:54:49.0274 2780  clr_optimization_v2.0.50727_32 - ok
22:54:49.0320 2780  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:54:49.0332 2780  clr_optimization_v2.0.50727_64 - ok
22:54:49.0396 2780  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:54:49.0415 2780  clr_optimization_v4.0.30319_32 - ok
22:54:49.0432 2780  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:54:49.0443 2780  clr_optimization_v4.0.30319_64 - ok
22:54:49.0457 2780  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
22:54:49.0484 2780  CmBatt - ok
22:54:49.0500 2780  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:54:49.0511 2780  cmdide - ok
22:54:49.0541 2780  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG            C:\Windows\system32\Drivers\cng.sys
22:54:49.0567 2780  CNG - ok
22:54:49.0582 2780  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
22:54:49.0593 2780  Compbatt - ok
22:54:49.0613 2780  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
22:54:49.0643 2780  CompositeBus - ok
22:54:49.0659 2780  COMSysApp - ok
22:54:49.0666 2780  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk        C:\Windows\system32\drivers\crcdisk.sys
22:54:49.0677 2780  crcdisk - ok
22:54:49.0708 2780  [ 4F5414602E2544A4554D95517948B705 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:54:49.0750 2780  CryptSvc - ok
22:54:49.0774 2780  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC            C:\Windows\system32\drivers\csc.sys
22:54:49.0820 2780  CSC - ok
22:54:49.0841 2780  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
22:54:49.0876 2780  CscService - ok
22:54:49.0918 2780  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:54:49.0978 2780  DcomLaunch - ok
22:54:50.0013 2780  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc      C:\Windows\System32\defragsvc.dll
22:54:50.0053 2780  defragsvc - ok
22:54:50.0083 2780  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:54:50.0136 2780  DfsC - ok
22:54:50.0157 2780  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:54:50.0218 2780  Dhcp - ok
22:54:50.0245 2780  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
22:54:50.0295 2780  discache - ok
22:54:50.0325 2780  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
22:54:50.0337 2780  Disk - ok
22:54:50.0348 2780  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc          C:\Windows\system32\drivers\dmvsc.sys
22:54:50.0379 2780  dmvsc - ok
22:54:50.0410 2780  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:54:50.0444 2780  Dnscache - ok
22:54:50.0469 2780  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc        C:\Windows\System32\dot3svc.dll
22:54:50.0522 2780  dot3svc - ok
22:54:50.0546 2780  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS            C:\Windows\system32\dps.dll
22:54:50.0599 2780  DPS - ok
22:54:50.0647 2780  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
22:54:50.0677 2780  drmkaud - ok
22:54:50.0750 2780  dump_wmimmc - ok
22:54:50.0782 2780  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
22:54:50.0810 2780  DXGKrnl - ok
22:54:50.0824 2780  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost        C:\Windows\System32\eapsvc.dll
22:54:50.0860 2780  EapHost - ok
22:54:50.0919 2780  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv          C:\Windows\system32\drivers\evbda.sys
22:54:50.0996 2780  ebdrv - ok
22:54:51.0030 2780  [ C118A82CD78818C29AB228366EBF81C3 ] EFS            C:\Windows\System32\lsass.exe
22:54:51.0056 2780  EFS - ok
22:54:51.0107 2780  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
22:54:51.0129 2780  ehRecvr - ok
22:54:51.0134 2780  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched        C:\Windows\ehome\ehsched.exe
22:54:51.0166 2780  ehSched - ok
22:54:51.0195 2780  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor        C:\Windows\system32\drivers\elxstor.sys
22:54:51.0214 2780  elxstor - ok
22:54:51.0227 2780  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:54:51.0258 2780  ErrDev - ok
22:54:51.0315 2780  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem    C:\Windows\system32\es.dll
22:54:51.0371 2780  EventSystem - ok
22:54:51.0393 2780  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat          C:\Windows\system32\drivers\exfat.sys
22:54:51.0430 2780  exfat - ok
22:54:51.0445 2780  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat        C:\Windows\system32\drivers\fastfat.sys
22:54:51.0482 2780  fastfat - ok
22:54:51.0509 2780  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax            C:\Windows\system32\fxssvc.exe
22:54:51.0546 2780  Fax - ok
22:54:51.0565 2780  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc            C:\Windows\system32\drivers\fdc.sys
22:54:51.0588 2780  fdc - ok
22:54:51.0613 2780  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost        C:\Windows\system32\fdPHost.dll
22:54:51.0664 2780  fdPHost - ok
22:54:51.0685 2780  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:54:51.0738 2780  FDResPub - ok
22:54:51.0757 2780  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:54:51.0769 2780  FileInfo - ok
22:54:51.0795 2780  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
22:54:51.0847 2780  Filetrace - ok
22:54:51.0871 2780  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
22:54:51.0882 2780  flpydisk - ok
22:54:51.0899 2780  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:54:51.0916 2780  FltMgr - ok
22:54:51.0957 2780  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache      C:\Windows\system32\FntCache.dll
22:54:51.0984 2780  FontCache - ok
22:54:52.0036 2780  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:54:52.0045 2780  FontCache3.0.0.0 - ok
22:54:52.0056 2780  [ D43703496149971890703B4B1B723EAC ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
22:54:52.0068 2780  FsDepends - ok
22:54:52.0092 2780  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:54:52.0103 2780  Fs_Rec - ok
22:54:52.0131 2780  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:54:52.0149 2780  fvevol - ok
22:54:52.0165 2780  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
22:54:52.0177 2780  gagp30kx - ok
22:54:52.0208 2780  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc          C:\Windows\System32\gpsvc.dll
22:54:52.0250 2780  gpsvc - ok
22:54:52.0264 2780  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:54:52.0297 2780  hcw85cir - ok
22:54:52.0354 2780  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:54:52.0386 2780  HdAudAddService - ok
22:54:52.0411 2780  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
22:54:52.0440 2780  HDAudBus - ok
22:54:52.0445 2780  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt        C:\Windows\system32\drivers\HidBatt.sys
22:54:52.0465 2780  HidBatt - ok
22:54:52.0485 2780  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
22:54:52.0500 2780  HidBth - ok
22:54:52.0505 2780  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr          C:\Windows\system32\drivers\hidir.sys
22:54:52.0520 2780  HidIr - ok
22:54:52.0533 2780  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv        C:\Windows\system32\hidserv.dll
22:54:52.0584 2780  hidserv - ok
22:54:52.0617 2780  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:54:52.0628 2780  HidUsb - ok
22:54:52.0653 2780  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:54:52.0708 2780  hkmsvc - ok
22:54:52.0732 2780  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:54:52.0747 2780  HomeGroupListener - ok
22:54:52.0767 2780  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:54:52.0797 2780  HomeGroupProvider - ok
22:54:52.0821 2780  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:54:52.0833 2780  HpSAMD - ok
22:54:52.0866 2780  [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys
22:54:52.0899 2780  HTCAND64 - ok
22:54:52.0964 2780  [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot        C:\Windows\system32\DRIVERS\htcnprot.sys
22:54:52.0974 2780  htcnprot - ok
22:54:53.0007 2780  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:54:53.0065 2780  HTTP - ok
22:54:53.0083 2780  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:54:53.0094 2780  hwpolicy - ok
22:54:53.0106 2780  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
22:54:53.0120 2780  i8042prt - ok
22:54:53.0150 2780  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
22:54:53.0168 2780  iaStorV - ok
22:54:53.0240 2780  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
22:54:53.0246 2780  IDriverT ( UnsignedFile.Multi.Generic ) - warning
22:54:53.0246 2780  IDriverT - detected UnsignedFile.Multi.Generic (1)
22:54:53.0274 2780  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:54:53.0299 2780  idsvc - ok
22:54:53.0338 2780  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp          C:\Windows\system32\drivers\iirsp.sys
22:54:53.0350 2780  iirsp - ok
22:54:53.0383 2780  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
22:54:53.0445 2780  IKEEXT - ok
22:54:53.0470 2780  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
22:54:53.0481 2780  intelide - ok
22:54:53.0502 2780  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
22:54:53.0533 2780  intelppm - ok
22:54:53.0555 2780  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
22:54:53.0606 2780  IPBusEnum - ok
22:54:53.0613 2780  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:54:53.0649 2780  IpFilterDriver - ok
22:54:53.0678 2780  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:54:53.0737 2780  iphlpsvc - ok
22:54:53.0755 2780  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
22:54:53.0768 2780  IPMIDRV - ok
22:54:53.0780 2780  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
22:54:53.0829 2780  IPNAT - ok
22:54:53.0846 2780  [ 05360B1EA5A2ABF620D1D96EBD8BD8F1 ] irda            C:\Windows\system32\DRIVERS\irda.sys
22:54:53.0881 2780  irda - ok
22:54:53.0903 2780  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:54:53.0935 2780  IRENUM - ok
22:54:53.0964 2780  [ 3848384AB383F0A8F506C4370635C1F9 ] Irmon          C:\Windows\System32\irmon.dll
22:54:53.0998 2780  Irmon - ok
22:54:54.0038 2780  [ D2CA12736624BA636F8357DC3EF0757E ] irsir          C:\Windows\system32\DRIVERS\irsir.sys
22:54:54.0075 2780  irsir - ok
22:54:54.0085 2780  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:54:54.0096 2780  isapnp - ok
22:54:54.0125 2780  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:54:54.0140 2780  iScsiPrt - ok
22:54:54.0147 2780  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:54:54.0158 2780  kbdclass - ok
22:54:54.0184 2780  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:54:54.0210 2780  kbdhid - ok
22:54:54.0234 2780  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
22:54:54.0246 2780  KeyIso - ok
22:54:54.0274 2780  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:54:54.0287 2780  KSecDD - ok
22:54:54.0302 2780  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
22:54:54.0316 2780  KSecPkg - ok
22:54:54.0331 2780  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
22:54:54.0382 2780  ksthunk - ok
22:54:54.0418 2780  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm          C:\Windows\system32\msdtckrm.dll
22:54:54.0472 2780  KtmRm - ok
22:54:54.0500 2780  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:54:54.0553 2780  LanmanServer - ok
22:54:54.0588 2780  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:54:54.0625 2780  LanmanWorkstation - ok
22:54:54.0650 2780  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:54:54.0701 2780  lltdio - ok
22:54:54.0738 2780  [ C1185803384AB3FEED115F79F109427F ] lltdsvc        C:\Windows\System32\lltdsvc.dll
22:54:54.0795 2780  lltdsvc - ok
22:54:54.0819 2780  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts        C:\Windows\System32\lmhsvc.dll
22:54:54.0873 2780  lmhosts - ok
22:54:54.0895 2780  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
22:54:54.0907 2780  LSI_FC - ok
22:54:54.0914 2780  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS        C:\Windows\system32\drivers\lsi_sas.sys
22:54:54.0926 2780  LSI_SAS - ok
22:54:54.0942 2780  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
22:54:54.0954 2780  LSI_SAS2 - ok
22:54:54.0968 2780  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
22:54:54.0980 2780  LSI_SCSI - ok
22:54:55.0002 2780  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv          C:\Windows\system32\drivers\luafv.sys
22:54:55.0052 2780  luafv - ok
22:54:55.0097 2780  [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector  C:\Windows\system32\drivers\mbam.sys
22:54:55.0109 2780  MBAMProtector - ok
22:54:55.0135 2780  [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMSchexxxxr  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamschexxxxr.exe
22:54:55.0151 2780  MBAMSchexxxxr - ok
22:54:55.0176 2780  [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
22:54:55.0198 2780  MBAMService - ok
22:54:55.0209 2780  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
22:54:55.0239 2780  Mcx2Svc - ok
22:54:55.0295 2780  [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM            C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
22:54:55.0317 2780  MDM ( UnsignedFile.Multi.Generic ) - warning
22:54:55.0317 2780  MDM - detected UnsignedFile.Multi.Generic (1)
22:54:55.0335 2780  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas        C:\Windows\system32\drivers\megasas.sys
22:54:55.0347 2780  megasas - ok
22:54:55.0368 2780  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
22:54:55.0382 2780  MegaSR - ok
22:54:55.0419 2780  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
22:54:55.0431 2780  Microsoft Office Groove Audit Service - ok
22:54:55.0443 2780  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS          C:\Windows\system32\mmcss.dll
22:54:55.0493 2780  MMCSS - ok
22:54:55.0511 2780  [ 800BA92F7010378B09F9ED9270F07137 ] Modem          C:\Windows\system32\drivers\modem.sys
22:54:55.0546 2780  Modem - ok
22:54:55.0563 2780  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
22:54:55.0589 2780  monitor - ok
22:54:55.0610 2780  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:54:55.0621 2780  mouclass - ok
22:54:55.0633 2780  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\drivers\mouhid.sys
22:54:55.0663 2780  mouhid - ok
22:54:55.0686 2780  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:54:55.0698 2780  mountmgr - ok
22:54:55.0753 2780  [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:54:55.0769 2780  MozillaMaintenance - ok
22:54:55.0779 2780  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:54:55.0793 2780  mpio - ok
22:54:55.0806 2780  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:54:55.0842 2780  mpsdrv - ok
22:54:55.0879 2780  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:54:55.0924 2780  MpsSvc - ok
22:54:55.0941 2780  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:54:55.0977 2780  MRxDAV - ok
22:54:56.0013 2780  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:54:56.0053 2780  mrxsmb - ok
22:54:56.0089 2780  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:54:56.0104 2780  mrxsmb10 - ok
22:54:56.0117 2780  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:54:56.0129 2780  mrxsmb20 - ok
22:54:56.0143 2780  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:54:56.0154 2780  msahci - ok
22:54:56.0161 2780  [ DB801A638D011B9633829EB6F663C900 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
22:54:56.0173 2780  msdsm - ok
22:54:56.0186 2780  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC          C:\Windows\System32\msdtc.exe
22:54:56.0202 2780  MSDTC - ok
22:54:56.0223 2780  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:54:56.0272 2780  Msfs - ok
22:54:56.0293 2780  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
22:54:56.0330 2780  mshidkmdf - ok
22:54:56.0347 2780  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:54:56.0358 2780  msisadrv - ok
22:54:56.0389 2780  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
22:54:56.0426 2780  MSiSCSI - ok
22:54:56.0432 2780  msiserver - ok
22:54:56.0457 2780  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
22:54:56.0505 2780  MSKSSRV - ok
22:54:56.0512 2780  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:54:56.0554 2780  MSPCLOCK - ok
22:54:56.0577 2780  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
22:54:56.0625 2780  MSPQM - ok
22:54:56.0655 2780  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
22:54:56.0673 2780  MsRPC - ok
22:54:56.0691 2780  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
22:54:56.0703 2780  mssmbios - ok
22:54:56.0712 2780  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
22:54:56.0764 2780  MSTEE - ok
22:54:56.0770 2780  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
22:54:56.0782 2780  MTConfig - ok
22:54:56.0801 2780  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup            C:\Windows\system32\Drivers\mup.sys
22:54:56.0813 2780  Mup - ok
22:54:56.0840 2780  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
22:54:56.0899 2780  napagent - ok
22:54:56.0920 2780  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
22:54:56.0953 2780  NativeWifiP - ok
22:54:56.0998 2780  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:54:57.0026 2780  NDIS - ok
22:54:57.0041 2780  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
22:54:57.0077 2780  NdisCap - ok
22:54:57.0094 2780  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:54:57.0129 2780  NdisTapi - ok
22:54:57.0135 2780  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
22:54:57.0168 2780  Ndisuio - ok
22:54:57.0184 2780  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
22:54:57.0236 2780  NdisWan - ok
22:54:57.0256 2780  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
22:54:57.0290 2780  NDProxy - ok
22:54:57.0299 2780  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
22:54:57.0348 2780  NetBIOS - ok
22:54:57.0372 2780  [ 09594D1089C523423B32A4229263F068 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
22:54:57.0408 2780  NetBT - ok
22:54:57.0414 2780  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
22:54:57.0426 2780  Netlogon - ok
22:54:57.0467 2780  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
22:54:57.0526 2780  Netman - ok
22:54:57.0558 2780  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
22:54:57.0612 2780  netprofm - ok
22:54:57.0641 2780  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:54:57.0653 2780  NetTcpPortSharing - ok
22:54:57.0669 2780  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960        C:\Windows\system32\drivers\nfrd960.sys
22:54:57.0681 2780  nfrd960 - ok
22:54:57.0701 2780  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:54:57.0753 2780  NlaSvc - ok
22:54:57.0813 2780  [ 5FE6F8C05F0769BBB74AFAC11453B182 ] nmwcd          C:\Windows\system32\drivers\ccdcmbx64.sys
22:54:57.0858 2780  nmwcd - ok
22:54:57.0878 2780  [ 73C929945C0850B8D1FE2FEA05FDF05D ] nmwcdc          C:\Windows\system32\drivers\ccdcmbox64.sys
22:54:57.0917 2780  nmwcdc - ok
22:54:57.0925 2780  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:54:57.0960 2780  Npfs - ok
22:54:57.0967 2780  npggsvc - ok
22:54:57.0974 2780  NPPTNT2 - ok
22:54:58.0013 2780  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi            C:\Windows\system32\nsisvc.dll
22:54:58.0049 2780  nsi - ok
22:54:58.0054 2780  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:54:58.0102 2780  nsiproxy - ok
22:54:58.0152 2780  [ A2F74975097F52A00745F9637451FDD8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:54:58.0194 2780  Ntfs - ok
22:54:58.0207 2780  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
22:54:58.0259 2780  Null - ok
22:54:58.0291 2780  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:54:58.0303 2780  nvraid - ok
22:54:58.0327 2780  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:54:58.0340 2780  nvstor - ok
22:54:58.0359 2780  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:54:58.0371 2780  nv_agp - ok
22:54:58.0420 2780  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:54:58.0439 2780  odserv - ok
22:54:58.0452 2780  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:54:58.0480 2780  ohci1394 - ok
22:54:58.0533 2780  [ 5A432A042DAE460ABE7199B758E8606C ] ose            C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:54:58.0545 2780  ose - ok
22:54:58.0580 2780  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:54:58.0611 2780  p2pimsvc - ok
22:54:58.0638 2780  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
22:54:58.0657 2780  p2psvc - ok
22:54:58.0676 2780  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport        C:\Windows\system32\DRIVERS\parport.sys
22:54:58.0709 2780  Parport - ok
22:54:58.0741 2780  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr        C:\Windows\system32\drivers\partmgr.sys
22:54:58.0753 2780  partmgr - ok
22:54:58.0805 2780  [ A1E779A0CF7A21B42E8FD3E8856D8481 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
22:54:58.0824 2780  PassThru Service ( UnsignedFile.Multi.Generic ) - warning
22:54:58.0825 2780  PassThru Service - detected UnsignedFile.Multi.Generic (1)
22:54:58.0849 2780  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:54:58.0888 2780  PcaSvc - ok
22:54:58.0931 2780  [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
22:54:58.0942 2780  pccsmcfd - ok
22:54:58.0964 2780  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci            C:\Windows\system32\drivers\pci.sys
22:54:58.0978 2780  pci - ok
22:54:58.0994 2780  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
22:54:59.0005 2780  pciide - ok
22:54:59.0018 2780  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
22:54:59.0031 2780  pcmcia - ok
22:54:59.0047 2780  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw            C:\Windows\system32\drivers\pcw.sys
22:54:59.0059 2780  pcw - ok
22:54:59.0082 2780  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:54:59.0125 2780  PEAUTH - ok
22:54:59.0157 2780  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc    C:\Windows\system32\peerdistsvc.dll
22:54:59.0208 2780  PeerDistSvc - ok
22:54:59.0262 2780  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:54:59.0276 2780  PerfHost - ok
22:54:59.0337 2780  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla            C:\Windows\system32\pla.dll
22:54:59.0410 2780  pla - ok
22:54:59.0465 2780  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:54:59.0483 2780  PlugPlay - ok
22:54:59.0500 2780  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
22:54:59.0526 2780  PNRPAutoReg - ok
22:54:59.0535 2780  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
22:54:59.0551 2780  PNRPsvc - ok
22:54:59.0590 2780  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
22:54:59.0648 2780  PolicyAgent - ok
22:54:59.0682 2780  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power          C:\Windows\system32\umpo.dll
22:54:59.0742 2780  Power - ok
22:54:59.0780 2780  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:54:59.0834 2780  PptpMiniport - ok
22:54:59.0851 2780  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor      C:\Windows\system32\drivers\processr.sys
22:54:59.0876 2780  Processor - ok
22:54:59.0910 2780  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc        C:\Windows\system32\profsvc.dll
22:54:59.0943 2780  ProfSvc - ok
22:54:59.0963 2780  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:54:59.0974 2780  ProtectedStorage - ok
22:54:59.0991 2780  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:55:00.0040 2780  Psched - ok
22:55:00.0087 2780  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
22:55:00.0125 2780  ql2300 - ok
22:55:00.0139 2780  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
22:55:00.0151 2780  ql40xx - ok
22:55:00.0178 2780  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE          C:\Windows\system32\qwave.dll
22:55:00.0200 2780  QWAVE - ok
22:55:00.0216 2780  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:55:00.0235 2780  QWAVEdrv - ok
22:55:00.0246 2780  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:55:00.0281 2780  RasAcd - ok
22:55:00.0307 2780  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
22:55:00.0342 2780  RasAgileVpn - ok
22:55:00.0348 2780  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto        C:\Windows\System32\rasauto.dll
22:55:00.0405 2780  RasAuto - ok
22:55:00.0427 2780  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
22:55:00.0473 2780  Rasl2tp - ok
22:55:00.0501 2780  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
22:55:00.0541 2780  RasMan - ok
22:55:00.0558 2780  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:55:00.0607 2780  RasPppoe - ok
22:55:00.0626 2780  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
22:55:00.0662 2780  RasSstp - ok
22:55:00.0678 2780  [ 77F665941019A1594D887A74F301FA2F ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
22:55:00.0717 2780  rdbss - ok
22:55:00.0727 2780  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
22:55:00.0753 2780  rdpbus - ok
22:55:00.0772 2780  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:55:00.0807 2780  RDPCDD - ok
22:55:00.0825 2780  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR          C:\Windows\system32\drivers\rdpdr.sys
22:55:00.0837 2780  RDPDR - ok
22:55:00.0928 2780  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:55:00.0992 2780  RDPENCDD - ok
22:55:01.0015 2780  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:55:01.0049 2780  RDPREFMP - ok
22:55:01.0072 2780  [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:55:01.0095 2780  RdpVideoMiniport - ok
22:55:01.0129 2780  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
22:55:01.0142 2780  RDPWD - ok
22:55:01.0161 2780  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:55:01.0175 2780  rdyboost - ok
22:55:01.0201 2780  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:55:01.0255 2780  RemoteAccess - ok
22:55:01.0287 2780  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:55:01.0338 2780  RemoteRegistry - ok
22:55:01.0365 2780  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:55:01.0415 2780  RpcEptMapper - ok
22:55:01.0432 2780  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
22:55:01.0446 2780  RpcLocator - ok
22:55:01.0468 2780  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs          C:\Windows\system32\rpcss.dll
22:55:01.0507 2780  RpcSs - ok
22:55:01.0525 2780  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:55:01.0560 2780  rspndr - ok
22:55:01.0588 2780  [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167        C:\Windows\system32\DRIVERS\Rt64win7.sys
22:55:01.0602 2780  RTL8167 - ok
22:55:01.0631 2780  [ E60C0A09F997826C7627B244195AB581 ] s3cap          C:\Windows\system32\drivers\vms3cap.sys
22:55:01.0656 2780  s3cap - ok
22:55:01.0677 2780  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs          C:\Windows\system32\lsass.exe
22:55:01.0688 2780  SamSs - ok
22:55:01.0703 2780  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:55:01.0714 2780  sbp2port - ok
22:55:01.0742 2780  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:55:01.0782 2780  SCardSvr - ok
22:55:01.0788 2780  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:55:01.0838 2780  scfilter - ok
22:55:01.0870 2780  [ 262F6592C3299C005FD6BEC90FC4463A ] Schexxxx        C:\Windows\system32\schedsvc.dll
22:55:01.0917 2780  Schexxxx - ok
22:55:01.0938 2780  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc    C:\Windows\System32\certprop.dll
22:55:01.0971 2780  SCPolicySvc - ok
22:55:01.0994 2780  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:55:02.0021 2780  SDRSVC - ok
22:55:02.0042 2780  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:55:02.0077 2780  secdrv - ok
22:55:02.0090 2780  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
22:55:02.0125 2780  seclogon - ok
22:55:02.0137 2780  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
22:55:02.0191 2780  SENS - ok
22:55:02.0213 2780  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:55:02.0238 2780  SensrSvc - ok
22:55:02.0268 2780  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum        C:\Windows\system32\DRIVERS\serenum.sys
22:55:02.0296 2780  Serenum - ok
22:55:02.0318 2780  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
22:55:02.0352 2780  Serial - ok
22:55:02.0373 2780  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
22:55:02.0397 2780  sermouse - ok
22:55:02.0491 2780  [ C15B813F2FDB44F87F23312472C6E790 ] ServiceLayer    C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
22:55:02.0510 2780  ServiceLayer - ok
22:55:02.0536 2780  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
22:55:02.0588 2780  SessionEnv - ok
22:55:02.0605 2780  [ A554811BCD09279536440C964AE35BBF ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
22:55:02.0620 2780  sffdisk - ok
22:55:02.0636 2780  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:55:02.0663 2780  sffp_mmc - ok
22:55:02.0686 2780  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
22:55:02.0718 2780  sffp_sd - ok
22:55:02.0734 2780  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy        C:\Windows\system32\drivers\sfloppy.sys
22:55:02.0762 2780  sfloppy - ok
22:55:02.0796 2780  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:55:02.0855 2780  SharedAccess - ok
22:55:02.0879 2780  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:55:02.0918 2780  ShellHWDetection - ok
22:55:02.0928 2780  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
22:55:02.0940 2780  SiSRaid2 - ok
22:55:02.0946 2780  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
22:55:02.0958 2780  SiSRaid4 - ok
22:55:02.0966 2780  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
22:55:03.0020 2780  Smb - ok
22:55:03.0065 2780  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:55:03.0097 2780  SNMPTRAP - ok
22:55:03.0119 2780  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr          C:\Windows\system32\drivers\spldr.sys
22:55:03.0129 2780  spldr - ok
22:55:03.0160 2780  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler        C:\Windows\System32\spoolsv.exe
22:55:03.0179 2780  Spooler - ok
22:55:03.0234 2780  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
22:55:03.0321 2780  sppsvc - ok
22:55:03.0347 2780  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
22:55:03.0384 2780  sppuinotify - ok
22:55:03.0417 2780  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv            C:\Windows\system32\DRIVERS\srv.sys
22:55:03.0444 2780  srv - ok
22:55:03.0467 2780  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:55:03.0499 2780  srv2 - ok
22:55:03.0527 2780  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:55:03.0541 2780  srvnet - ok
22:55:03.0565 2780  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
22:55:03.0603 2780  SSDPSRV - ok
22:55:03.0619 2780  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc        C:\Windows\system32\sstpsvc.dll
22:55:03.0655 2780  SstpSvc - ok
22:55:03.0668 2780  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
22:55:03.0679 2780  stexstor - ok
22:55:03.0711 2780  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
22:55:03.0751 2780  stisvc - ok
22:55:03.0781 2780  [ 7785DC213270D2FC066538DAF94087E7 ] storflt        C:\Windows\system32\drivers\vmstorfl.sys
22:55:03.0793 2780  storflt - ok
22:55:03.0810 2780  [ C40841817EF57D491F22EB103DA587CC ] StorSvc        C:\Windows\system32\storsvc.dll
22:55:03.0823 2780  StorSvc - ok
22:55:03.0849 2780  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc        C:\Windows\system32\drivers\storvsc.sys
22:55:03.0860 2780  storvsc - ok
22:55:03.0875 2780  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
22:55:03.0885 2780  swenum - ok
22:55:03.0979 2780  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard    C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
22:55:04.0009 2780  SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
22:55:04.0009 2780  SwitchBoard - detected UnsignedFile.Multi.Generic (1)
22:55:04.0041 2780  [ E08E46FDD841B7184194011CA1955A0B ] swprv          C:\Windows\System32\swprv.dll
22:55:04.0105 2780  swprv - ok
22:55:04.0130 2780  [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
22:55:04.0143 2780  Synth3dVsc - ok
22:55:04.0178 2780  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain        C:\Windows\system32\sysmain.dll
22:55:04.0232 2780  SysMain - ok
22:55:04.0260 2780  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:55:04.0296 2780  TabletInputService - ok
22:55:04.0322 2780  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv        C:\Windows\System32\tapisrv.dll
22:55:04.0379 2780  TapiSrv - ok
22:55:04.0405 2780  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS            C:\Windows\System32\tbssvc.dll
22:55:04.0441 2780  TBS - ok
22:55:04.0484 2780  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
22:55:04.0531 2780  Tcpip - ok
22:55:04.0561 2780  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:55:04.0600 2780  TCPIP6 - ok
22:55:04.0615 2780  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:55:04.0648 2780  tcpipreg - ok
22:55:04.0663 2780  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:55:04.0684 2780  TDPIPE - ok
22:55:04.0716 2780  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
22:55:04.0745 2780  TDTCP - ok
22:55:04.0773 2780  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
22:55:04.0809 2780  tdx - ok
22:55:04.0820 2780  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
22:55:04.0832 2780  TermDD - ok
22:55:04.0848 2780  [ 2B5BDFF688EC9871D7EC5837833374E9 ] terminpt        C:\Windows\system32\drivers\terminpt.sys
22:55:04.0877 2780  terminpt - ok
22:55:04.0915 2780  [ 2E648163254233755035B46DD7B89123 ] TermService    C:\Windows\System32\termsrv.dll
22:55:04.0973 2780  TermService - ok
22:55:05.0002 2780  [ 9201BE2BAB8A9FF8E20D8439AE3BB04D ] Themes          C:\Windows\system32\themeservice.dll
22:55:05.0008 2780  Themes ( UnsignedFile.Multi.Generic ) - warning
22:55:05.0008 2780  Themes - detected UnsignedFile.Multi.Generic (1)
22:55:05.0022 2780  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER    C:\Windows\system32\mmcss.dll
22:55:05.0058 2780  THREADORDER - ok
22:55:05.0071 2780  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
22:55:05.0122 2780  TrkWks - ok
22:55:05.0168 2780  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:55:05.0225 2780  TrustedInstaller - ok
22:55:05.0248 2780  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:55:05.0298 2780  tssecsrv - ok
22:55:05.0321 2780  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:55:05.0332 2780  TsUsbFlt - ok
22:55:05.0337 2780  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD        C:\Windows\system32\drivers\TsUsbGD.sys
22:55:05.0365 2780  TsUsbGD - ok
22:55:05.0392 2780  [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
22:55:05.0420 2780  tsusbhub - ok
22:55:05.0454 2780  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:55:05.0500 2780  tunnel - ok
22:55:05.0584 2780  [ E0A9B5B92097211A57FD16D27F2B3750 ] TVersityMediaServer C:\ProgramData\TVersity\Media Server\MediaServer.exe
22:55:05.0600 2780  TVersityMediaServer ( UnsignedFile.Multi.Generic ) - warning
22:55:05.0600 2780  TVersityMediaServer - detected UnsignedFile.Multi.Generic (1)
22:55:05.0616 2780  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
22:55:05.0627 2780  uagp35 - ok
22:55:05.0647 2780  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:55:05.0703 2780  udfs - ok
22:55:05.0733 2780  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect      C:\Windows\system32\UI0Detect.exe
22:55:05.0747 2780  UI0Detect - ok
22:55:05.0761 2780  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:55:05.0774 2780  uliagpkx - ok
22:55:05.0799 2780  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
22:55:05.0828 2780  umbus - ok
22:55:05.0833 2780  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
22:55:05.0853 2780  UmPass - ok
22:55:05.0875 2780  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
22:55:05.0906 2780  UmRdpService - ok
22:55:05.0933 2780  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
22:55:05.0988 2780  upnphost - ok
22:55:06.0043 2780  [ 34AFB83C7BBA370E404E52CC2290350C ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
22:55:06.0085 2780  upperdev - ok
22:55:06.0119 2780  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
22:55:06.0130 2780  usbccgp - ok
22:55:06.0147 2780  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:55:06.0163 2780  usbcir - ok
22:55:06.0186 2780  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
22:55:06.0212 2780  usbehci - ok
22:55:06.0236 2780  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:55:06.0264 2780  usbhub - ok
22:55:06.0289 2780  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci        C:\Windows\system32\DRIVERS\usbohci.sys
22:55:06.0316 2780  usbohci - ok
22:55:06.0333 2780  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
22:55:06.0366 2780  usbprint - ok
22:55:06.0406 2780  [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser          C:\Windows\system32\drivers\usbser.sys
22:55:06.0416 2780  usbser - ok
22:55:06.0429 2780  [ AA75E1EFBEE7186B4CBAAACF1F15E6CA ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
22:55:06.0466 2780  UsbserFilt - ok
22:55:06.0487 2780  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:55:06.0515 2780  USBSTOR - ok
22:55:06.0544 2780  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci        C:\Windows\system32\drivers\usbuhci.sys
22:55:06.0573 2780  usbuhci - ok
22:55:06.0594 2780  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms          C:\Windows\System32\uxsms.dll
22:55:06.0630 2780  UxSms - ok
22:55:06.0635 2780  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
22:55:06.0647 2780  VaultSvc - ok
22:55:06.0671 2780  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:55:06.0682 2780  vdrvroot - ok
22:55:06.0714 2780  [ 8D6B481601D01A456E75C3210F1830BE ] vds            C:\Windows\System32\vds.exe
22:55:06.0768 2780  vds - ok
22:55:06.0791 2780  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
22:55:06.0804 2780  vga - ok
22:55:06.0823 2780  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave        C:\Windows\System32\drivers\vga.sys
22:55:06.0858 2780  VgaSave - ok
22:55:06.0863 2780  VGPU - ok
22:55:06.0872 2780  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
22:55:06.0885 2780  vhdmp - ok
22:55:06.0896 2780  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:55:06.0907 2780  viaide - ok
22:55:06.0925 2780  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus          C:\Windows\system32\drivers\vmbus.sys
22:55:06.0939 2780  vmbus - ok
22:55:06.0949 2780  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
22:55:06.0960 2780  VMBusHID - ok
22:55:06.0971 2780  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:55:06.0984 2780  volmgr - ok
22:55:06.0994 2780  [ A255814907C89BE58B79EF2F189B843B ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
22:55:07.0011 2780  volmgrx - ok
22:55:07.0031 2780  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap        C:\Windows\system32\drivers\volsnap.sys
22:55:07.0047 2780  volsnap - ok
22:55:07.0096 2780  [ F937E203D6F18FAD36B68D92DF02775D ] vpnagent        C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
22:55:07.0115 2780  vpnagent - ok
22:55:07.0146 2780  [ 845DAE50510383B7F6ACA73CE2099048 ] vpnva          C:\Windows\system32\DRIVERS\vpnva64.sys
22:55:07.0156 2780  vpnva - ok
22:55:07.0175 2780  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid        C:\Windows\system32\drivers\vsmraid.sys
22:55:07.0189 2780  vsmraid - ok
22:55:07.0223 2780  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS            C:\Windows\system32\vssvc.exe
22:55:07.0300 2780  VSS - ok
22:55:07.0324 2780  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
22:55:07.0374 2780  vwifibus - ok
22:55:07.0402 2780  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time        C:\Windows\system32\w32time.dll
22:55:07.0444 2780  W32Time - ok
22:55:07.0460 2780  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
22:55:07.0490 2780  WacomPen - ok
22:55:07.0536 2780  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:55:07.0584 2780  WANARP - ok
22:55:07.0588 2780  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:55:07.0623 2780  Wanarpv6 - ok
22:55:07.0665 2780  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
22:55:07.0712 2780  wbengine - ok
22:55:07.0733 2780  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:55:07.0754 2780  WbioSrvc - ok
22:55:07.0773 2780  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc        C:\Windows\System32\wcncsvc.dll
22:55:07.0815 2780  wcncsvc - ok
22:55:07.0837 2780  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:55:07.0865 2780  WcsPlugInService - ok
22:55:07.0886 2780  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
22:55:07.0897 2780  Wd - ok
22:55:07.0922 2780  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:55:07.0946 2780  Wdf01000 - ok
22:55:07.0955 2780  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:55:07.0986 2780  WdiServiceHost - ok
22:55:07.0990 2780  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost  C:\Windows\system32\wdi.dll
22:55:08.0008 2780  WdiSystemHost - ok
22:55:08.0035 2780  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient      C:\Windows\System32\webclnt.dll
22:55:08.0069 2780  WebClient - ok
22:55:08.0099 2780  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:55:08.0153 2780  Wecsvc - ok
22:55:08.0171 2780  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
22:55:08.0208 2780  wercplsupport - ok
22:55:08.0223 2780  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:55:08.0261 2780  WerSvc - ok
22:55:08.0269 2780  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:55:08.0305 2780  WfpLwf - ok
22:55:08.0319 2780  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:55:08.0330 2780  WIMMount - ok
22:55:08.0338 2780  WinDefend - ok
22:55:08.0344 2780  WinHttpAutoProxySvc - ok
22:55:08.0386 2780  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
22:55:08.0423 2780  Winmgmt - ok
22:55:08.0474 2780  [ BCB1310604AA415C4508708975B3931E ] WinRM          C:\Windows\system32\WsmSvc.dll
22:55:08.0540 2780  WinRM - ok
22:55:08.0583 2780  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
22:55:08.0611 2780  WinUsb - ok
22:55:08.0641 2780  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc        C:\Windows\System32\wlansvc.dll
22:55:08.0690 2780  Wlansvc - ok
22:55:08.0695 2780  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi        C:\Windows\system32\drivers\wmiacpi.sys
22:55:08.0708 2780  WmiAcpi - ok
22:55:08.0733 2780  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:55:08.0760 2780  wmiApSrv - ok
22:55:08.0779 2780  WMPNetworkSvc - ok
22:55:08.0793 2780  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:55:08.0806 2780  WPCSvc - ok
22:55:08.0823 2780  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:55:08.0837 2780  WPDBusEnum - ok
22:55:08.0855 2780  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
22:55:08.0889 2780  ws2ifsl - ok
22:55:08.0907 2780  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
22:55:08.0942 2780  wscsvc - ok
22:55:08.0947 2780  WSearch - ok
22:55:09.0012 2780  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:55:09.0069 2780  wuauserv - ok
22:55:09.0085 2780  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:55:09.0131 2780  WudfPf - ok
22:55:09.0164 2780  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:55:09.0199 2780  WUDFRd - ok
22:55:09.0214 2780  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
22:55:09.0250 2780  wudfsvc - ok
22:55:09.0271 2780  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc        C:\Windows\System32\wwansvc.dll
22:55:09.0325 2780  WwanSvc - ok
22:55:09.0354 2780  ================ Scan global ===============================
22:55:09.0372 2780  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:55:09.0402 2780  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
22:55:09.0410 2780  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
22:55:09.0437 2780  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:55:09.0465 2780  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:55:09.0469 2780  [Global] - ok
22:55:09.0470 2780  ================ Scan MBR ==================================
22:55:09.0479 2780  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
22:55:09.0657 2780  \Device\Harddisk1\DR1 - ok
22:55:09.0660 2780  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
22:55:10.0190 2780  \Device\Harddisk2\DR2 - ok
22:55:10.0195 2780  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
22:55:10.0422 2780  \Device\Harddisk0\DR0 - ok
22:55:10.0422 2780  ================ Scan VBR ==================================
22:55:10.0426 2780  [ 3082C73CCBE518F8C79EAADC42D5C0C0 ] \Device\Harddisk1\DR1\Partition1
22:55:10.0427 2780  \Device\Harddisk1\DR1\Partition1 - ok
22:55:10.0433 2780  [ 4F17A4348A96917D15879A4D63189F44 ] \Device\Harddisk2\DR2\Partition1
22:55:10.0434 2780  \Device\Harddisk2\DR2\Partition1 - ok
22:55:10.0438 2780  [ 002DDE7726B5153C196ECC137D519AEE ] \Device\Harddisk2\DR2\Partition2
22:55:10.0440 2780  \Device\Harddisk2\DR2\Partition2 - ok
22:55:10.0444 2780  [ 2F24275FA0946FB950CF73B4D8804017 ] \Device\Harddisk2\DR2\Partition3
22:55:10.0446 2780  \Device\Harddisk2\DR2\Partition3 - ok
22:55:10.0451 2780  [ 095D4BC4A9FB7503DE0A1D55893DA61D ] \Device\Harddisk0\DR0\Partition1
22:55:10.0452 2780  \Device\Harddisk0\DR0\Partition1 - ok
22:55:10.0457 2780  [ E6CB43444DE1F0E2AE71F850C010A52D ] \Device\Harddisk0\DR0\Partition2
22:55:10.0458 2780  \Device\Harddisk0\DR0\Partition2 - ok
22:55:10.0459 2780  ============================================================
22:55:10.0459 2780  Scan finished
22:55:10.0459 2780  ============================================================
22:55:10.0471 1176  Detected object count: 7
22:55:10.0471 1176  Actual detected object count: 7
22:55:31.0480 1176  Akamai ( HiddenFile.Multi.Generic ) - skipped by user
22:55:31.0480 1176  Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
22:55:31.0482 1176  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
22:55:31.0482 1176  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:55:31.0484 1176  MDM ( UnsignedFile.Multi.Generic ) - skipped by user
22:55:31.0484 1176  MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:55:31.0486 1176  PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:55:31.0486 1176  PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:55:31.0489 1176  SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
22:55:31.0489 1176  SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:55:31.0491 1176  Themes ( UnsignedFile.Multi.Generic ) - skipped by user
22:55:31.0491 1176  Themes ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:55:31.0494 1176  TVersityMediaServer ( UnsignedFile.Multi.Generic ) - skipped by user
22:55:31.0494 1176  TVersityMediaServer ( UnsignedFile.Multi.Generic ) - User select action: Skip

cosinus 04.10.2012 09:43
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

buergi 05.10.2012 21:08
Hallo!

Hier ist das Logfile nach CombiFix:

Combofix Logfile:
Code:
ComboFix 12-10-04.02 - xxxx 05.10.2012  21:42:28.1.2 - x64
Microsoft Windows 7 Enterprise  6.1.7601.1.1252.49.1031.18.3327.2135 [GMT 2:00]
ausgeführt von:: c:\users\xxxx\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-09-05 bis 2012-10-05  ))))))))))))))))))))))))))))))
.
.
2012-10-05 19:51 . 2012-10-05 19:51        --------        d-----w-        c:\users\Default\AppData\Local\temp
2012-10-03 12:31 . 2012-10-03 12:31        --------        d-----w-        c:\program files (x86)\Unified Remote
2012-10-03 09:19 . 2012-10-03 09:19        --------        d-----w-        C:\_OTL
2012-09-30 20:05 . 2001-03-23 14:29        880912        ----a-w-        c:\windows\WM8EUTIL.exe
2012-09-26 17:17 . 2012-08-21 21:01        245760        ----a-w-        c:\windows\system32\OxpsConverter.exe
2012-09-25 16:11 . 2012-09-25 16:11        --------        d-----w-        c:\program files (x86)\ESET
2012-09-24 16:24 . 2012-09-24 16:24        --------        d-----w-        c:\program files (x86)\Common Files\Java
2012-09-24 16:22 . 2012-09-24 16:22        95208        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-09-24 16:22 . 2012-09-24 16:22        --------        d-----w-        c:\program files (x86)\Java
2012-09-23 11:42 . 2012-09-23 11:42        --------        d-----w-        c:\users\xxxx\AppData\Roaming\Malwarebytes
2012-09-23 11:41 . 2012-09-23 11:41        --------        d-----w-        c:\programdata\Malwarebytes
2012-09-23 11:41 . 2012-09-23 11:41        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware
2012-09-23 11:41 . 2012-09-07 15:04        25928        ----a-w-        c:\windows\system32\drivers\mbam.sys
2012-09-14 17:45 . 2012-09-14 17:45        --------        d-----w-        c:\users\xxxx\AppData\Local\roomeon
2012-09-14 17:45 . 2012-09-14 17:45        --------        d-----w-        c:\program files (x86)\roomeon GmbH
2012-09-12 16:01 . 2012-08-22 18:12        950128        ----a-w-        c:\windows\system32\drivers\ndis.sys
2012-09-12 16:01 . 2012-07-04 20:26        41472        ----a-w-        c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 16:01 . 2012-08-02 17:58        574464        ----a-w-        c:\windows\system32\d3d10level9.dll
2012-09-12 16:01 . 2012-08-02 16:57        490496        ----a-w-        c:\windows\SysWow64\d3d10level9.dll
2012-09-12 16:01 . 2012-08-22 18:12        1913200        ----a-w-        c:\windows\system32\drivers\tcpip.sys
2012-09-12 16:01 . 2012-08-22 18:12        376688        ----a-w-        c:\windows\system32\drivers\netio.sys
2012-09-12 16:01 . 2012-08-22 18:12        288624        ----a-w-        c:\windows\system32\drivers\FWPKCLNT.SYS
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-24 16:22 . 2012-06-09 11:57        821736        ----a-w-        c:\windows\SysWow64\npDeployJava1.dll
2012-09-24 16:22 . 2012-06-09 11:57        746984        ----a-w-        c:\windows\SysWow64\deployJava1.dll
2012-09-12 22:17 . 2012-05-13 17:21        64462936        ----a-w-        c:\windows\system32\MRT.exe
2012-07-18 18:15 . 2012-08-15 16:41        3148800        ----a-w-        c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12        94208        ----a-w-        c:\users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12        94208        ----a-w-        c:\users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12        94208        ----a-w-        c:\users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"phonostarTimer"="c:\program files (x86)\phonostar-Player\phonostarTimer.exe" [2011-06-20 40960]
"Akamai NetSession Interface"="c:\users\xxxx\AppData\Local\Akamai\netsession_win.exe" [2012-08-10 4440896]
"Unified Remote v2"="c:\program files (x86)\Unified Remote\RemoteServer.exe" [2012-09-14 280672]
"Spotify Web Helper"="c:\users\xxxx\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-08-23 1193176]
"NokiaSuite.exe"="c:\program files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" [2012-05-16 1084840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"Cisco AnyConnect Secure Mobility Agent for Windows"="c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" [2011-09-09 523216]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-14 348664]
"LexwareInfoService"="c:\program files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe" [2010-09-15 339312]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\users\xxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\xxxx\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2011-9-18 102912]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 dump_wmimmc;dump_wmimmc;c:\spiele\AeriaGames\WolfTeam-DE\GameGuard\dump_wmimmc.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-01 33736]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-07 114144]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-21 20992]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-21 88960]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 34816]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-12-15 27760]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 203264]
S2 AntiVirSchexxxxrService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
S2 MBAMSchexxxxr;MBAMSchexxxxr;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamschexxxxr.exe [2012-09-07 399432]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-03-31 80896]
S2 vpnagent;Cisco AnyConnect Secure Mobility Agent;c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2011-09-09 475088]
S3 acsock;acsock;c:\windows\system32\DRIVERS\acsock64.sys [2011-09-09 106408]
S3 RTL8167;Realtek 8167 NT-Treiber;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai        REG_MULTI_SZ          Akamai
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12        97792        ----a-w-        c:\users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12        97792        ----a-w-        c:\users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12        97792        ----a-w-        c:\users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12        97792        ----a-w-        c:\users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.

------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.hiergehtslos.de
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
DPF: 55963676-2F5E-4BAF-AC28-CF26AA587566 - vpnweb.cab
FF - ProfilePath - c:\users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\uhewijt8.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{c840e246-6b95-475e-9bd7-caa1c7eca9f2} - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\C]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\I]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\K]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\L]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2355f339-4f19-11e1-ba1f-002522896cc3}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{281d84ca-d6e0-11e0-8e36-002522896cc3}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3787ee3c-1e82-11e1-b51a-806e6f6e6963}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{38097c84-4a64-11e1-9f46-002522896cc3}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{39d142ca-deea-11e0-87ed-002522896cc3}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{43ee8966-9ead-11e1-8540-002522896cc3}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{43ee896c-9ead-11e1-8540-002522896cc3}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{43ee898d-9ead-11e1-8540-002522896cc3}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{43ee8994-9ead-11e1-8540-002522896cc3}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{43ee8999-9ead-11e1-8540-002522896cc3}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{58fc216b-8a07-11e0-b987-002522896cc3}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6dfa3e2e-6aa8-11e0-ab78-002522896cc3}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6dfa3e30-6aa8-11e0-ab78-002522896cc3}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6eeef941-9d78-11e0-9f0d-002522896cc3}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7fed289f-b3a2-11e0-a98b-002522896cc3}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8ba7dec2-6c33-11e0-94cf-002522896cc3}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8ba7defb-6c33-11e0-94cf-002522896cc3}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8db05cac-6870-11e0-b5f1-806e6f6e6963}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8db05caf-6870-11e0-b5f1-806e6f6e6963}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8deb6cf6-5a14-11e1-9b0e-002522896cc3}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{985a43c8-3ce0-11e1-86e2-002522896cc3}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9ca72bb1-bcd3-11e0-851a-002522896cc3}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a16bfb40-68ce-11e0-8990-806e6f6e6963}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a16bfb41-68ce-11e0-8990-806e6f6e6963}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a16bfb42-68ce-11e0-8990-806e6f6e6963}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a16bfb43-68ce-11e0-8990-806e6f6e6963}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a16bfb44-68ce-11e0-8990-806e6f6e6963}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a16bfe32-68ce-11e0-8990-002522896cc3}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a16bfe3f-68ce-11e0-8990-002522896cc3}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a248b4ac-7a27-11e1-8172-002522896cc3}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b1efb7c5-c582-11e0-8e43-002522896cc3}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c1198fc0-72f7-11e0-be5c-002522896cc3}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d01ccce6-49a0-11e1-9b78-002522896cc3}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d205c912-a6cb-11e0-aed1-002522896cc3}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e797e68a-e220-11e0-91ab-002522896cc3}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f6fb810a-bf32-11e0-a585-002522896cc3}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-3520745990-2397459756-1707785564-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f6fb82e7-bf32-11e0-a585-002522896cc3}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\OldTimer Tools\OTL\Files]
@DACL=(02 0000)
"c:\\Users\\xxxx\\AppData\\LocalLow\\Sun\\Java\\Deployment\\cache\\6.0"=""
"c:\\Users\\xxxx\\AppData\\LocalLow\\Sun\\Java\\Deployment\\cache"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\plugins"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\patches"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\tr\\LC_MESSAGES\\CVS"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\tr\\LC_MESSAGES"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\tr\\CVS"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\tr"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\ro\\LC_MESSAGES\\CVS"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\ro\\LC_MESSAGES"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\ro\\CVS"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\ro"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\nl\\LC_MESSAGES\\CVS"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\nl\\LC_MESSAGES"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\nl\\CVS"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\nl"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\ja\\LC_MESSAGES\\CVS"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\ja\\LC_MESSAGES"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\ja\\CVS"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\ja"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\it\\LC_MESSAGES\\CVS"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\it\\LC_MESSAGES"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\it\\CVS"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\it"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\fr\\LC_MESSAGES\\CVS"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\fr\\LC_MESSAGES"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\fr\\CVS"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\fr"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\es\\LC_MESSAGES\\CVS"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\es\\LC_MESSAGES"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\es\\CVS"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\es"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\el\\LC_MESSAGES\\CVS"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\el\\LC_MESSAGES"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\el\\CVS"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\el"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\de\\LC_MESSAGES\\CVS"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\de\\LC_MESSAGES"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\de\\CVS"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\de"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\ca\\LC_MESSAGES\\CVS"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\ca\\LC_MESSAGES"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\ca\\CVS"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\ca"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\bg\\LC_MESSAGES\\CVS"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\bg\\LC_MESSAGES"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\bg\\CVS"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\bg"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Docs"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6"=""
"g:\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\plugins"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\patches"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\tr\\LC_MESSAGES\\CVS"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\tr\\LC_MESSAGES"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\tr\\CVS"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\tr"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\ro\\LC_MESSAGES\\CVS"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\ro\\LC_MESSAGES"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\ro\\CVS"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\ro"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\nl\\LC_MESSAGES\\CVS"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\nl\\LC_MESSAGES"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\nl\\CVS"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\nl"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\ja\\LC_MESSAGES\\CVS"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\ja\\LC_MESSAGES"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\ja\\CVS"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\ja"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\it\\LC_MESSAGES\\CVS"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\it\\LC_MESSAGES"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\it\\CVS"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\it"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\fr\\LC_MESSAGES\\CVS"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\fr\\LC_MESSAGES"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\fr\\CVS"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\fr"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\es\\LC_MESSAGES\\CVS"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\es\\LC_MESSAGES"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\es\\CVS"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\es"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\el\\LC_MESSAGES\\CVS"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\el\\LC_MESSAGES"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\el\\CVS"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\el"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\de\\LC_MESSAGES\\CVS"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\de\\LC_MESSAGES"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\de\\CVS"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\de"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\ca\\LC_MESSAGES\\CVS"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\ca\\LC_MESSAGES"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\ca\\CVS"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\ca"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\bg\\LC_MESSAGES\\CVS"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\bg\\LC_MESSAGES"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\bg\\CVS"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs\\bg"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Langs"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6\\Docs"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC\\pcsx2_0.6"=""
"i:\\backup_E\\zock\\old_school_emulatoren\\PS2.Emulator.For.PC"=""
"c:\\Users\\xxxx\\AppData\\Local\\Temp\\FXSAPIDebugLogFile.txt"=""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-10-05  21:56:16
ComboFix-quarantined-files.txt  2012-10-05 19:56
.
Vor Suchlauf: 11 Verzeichnis(se), 907.307.212.800 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 907.171.930.112 Bytes frei
.
- - End Of File - - E59476299F9F5E30C10019524B84A3A4
--- --- ---

cosinus 07.10.2012 04:54
Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.


Alle Zeitangaben in WEZ +1. Es ist jetzt 09:34 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131