| |
| |||||||
Log-Analyse und Auswertung: TR.Crypt.ZPACK.Gen8 Scanner finden nichts mehrWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
04.06.2012, 03:18
| #1 |
 |  TR.Crypt.ZPACK.Gen8 Scanner finden nichts mehr Hallo, Beim unvorsichtigen Browsen habe ich mir zwei Mal den Trojaner TR.Crypt.ZPACK.Gen8 eingefangen. 1.Meldung von Avira Antivirus Echtzeitscanner: "In der Datei 'C:\Users\Nutzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\VXSKODST\sex_with_dog_03.avi[1].exe' wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.Gen8' [trojan] gefunden. Ausgeführte Aktion: Übergeben an Scannerer von Avira Antivirus". 2.Meldung von Avira Antivirus Echtzeitscanner: "In der Datei 'C:\Users\Nutzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KJJJMQ1S\dog_fucking_girl.avi[1].exe' wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.Gen8' [trojan] gefunden. Ausgeführte Aktion: Übergeben an Scanner". Der Systemscanner meldete zwei Mal "Durchgeführte Aktion(en): Beim Versuch eine Sicherungskopie der Datei anzulegen ist ein Fehler aufgetreten und die Datei wurde nicht gelöscht. Fehlernummer: 26003 (bzw. 26004). Die Datei konnte nicht gelöscht werden! Es wird versucht die Aktion mit Hilfe der ARK Library durchzuführen. Die Datei konnte nicht ins Quarantäneverzeichnis verschoben werden! Die Datei konnte nicht gelöscht werden!" Beide Dateien befinden sich jedoch in Quarantäne. Eine Reportdatei ist leider nicht mehr abrufbar. Ein anschließender vollständiger Systemscan mit Avira Antivirus ergab 45 Warnungen, jedoch keinen Fund. Als nächstes führte ich sowohl einen vollständigen als auch einen Quick Scan mit Malwarebytes Anti-Malware durch. Ergebnis: Kein Fund. Bitdefender Online Scanner fand auch nichts. Schließlich scannte ich mit ESET Online Scanner und hatte dummerweise versäumt, das Häkchen bei Remove Found Threats zu entfernen. ESET hatte beim ersten Scan 3 infizierte Dateien gefunden und natürlich gelöscht. Der erneute Scan mit ESET ergab keine infizierten Befunde. Ich habe den Eindruck, dass mein PC dennoch infiziert ist: Bei einem Neustart fing eine Routinemeldung von Avira oberhalb der Taskleiste an zu vibrieren. Und bei einer Browsersitzung im IE erschien für ein paar Sekunden ein schwarzer Balken am oberen Bildschirmrand, der die Menuleiste überlagerte. Avira Antivirus Logfile vom 2.Juni: Avira Antivirus Premium 2012 Erstellungsdatum der Reportdatei: Samstag, 2. Juni 2012 19:18 Es wird nach 3783904 Virenstämmen gesucht. Das Programm läuft als uneingeschränkte Vollversion. Online-Dienste stehen zur Verfügung. Plattform : Windows 7 Home Premium Windowsversion : (Service Pack 1) [6.1.7601] Boot Modus : Normal gebootet Versionsinformationen: BUILD.DAT : 12.0.0.1142 42650 Bytes 15.05.2012 13:22:00 AVSCAN.EXE : 12.3.0.15 466896 Bytes 14.05.2012 13:30:52 AVSCAN.DLL : 12.3.0.15 66256 Bytes 14.05.2012 13:30:52 LUKE.DLL : 12.3.0.15 68304 Bytes 14.05.2012 13:30:56 AVSCPLR.DLL : 12.3.0.14 97032 Bytes 08.05.2012 12:13:07 AVREG.DLL : 12.3.0.17 232200 Bytes 10.05.2012 15:01:26 VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 12:07:01 VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 12:07:59 VBASE002.VDF : 7.11.19.170 14374912 Bytes 20.12.2011 12:09:24 VBASE003.VDF : 7.11.21.238 4472832 Bytes 01.02.2012 12:09:43 VBASE004.VDF : 7.11.26.44 4329472 Bytes 28.03.2012 12:10:03 VBASE005.VDF : 7.11.29.136 2166272 Bytes 10.05.2012 11:01:34 VBASE006.VDF : 7.11.29.137 2048 Bytes 10.05.2012 11:01:34 VBASE007.VDF : 7.11.29.138 2048 Bytes 10.05.2012 11:01:34 VBASE008.VDF : 7.11.29.139 2048 Bytes 10.05.2012 11:01:34 VBASE009.VDF : 7.11.29.140 2048 Bytes 10.05.2012 11:01:34 VBASE010.VDF : 7.11.29.141 2048 Bytes 10.05.2012 11:01:34 VBASE011.VDF : 7.11.29.142 2048 Bytes 10.05.2012 11:01:34 VBASE012.VDF : 7.11.29.143 2048 Bytes 10.05.2012 11:01:34 VBASE013.VDF : 7.11.29.144 2048 Bytes 10.05.2012 11:01:34 VBASE014.VDF : 7.11.30.3 198144 Bytes 14.05.2012 13:30:51 VBASE015.VDF : 7.11.30.69 186368 Bytes 17.05.2012 09:29:43 VBASE016.VDF : 7.11.30.143 223744 Bytes 21.05.2012 17:12:46 VBASE017.VDF : 7.11.30.207 287744 Bytes 23.05.2012 07:38:58 VBASE018.VDF : 7.11.31.57 188416 Bytes 28.05.2012 17:07:43 VBASE019.VDF : 7.11.31.111 214528 Bytes 30.05.2012 13:19:09 VBASE020.VDF : 7.11.31.151 116736 Bytes 31.05.2012 18:10:19 VBASE021.VDF : 7.11.31.152 2048 Bytes 31.05.2012 18:10:19 VBASE022.VDF : 7.11.31.153 2048 Bytes 31.05.2012 18:10:19 VBASE023.VDF : 7.11.31.154 2048 Bytes 31.05.2012 18:10:19 VBASE024.VDF : 7.11.31.155 2048 Bytes 31.05.2012 18:10:19 VBASE025.VDF : 7.11.31.156 2048 Bytes 31.05.2012 18:10:19 VBASE026.VDF : 7.11.31.157 2048 Bytes 31.05.2012 18:10:20 VBASE027.VDF : 7.11.31.158 2048 Bytes 31.05.2012 18:10:20 VBASE028.VDF : 7.11.31.159 2048 Bytes 31.05.2012 18:10:20 VBASE029.VDF : 7.11.31.160 2048 Bytes 31.05.2012 18:10:20 VBASE030.VDF : 7.11.31.161 2048 Bytes 31.05.2012 18:10:20 VBASE031.VDF : 7.11.31.198 102912 Bytes 02.06.2012 14:40:35 Engineversion : 8.2.10.80 AEVDF.DLL : 8.1.2.8 106867 Bytes 01.06.2012 16:49:58 AESCRIPT.DLL : 8.1.4.24 450939 Bytes 31.05.2012 16:10:28 AESCN.DLL : 8.1.8.2 131444 Bytes 08.05.2012 12:10:36 AESBX.DLL : 8.2.5.10 606580 Bytes 29.05.2012 22:00:57 AERDL.DLL : 8.1.9.15 639348 Bytes 08.05.2012 12:10:36 AEPACK.DLL : 8.2.16.16 807288 Bytes 29.05.2012 22:00:55 AEOFFICE.DLL : 8.1.2.28 201082 Bytes 08.05.2012 12:10:32 AEHEUR.DLL : 8.1.4.36 4874615 Bytes 31.05.2012 16:10:27 AEHELP.DLL : 8.1.21.0 254326 Bytes 10.05.2012 19:01:25 AEGEN.DLL : 8.1.5.28 422260 Bytes 08.05.2012 12:10:22 AEEXP.DLL : 8.1.0.44 82293 Bytes 29.05.2012 22:00:57 AEEMU.DLL : 8.1.3.0 393589 Bytes 08.05.2012 12:10:21 AECORE.DLL : 8.1.25.10 201080 Bytes 31.05.2012 16:10:19 AEBB.DLL : 8.1.1.0 53618 Bytes 08.05.2012 12:10:20 AVWINLL.DLL : 12.3.0.15 27344 Bytes 14.05.2012 13:30:50 AVPREF.DLL : 12.3.0.15 51920 Bytes 14.05.2012 13:30:52 AVREP.DLL : 12.3.0.15 179208 Bytes 08.05.2012 12:13:07 AVARKT.DLL : 12.3.0.15 211408 Bytes 14.05.2012 13:30:51 AVEVTLOG.DLL : 12.3.0.15 169168 Bytes 14.05.2012 13:30:52 SQLITE3.DLL : 3.7.0.1 398288 Bytes 14.05.2012 13:30:57 AVSMTP.DLL : 12.3.0.15 63952 Bytes 14.05.2012 13:30:53 NETNT.DLL : 12.3.0.15 17104 Bytes 14.05.2012 13:30:56 RCIMAGE.DLL : 12.3.0.15 4491472 Bytes 14.05.2012 13:30:50 RCTEXT.DLL : 12.3.0.15 98512 Bytes 14.05.2012 13:30:50 Konfiguration für den aktuellen Suchlauf: Job Name..............................: Lokale Laufwerke Konfigurationsdatei...................: C:\program files (x86)\avira\antivir desktop\alldrives.avp Protokollierung.......................: standard Primäre Aktion........................: interaktiv Sekundäre Aktion......................: ignorieren Durchsuche Masterbootsektoren.........: ein Durchsuche Bootsektoren...............: ein Bootsektoren..........................: C:, E:, D:, Durchsuche aktive Programme...........: ein Durchsuche Registrierung..............: ein Suche nach Rootkits...................: aus Integritätsprüfung von Systemdateien..: aus Datei Suchmodus.......................: Intelligente Dateiauswahl Durchsuche Archive....................: ein Rekursionstiefe einschränken..........: 20 Archiv Smart Extensions...............: ein Makrovirenheuristik...................: ein Dateiheuristik........................: erweitert Beginn des Suchlaufs: Samstag, 2. Juni 2012 19:18 Der Suchlauf über die Masterbootsektoren wird begonnen: Masterbootsektor HD0 [INFO] Es wurde kein Virus gefunden! Masterbootsektor HD1 [INFO] Es wurde kein Virus gefunden! Der Suchlauf über die Bootsektoren wird begonnen: Bootsektor 'C:\' [INFO] Es wurde kein Virus gefunden! Bootsektor 'E:\' [INFO] Es wurde kein Virus gefunden! Der Suchlauf über gestartete Prozesse wird begonnen: Durchsuche Prozess 'avscan.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'avcenter.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'BluetoothHeadsetProxy.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'RunDll32.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'SHTtray.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'avgnt.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'jusched.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'CNMNSUT.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'PMBVolumeWatcher.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'ISBMgr.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'IAStorIcon.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'ONENOTEM.EXE' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'VRLPHelper.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'ElbServer.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'AVWEBGRD.EXE' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'avmailc.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'VESMgrSub.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'IAStorDataMgrSvc.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'DllHost.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'SOHCImp.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'VcmINSMgr.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'VcmIAlzMgr.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'VCFw.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'VESMgr.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'uCamMonitor.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'SOHDs.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'SOHDms.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'PsiService_2.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'PMBDeviceInfoProvider.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'IJPLMSVC.EXE' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'avguard.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'armsvc.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'ACService.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'sched.exe' - '1' Modul(e) wurden durchsucht Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen: Die Registry wurde durchsucht ( '2367' Dateien ). Der Suchlauf über die ausgewählten Dateien wird begonnen: Beginne mit der Suche in 'C:\' C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe [WARNUNG] Unerwartetes Dateiende erreicht Beginne mit der Suche in 'E:\' <My Book> E:\2012-02-09_E\Irregular\00003B26\finanzamtupdate.zip [WARNUNG] Unerwartetes Dateiende erreicht E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\Backups\VAIO\Backup Set 2011-08-14 222713\Backup Files 2011-08-14 222713\Backup files 24.zip [WARNUNG] Der Archivheader ist defekt E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\Backups\VAIO\Backup Set 2011-08-14 222713\Backup Files 2011-08-14 222713\Backup files 25.zip [WARNUNG] Unerwartetes Dateiende erreicht E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Program Files (x86)\Java\jre6\lib\charsets.jar [WARNUNG] Der Archivheader ist defekt E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Program Files (x86)\Java\jre6\lib\deploy.jar [WARNUNG] Der Archivheader ist defekt E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Program Files (x86)\Java\jre6\lib\rt.jar [WARNUNG] Der Archivheader ist defekt E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Program Files (x86)\Microsoft Office\Document Themes 14\Theme Effects\Apex.eftx [WARNUNG] Unerwartetes Dateiende erreicht E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Program Files (x86)\Microsoft Office\Templates\1031\EssentialReport.dotx [WARNUNG] Unerwartetes Dateiende erreicht E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Program Files (x86)\Microsoft Office\Templates\1031\ExecutiveNewsletter.dotx [WARNUNG] Der Archivheader ist defekt E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Program Files (x86)\Microsoft Office\Templates\1031\OrielReport.Dotx [WARNUNG] Der Archivheader ist defekt E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Program Files (x86)\Microsoft Office\Templates\1031\UrbanPhotoAlbum.potx [WARNUNG] Der Archivheader ist defekt E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Program Files (x86)\Microsoft Office\Templates\1031\ONENOTE\14\Notebook Templates\Notebook03.onepkg [WARNUNG] Aus diesem Archiv können keine weiteren Dateien ausgepackt werden. Das Archiv wird geschlossen. E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Program Files (x86)\Nokia\Nokia Ovi Suite\Help\webhelp.jar [WARNUNG] Einige Dateien dieses Archives sind auf mehrere Teilarchive verteilt (multiple volume) E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Program Files (x86)\phonostar-Player\ps3_help.chm [WARNUNG] Die komprimierten Daten sind fehlerhaft E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Program Files (x86)\Sony\VAIO Creations\Click to Disc\ctd_en.chm [WARNUNG] Die komprimierten Daten sind fehlerhaft E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Program Files (x86)\Sony\VAIO Creations\Click to Disc\ctd_fr.chm [WARNUNG] Die komprimierten Daten sind fehlerhaft E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Program Files (x86)\Sony\VAIO Creations\Click to Disc\ctd_ja.chm [WARNUNG] Die Dekompressionstabelle ist fehlerhaft E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Program Files (x86)\Sony\VAIO Creations\VAIO Movie Story\Help\vms.en.chm [WARNUNG] Die komprimierten Daten sind fehlerhaft E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Program Files (x86)\Sony\VAIO Creations\VAIO Movie Story\Help\vms.es.chm [WARNUNG] Die komprimierten Daten sind fehlerhaft E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Program Files (x86)\Sony\VAIO Creations\VAIO Movie Story\Help\vms.fr.chm [WARNUNG] Die komprimierten Daten sind fehlerhaft E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Program Files (x86)\Sony\VAIO Creations\VAIO Movie Story\Help\vms.nl.chm [WARNUNG] Die komprimierten Daten sind fehlerhaft E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Program Files (x86)\Sony\VAIO Creations\VAIO Movie Story\Help\vms.ru.chm [WARNUNG] Die komprimierten Daten sind fehlerhaft E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Program Files (x86)\Sony\VAIO Media plus\KOR\VMplus.chm [WARNUNG] Die komprimierten Daten sind fehlerhaft E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Program Files (x86)\Windows Live\Messenger\scenex.mct [WARNUNG] Aus diesem Archiv können keine weiteren Dateien ausgepackt werden. Das Archiv wird geschlossen. E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Program Files (x86)\Windows Live\Messenger\usertiles.mct [WARNUNG] Aus diesem Archiv können keine weiteren Dateien ausgepackt werden. Das Archiv wird geschlossen. E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Program Files (x86)\WISO\Sparbuch 2010\updates\s6583.cab [WARNUNG] Der Archivheader ist defekt E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Program Files (x86)\WISO\Sparbuch 2010\updates\s6689.cab [WARNUNG] Der Archivheader ist defekt E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Program Files (x86)\WISO\Sparbuch 2010\updates\s6697.cab [WARNUNG] Der Archivheader ist defekt E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Program Files (x86)\WISO\Sparbuch 2010\updates\s6739.cab [WARNUNG] Der Archivheader ist defekt E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Program Files (x86)\WISO\Sparbuch 2010\updates\s6777.cab [WARNUNG] Der Archivheader ist defekt E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Program Files (x86)\WISO\Sparbuch 2010\updates\s6801.cab [WARNUNG] Der Archivheader ist defekt E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Programme\Intel\WiFi\Help\wassistchs.chm [WARNUNG] Die komprimierten Daten sind fehlerhaft E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Programme\Java\jre6\lib\charsets.jar [WARNUNG] Der Archivheader ist defekt E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Programme\Java\jre6\lib\deploy.jar [WARNUNG] Der Archivheader ist defekt E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Programme\Java\jre6\lib\plugin.jar [WARNUNG] Der Archivheader ist defekt E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Programme\Java\jre6\lib\resources.jar [WARNUNG] Der Archivheader ist defekt E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Programme\Java\jre6\lib\rt.jar [WARNUNG] Der Archivheader ist defekt E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Programme\Java\jre6\lib\ext\localedata.jar [WARNUNG] Unerwartetes Dateiende erreicht E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Programme\mcafee\msc\oeminfo\MPS\mpsUC.cab [WARNUNG] Aus diesem Archiv können keine weiteren Dateien ausgepackt werden. Das Archiv wird geschlossen. E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Programme\mcafee\msk\mskcmcnt.cab [WARNUNG] Aus diesem Archiv können keine weiteren Dateien ausgepackt werden. Das Archiv wird geschlossen. E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Programme\Microsoft Security Client\Backup\amd64\windows6.0-kb981889-v2.msu [WARNUNG] Aus diesem Archiv können keine weiteren Dateien ausgepackt werden. Das Archiv wird geschlossen. E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Programme\Microsoft Security Client\Backup\amd64\windows6.1-kb981889.msu [WARNUNG] Aus diesem Archiv können keine weiteren Dateien ausgepackt werden. Das Archiv wird geschlossen. E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Windows\Drivers\EXE\Bluetooth Driver (Broadcom)\Win64\Data1.cab [WARNUNG] Aus diesem Archiv können keine weiteren Dateien ausgepackt werden. Das Archiv wird geschlossen. E:\WD SmartWare.swstor\VAIO\Volume.341273b7.abb1.11e0.bc95.f07bcbe8cce5\SONY VAIO\Computer\Lokaler Datenträger\Windows\Drivers\EXE\Graphics Driver (NVIDIA)\Display\nView.cab [WARNUNG] Aus diesem Archiv können keine weiteren Dateien ausgepackt werden. Das Archiv wird geschlossen. Beginne mit der Suche in 'D:\' Der zu durchsuchende Pfad D:\ konnte nicht geöffnet werden! Systemfehler [21]: Das Gerät ist nicht bereit. Ende des Suchlaufs: Samstag, 2. Juni 2012 23:30 Benötigte Zeit: 4:11:15 Stunde(n) Der Suchlauf wurde vollständig durchgeführt. 111155 Verzeichnisse wurden überprüft 1668682 Dateien wurden geprüft 0 Viren bzw. unerwünschte Programme wurden gefunden 0 Dateien wurden als verdächtig eingestuft 0 Dateien wurden gelöscht 0 Viren bzw. unerwünschte Programme wurden repariert 0 Dateien wurden in die Quarantäne verschoben 0 Dateien wurden umbenannt 0 Dateien konnten nicht durchsucht werden 1668682 Dateien ohne Befall 16205 Archive wurden durchsucht 45 Warnungen 0 Hinweise Malwarebytes Anti-Malware Logfile: Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.06.03.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 03.06.2012 12:51:55 mbam-log-2012-06-03 (12-51-55).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 433012 Laufzeit: 1 Stunde(n), 36 Minute(n), 59 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Geändert von Schofseckel (04.06.2012 um 04:03 Uhr) |
|
04.06.2012, 08:13
| #2 |
| /// Malwareteam    | TR.Crypt.ZPACK.Gen8 Scanner finden nichts mehr Mein Name ist Marius und ich werde dir bei deinem Problem helfen. Eines vorneweg: Hinweis: Wir können hier nie dafür garantieren, dass wir sämtliche Reste von Schadsoftware gefunden haben. Eine Formatierung ist meist der schnellste und immer der sicherste Weg. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass dein Rechner clean ist. Eine Bereinigung ist mitunter mit viel Arbeit für dich verbunden.
Vista und Win7 User Alle Tools mit Rechtsklick --> "als Administrator ausführen" starten. Schritt 1: defogger Downloade Dir bitte defogger von jpshortstuff auf Deinem Desktop.
Klicke den Re-enable Button nicht ohne Anweisung. Schritt 2: OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden)
Schritt 3: aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
Schritt 4: TDSS-Killer (Scan) Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen. Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
Schritt 5: Logfiles posten Ich sehe, dass du Malwarebytes´ Antimalware installiert hast - es legt bei jedem Scan eine Logdatei an. Öffne das Programm, klicke auf den Reiter Logfiles und exportiere alle dort gespeicherten logdateien. Zippe sie und hänge das Archiv mit an deine Antwort an! 
__________________ |
|
04.06.2012, 09:36
| #3 |
| | TR.Crypt.ZPACK.Gen8 Scanner finden nichts mehr Danke Marius für deine schnelle Reaktion. Hier meine Logs:
__________________defogger_disable by jpshortstuff (23.02.10.1) Log created at 09:44 on 04/06/2012 Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- Hier meine OTL Logs:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 04.06.2012 09:51:18 - Run 1
OTL by OldTimer - Version 3.2.33.0 Folder = C:\Users\Nutzer\Desktop\Sicherheit
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
5,98 Gb Total Physical Memory | 4,02 Gb Available Physical Memory | 67,20% Memory free
11,96 Gb Paging File | 9,57 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455,40 Gb Total Space | 363,77 Gb Free Space | 79,88% Space Free | Partition Type: NTFS
Drive E: | 1862,98 Gb Total Space | 1073,37 Gb Free Space | 57,62% Space Free | Partition Type: NTFS
Computer Name: NUTZER-VAIO | User Name: Nutzer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{115B60D5-BBDB-490E-AF2E-064D37A3CE01}" = Media Gallery MergeModules x64
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP990_series" = Canon MP990 series MP Drivers
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{17B77355-3934-4D0E-8FAC-C420482C8E7D}" = Windows Live Family Safety
"{1C6B6716-84AC-412A-A296-247D41EBB7FB}" = Setup_msm_VCMS_x64
"{26A24AE4-039D-4CA4-87B4-2F86416018FF}" = Java(TM) 6 Update 18 (64-bit)
"{393A9268-A428-4F5A-9B20-BD753309A98E}" = Click to Disc MergeModules x64
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5AFD1F5C-8FDA-413C-AF38-F1E7BD10D72F}" = VMp MergeModule x64
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{7BF099BD-10EE-4B04-A195-CAE2742C943E}" = Setup_VEP_x64
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{C37B6246-7D4A-4E5C-BFB4-11C8660BDC99}" = VAIO Movie Story MergeModules x64
"{C69A835B-67A5-4542-AD24-FE36E3140BA9}" = Setup_msm_VOFS_x64
"{CCAFF072-4DDB-4846-963D-15F02A8E9472}" = Intel(R) PROSet/Wireless WiFi-Software
"{D8CC254C-C671-4664-9A38-FA368D1E2C97}" = SES Driver
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F83779DF-E1F5-43A2-A7BE-732F856FADB7}" = Microsoft SQL Server Compact 3.5 SP1 x64 English
"3366905E6EFF86120E12E2DB3F8F2EDC3B7F5003" = Windows-Treiberpaket - Broadcom HIDClass (09/11/2009 6.3.0.1500)
"4CA7CFBB29889F25ACB3DF6E3A42BAE29EB43B20" = Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (01/19/2011 1.0.0009.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"C3D0C7A1290AAA6A45D0D0422262CE3370E27BE5" = Windows-Treiberpaket - Broadcom Corporation (BTHUSB) Bluetooth (02/12/2010 6.3.0.3820)
"CCleaner" = CCleaner
"D9022850BCF278EAFBF9EDC8741DC09A1AE20B6B" = Windows-Treiberpaket - Broadcom Corporation (BTHUSB) Bluetooth (02/28/2010 6.3.0.3850)
"Defraggler" = Defraggler
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel PROSet Wireless
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00B03993-F5A1-47B1-9C54-EC8FBDDDE17E}" = VAIO Care
"{0138F525-6C8A-333F-A105-14AE030B9A54}" = Visual C++ 9.0 CRT (x86) WinSXS MSM
"{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}" = WISO Steuer-Sparbuch 2011
"{0489D044-6386-4BDF-9F98-577D60CF79DD}" = VAIO Entertainment Platform
"{06C05B90-2127-4933-8ABA-61833BDE13FA}" = Einstellungen für VAIO-Inhaltsüberwachung
"{07441A52-E208-478A-92B7-5C337CA8C131}" = Remote Play mit PlayStation®3
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{0CC1DAFB-40C8-4903-953D-471E541477C7}" = WISO Steuer-Sparbuch 2012
"{0E13CAA3-B5FC-48C0-AA4A-26F5CD0C371C}" = Garmin Lifetime Updater
"{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}" = Windows Media Center Add-in for Silverlight
"{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"{1D10C273-3F95-42A2-8371-AB6B1F59821B}" = WOT for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2BDD5DFD-9F1F-4754-8BEB-A780D49E8C73}" = Sony Home Network Library
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = PMB VAIO Edition Guide
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A221E47-E361-45C3-886A-7B2D7AD0E5AA}" = SOHLib Merge Module
"{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update 5
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{641DD10E-47E0-4A1D-B858-EF507F948C50}" = VAIO Hardware Diagnostics
"{65B138AE-F636-4D4C-BA5D-A06E21E47C53}" = Remote-Tastatur mit PlayStation 3
"{6D320CE8-79EB-4D45-8C6D-DEF74D84B49A}" = VAIO Window Organizer
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D423AE8-0E7D-4703-8EF7-500C5D36FD7F}" = Sony Home Network Library
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" = VAIO Energie Verwaltung
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}" = Nokia Suite
"{95140000-0080-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{98F2FA0E-923A-48C2-8EC7-62BD97E38FC0}" = VAIO Data Restore Tool
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center
"{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution
"{A6B90666-2A1F-49E8-A40E-27EAAD11C096}" = Sony Home Network Library
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB259D46-F851-41B0-9AFA-AED8998AD68A}" = MusicStation
"{AB270FA2-DF21-4C3A-99DB-3300802089AE}" = Garmin City Navigator Europe (Unicode) NT 2012.40 Update
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{C416CBB4-00BA-4E78-878A-590C5FD4A7A1}" = VAIO Media plus
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C8A09003-7FAB-4D48-99DD-DC2A734EC9FA}" = Remote Play with PlayStation 3
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{DD88F979-FA58-41AC-980C-A6E1A82B61D9}" = Media Gallery
"{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{ED8EF3C2-FA5B-4A1E-950D-5A0227161F97}" = ArcSoft PhotoStudio 6
"{EFBA1469-E0DA-4825-96AB-12B2988E9A28}" = Media Gallery
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote
"{F82C6574-AD88-4B40-A432-970BC77F1BD2}" = DesignPro 5
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Ahnenblatt_is1" = Ahnenblatt 2.70
"Avira AntiVir Desktop" = Avira Antivirus Premium 2012
"Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data" = Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data
"Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data" = Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data
"Canon MP990 series Benutzerregistrierung" = Canon MP990 series Benutzerregistrierung
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-PhotoPrint Pro" = Canon Utilities Easy-PhotoPrint Pro
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ESET Online Scanner" = ESET Online Scanner v3
"Google Chrome" = Google Chrome
"InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = VAIO - PMB VAIO Edition Guide
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}" = DesignPro 5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"Nokia Suite" = Nokia Suite
"Office14.SingleImage" = Microsoft Office Home and Business 2010
"phonostar3RadioPlayer_is1" = phonostar-Player Version 3.02.4
"Picasa 3" = Picasa 3
"VAIO Help and Support" =
"VAIO Premium Partners" = VAIO Premium Partners
"VAIO screensaver" = VAIO screensaver
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 25.05.2012 08:09:28 | Computer Name = Nutzer-VAIO | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\phonostar-Player\phonostar.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 25.05.2012 08:10:11 | Computer Name = Nutzer-VAIO | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\phonostar-Player\phonostar.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 25.05.2012 08:38:29 | Computer Name = Nutzer-VAIO | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\phonostar-Player\phonostar.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 25.05.2012 12:57:45 | Computer Name = Nutzer-VAIO | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\phonostar-Player\phonostar.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 25.05.2012 14:37:33 | Computer Name = Nutzer-VAIO | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\phonostar-player\phonostar.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 28.05.2012 14:58:37 | Computer Name = Nutzer-VAIO | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\phonostar-player\phonostar.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 29.05.2012 02:51:49 | Computer Name = Nutzer-VAIO | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\phonostar-Player\phonostar.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 29.05.2012 02:52:54 | Computer Name = Nutzer-VAIO | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\phonostar-Player\phonostar.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 29.05.2012 03:35:57 | Computer Name = Nutzer-VAIO | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\phonostar-Player\phonostar.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 29.05.2012 06:42:32 | Computer Name = Nutzer-VAIO | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\phonostar-Player\phonostar.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
[ Media Center Events ]
Error - 04.04.2012 11:05:44 | Computer Name = Nutzer-VAIO | Source = MCUpdate | ID = 0
Description = 17:05:43 - Fehler beim Herstellen der Internetverbindung. 17:05:44
- Serververbindung konnte nicht hergestellt werden..
Error - 04.04.2012 11:06:36 | Computer Name = Nutzer-VAIO | Source = MCUpdate | ID = 0
Description = 17:05:52 - Fehler beim Herstellen der Internetverbindung. 17:05:52
- Serververbindung konnte nicht hergestellt werden..
Error - 08.04.2012 14:04:17 | Computer Name = Nutzer-VAIO | Source = MCUpdate | ID = 0
Description = 20:04:17 - Fehler beim Herstellen der Internetverbindung. 20:04:17
- Serververbindung konnte nicht hergestellt werden..
Error - 08.04.2012 14:04:26 | Computer Name = Nutzer-VAIO | Source = MCUpdate | ID = 0
Description = 20:04:23 - Fehler beim Herstellen der Internetverbindung. 20:04:23
- Serververbindung konnte nicht hergestellt werden..
Error - 16.04.2012 12:25:15 | Computer Name = Nutzer-VAIO | Source = MCUpdate | ID = 0
Description = 18:25:15 - Fehler beim Herstellen der Internetverbindung. 18:25:15
- Serververbindung konnte nicht hergestellt werden..
Error - 16.04.2012 12:25:27 | Computer Name = Nutzer-VAIO | Source = MCUpdate | ID = 0
Description = 18:25:20 - Fehler beim Herstellen der Internetverbindung. 18:25:20
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 23.05.2012 08:06:11 | Computer Name = Nutzer-VAIO | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.
Error - 23.05.2012 08:06:11 | Computer Name = Nutzer-VAIO | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.
Error - 23.05.2012 08:06:12 | Computer Name = Nutzer-VAIO | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.
Error - 23.05.2012 08:06:32 | Computer Name = Nutzer-VAIO | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.
Error - 23.05.2012 08:06:53 | Computer Name = Nutzer-VAIO | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.
Error - 23.05.2012 08:07:23 | Computer Name = Nutzer-VAIO | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.
Error - 23.05.2012 08:07:23 | Computer Name = Nutzer-VAIO | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.
Error - 23.05.2012 08:07:24 | Computer Name = Nutzer-VAIO | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.
Error - 23.05.2012 08:07:44 | Computer Name = Nutzer-VAIO | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.
Error - 23.05.2012 08:08:06 | Computer Name = Nutzer-VAIO | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.
< End of report >
OTL Logfile: Code:
ATTFilter OTL logfile created on: 04.06.2012 09:51:18 - Run 1 OTL by OldTimer - Version 3.2.33.0 Folder = C:\Users\nutzer\Desktop\Sicherheit 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 5,98 Gb Total Physical Memory | 4,02 Gb Available Physical Memory | 67,20% Memory free 11,96 Gb Paging File | 9,57 Gb Available in Paging File | 80,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 455,40 Gb Total Space | 363,77 Gb Free Space | 79,88% Space Free | Partition Type: NTFS Drive E: | 1862,98 Gb Total Space | 1073,37 Gb Free Space | 57,62% Space Free | Partition Type: NTFS Computer Name: NUTZER-VAIO | User Name: nutzer | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Nutzer\Desktop\Defogger.exe () PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Users\Nutzer\Desktop\Sicherheit\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Care\listener.exe (Sony of America Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) PRC - C:\Programme\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (Broadcom Corporation.) PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation) PRC - C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation) PRC - C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation) PRC - C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.) PRC - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE () PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.) PRC - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) PRC - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) ========== Modules (No Company Name) ========== MOD - C:\Users\nutzer\Desktop\Defogger.exe () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\90555968565afd59bce4b0974e9903bd\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\69f6e582cb79f107c61308b468c1a215\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll () MOD - C:\Program Files (x86)\WOT\WOT.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (VCService) -- C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation) SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation) SRV:64bit: - (SpfService) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation) SRV:64bit: - (VSNService) -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation) SRV:64bit: - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation) SRV:64bit: - (VcmINSMgr) -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation) SRV:64bit: - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) SRV:64bit: - (VUAgent) -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe (Sony Corporation) SRV:64bit: - (VAIO Power Management) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG) SRV - (AntiVirMailService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation) SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation) SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation) SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation) SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV - (Roxio Upnp Server 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe (Sonic Solutions) SRV - (Roxio UPnP Renderer 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe (Sonic Solutions) SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (PMBDeviceInfoProvider) -- c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation) SRV - (EvtEng) Intel(R) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV - (RegSrvc) Intel(R) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE () SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.) SRV - (PSI_SVC_2) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) SRV - (IviRegMgr) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) ========== Driver Services (SafeList) ========== DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys (Nokia) DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia) DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia) DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia) DRV:64bit: - (FLxHCIc) Fresco Logic xHCI (USB3) -- C:\Windows\SysNative\drivers\FLxHCIc.sys (Fresco Logic) DRV:64bit: - (FLxHCIh) Fresco Logic xHCI (USB3) -- C:\Windows\SysNative\drivers\FLxHCIh.sys (Fresco Logic) DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation) DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation) DRV:64bit: - (EtronXHCI) -- C:\Windows\SysNative\drivers\EtronXHCI.sys (Etron Technology Inc) DRV:64bit: - (EtronHub3) -- C:\Windows\SysNative\drivers\EtronHub3.sys (Etron Technology Inc) DRV:64bit: - (VUSB3HUB) -- C:\Windows\SysNative\drivers\ViaHub3.sys (VIA Technologies, Inc.) DRV:64bit: - (xhcdrv) -- C:\Windows\SysNative\drivers\xhcdrv.sys (VIA Technologies, Inc.) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (amdxhc) -- C:\Windows\SysNative\drivers\amdxhc.sys (Advanced Micro Devices, INC.) DRV:64bit: - (amdhub30) -- C:\Windows\SysNative\drivers\amdhub30.sys (Advanced Micro Devices, INC.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc) DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc) DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices) DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices) DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (SiFilter) -- C:\Windows\SysNative\drivers\SiWinAcc.sys (Silicon Image, Inc.) DRV:64bit: - (SiRemFil) -- C:\Windows\SysNative\drivers\SiRemFil.sys (Silicon Image, Inc.) DRV:64bit: - (Si3124r5) -- C:\Windows\SysNative\drivers\Si3124r5.sys (Silicon Image, Inc) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (rimspci) -- C:\Windows\SysNative\drivers\rimssne64.sys (REDC) DRV:64bit: - (risdsnpe) -- C:\Windows\SysNative\drivers\risdsne64.sys (REDC) DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.) DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.) DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.) DRV:64bit: - (btwampfl) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.) DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation) DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation) DRV:64bit: - (adp3132) -- C:\Windows\SysNative\drivers\adp3132.sys (Adaptec, Inc.) DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.) DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell) DRV:64bit: - (NETw5s64) Intel(R) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation) DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation) DRV:64bit: - (WSDScan) -- C:\Windows\SysNative\drivers\WSDScan.sys (Microsoft Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.) DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia) DRV:64bit: - (ahcix64s) -- C:\Windows\SysNative\drivers\ahcix64s.sys (AMD Technologies Inc.) DRV:64bit: - (regi) -- C:\Windows\SysNative\drivers\regi.sys (InterVideo) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Upgrade to Google Chrome IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Upgrade to Google Chrome IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Nachrichten - Service - Shopping bei t-online.de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Upgrade to Google Chrome IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Upgrade to Google Chrome IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@phonostar.de/phonostar: C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll ( ) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fe_9.0@nokia.com: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0 [2012.02.28 15:05:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_9.0@nokia.com: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012.02.28 15:06:01 | 000,000,000 | ---D | M] ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.180.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll CHR - plugin: Java(TM) Platform SE 6 U20 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programme\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll () O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll () O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll () O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.) O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.) O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation) O4 - HKLM..\Run: [SHTtray.exe] C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe (Sony Corporation) O4 - HKCU..\Run: [] File not found O4 - HKCU..\Run: [Elbserver] C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe (Sony Corporation) O4 - HKCU..\Run: [VRLPHelper] C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe (Sony Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab (Bitdefender QuickScan Control) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_32.CAB (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{50023FD4-732F-43D8-B217-5AC91BB2A015}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wot - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll () O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.06.03 02:25:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2012.06.02 11:33:28 | 000,000,000 | ---D | C] -- C:\Users\nutzer\Documents\2012_06_02 [2012.06.01 09:17:25 | 000,000,000 | R-SD | C] -- C:\Users\nutzer\Documents\My Stationery [2012.05.20 18:06:50 | 000,000,000 | ---D | C] -- C:\Users\nutzer\AppData\Roaming\Roxio [2012.05.20 18:06:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Roxio [2012.05.20 18:02:25 | 000,000,000 | ---D | C] -- C:\Users\nutzer\AppData\Roaming\Roxio Log Files [2012.05.20 09:43:39 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\TAGESGELD [2012.05.17 15:42:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache [2012.05.17 13:39:50 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\nutzer\HiJackThis204.exe [2012.05.14 09:29:44 | 000,000,000 | ---D | C] -- C:\Users\nutzer\AppData\Roaming\Corel [2012.05.14 09:29:31 | 000,000,000 | ---D | C] -- C:\Users\nutzer\Corel [2012.05.10 22:58:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Bitdefender [2012.05.10 12:44:14 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012.05.09 18:57:01 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2012.05.09 18:56:59 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012.05.09 18:56:57 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012.05.09 18:56:57 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012.05.08 18:04:06 | 000,000,000 | ---D | C] -- C:\Program Files\WDCSAM [2012.05.08 14:16:31 | 000,000,000 | ---D | C] -- C:\Users\nutzer\AppData\Roaming\Avira [2012.05.08 14:15:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2012.05.08 14:14:53 | 000,132,832 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2012.05.08 14:14:53 | 000,098,848 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2012.05.08 14:14:53 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys [2012.05.08 14:14:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2012.05.08 14:14:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2012.05.05 17:26:26 | 000,000,000 | ---D | C] -- C:\Users\nutzer\AppData\Local\Eraser 6 [2012.05.05 16:03:09 | 008,769,696 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe [2 C:\Users\nutzer\AppData\Local\*.tmp files -> C:\Users\nutzer\AppData\Local\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.06.04 09:44:46 | 000,000,000 | ---- | M] () -- C:\Users\Nutzer\defogger_reenable [2012.06.04 09:43:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.06.04 09:41:09 | 000,050,477 | ---- | M] () -- C:\Users\Nutzer\Desktop\Defogger.exe [2012.06.04 09:24:17 | 000,009,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.06.04 09:24:17 | 000,009,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.06.04 09:20:05 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.06.04 09:16:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.06.04 09:16:31 | 522,760,191 | -HS- | M] () -- C:\hiberfil.sys [2012.06.04 05:02:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.06.03 14:50:28 | 000,015,629 | ---- | M] () -- C:\Users\Nutzer\prüfung15 [2012.06.02 15:35:06 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.06.02 15:35:06 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.06.02 15:35:06 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.06.02 15:35:06 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.06.02 15:35:06 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.06.02 15:21:32 | 000,000,448 | ---- | M] () -- C:\Users\Public\Documents\cc_20120602_152128.reg [2012.06.02 15:10:31 | 000,015,504 | ---- | M] () -- C:\Users\Nutzer\prüfung [2012.06.01 19:46:41 | 000,000,958 | ---- | M] () -- C:\Windows\wiso.ini [2012.05.31 21:39:44 | 000,038,465 | ---- | M] () -- C:\Users\Nutzer\AppData\Roaming\Kommagetrennte Werte (Windows).ADR [2012.05.31 15:34:23 | 000,000,952 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys [2012.05.21 23:33:45 | 000,177,103 | ---- | M] () -- C:\Users\Public\Documents\Messetickets-Rg.12-0001091716_bfc8fbcb5be0ace39311b33c0584809a.pdf [2012.05.21 23:28:44 | 000,671,330 | ---- | M] () -- C:\Users\Nutzer\Documents\Messetickets ges_12-0001091716_6b50461e19a4707da5ff7c5f4153da5e.pdf [2012.05.21 09:22:08 | 000,000,448 | ---- | M] () -- C:\Users\Nutzer\Documents\cc_20120521_092203.reg [2012.05.20 17:36:34 | 019,840,742 | ---- | M] () -- C:\Users\Nutzer\Documents\Dual Golden 1 # Bedienungsanleitung.pdf [2012.05.17 13:43:29 | 000,015,087 | ---- | M] () -- C:\Users\Public\Documents\prüfung [2012.05.17 13:39:59 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Nutzer\HiJackThis204.exe [2012.05.14 15:30:57 | 000,132,832 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2012.05.14 15:30:57 | 000,098,848 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2012.05.11 00:41:36 | 000,013,540 | ---- | M] () -- C:\Users\Public\Documents\cc_20120511_004131.reg [2012.05.10 09:01:04 | 000,391,032 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.05.08 17:00:19 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif [2012.05.08 14:13:05 | 000,027,760 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys [2012.05.06 22:50:27 | 000,000,858 | ---- | M] () -- C:\Users\Public\Documents\cc_20120506_225022.reg [2012.05.05 16:03:34 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.05.05 16:03:34 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.05.05 16:03:16 | 008,769,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe [2 C:\Users\Nutzer\AppData\Local\*.tmp files -> C:\Users\Nutzer\AppData\Local\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.06.04 09:44:46 | 000,000,000 | ---- | C] () -- C:\Users\Nutzer\defogger_reenable [2012.06.04 09:41:09 | 000,050,477 | ---- | C] () -- C:\Users\Nutzer\Desktop\Defogger.exe [2012.06.03 14:50:28 | 000,015,629 | ---- | C] () -- C:\Users\Nutzer\prüfung15 [2012.06.02 15:21:30 | 000,000,448 | ---- | C] () -- C:\Users\Public\Documents\cc_20120602_152128.reg [2012.06.02 15:10:31 | 000,015,504 | ---- | C] () -- C:\Users\Nutzer\prüfung [2012.05.31 21:39:44 | 000,038,465 | ---- | C] () -- C:\Users\Nutzer\AppData\Roaming\Kommagetrennte Werte (Windows).ADR [2012.05.21 23:33:45 | 000,177,103 | ---- | C] () -- C:\Users\Public\Documents\Messetickets-Rg.12-0001091716_bfc8fbcb5be0ace39311b33c0584809a.pdf [2012.05.21 23:28:36 | 000,671,330 | ---- | C] () -- C:\Users\Nutzer\Documents\Messetickets ges_12-0001091716_6b50461e19a4707da5ff7c5f4153da5e.pdf [2012.05.21 09:22:04 | 000,000,448 | ---- | C] () -- C:\Users\Public\Documents\cc_20120521_092203.reg [2012.05.20 17:36:26 | 019,840,742 | ---- | C] () -- C:\Users\Nutzer\Documents\Dual Golden 1 # Bedienungsanleitung.pdf [2012.05.17 13:43:29 | 000,015,087 | ---- | C] () -- C:\Users\Public\Documents\prüfung [2012.05.14 09:29:43 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2012.05.11 00:41:33 | 000,013,540 | ---- | C] () -- C:\Users\Public\Documents\cc_20120511_004131.reg [2012.05.06 22:50:25 | 000,000,858 | ---- | C] () -- C:\Users\Public\Documents\cc_20120506_225022.reg [2012.04.09 09:59:11 | 000,006,144 | ---- | C] () -- C:\Users\Nutzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.02.20 17:29:52 | 000,000,958 | ---- | C] () -- C:\Windows\wiso.ini [2012.02.20 08:47:41 | 000,059,232 | ---- | C] () -- C:\Windows\SysWow64\CNC990W.DAT [2012.02.14 17:21:43 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012.02.14 17:21:43 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012.02.14 17:21:43 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012.02.14 17:21:43 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012.02.14 17:21:42 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012.02.14 16:24:09 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.02.10 11:24:10 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\SonyVideoProcessor.dll [2012.02.10 11:19:06 | 000,000,221 | ---- | C] () -- C:\ProgramData\MusicStation.xml ========== Files - Unicode (All) ========== [2012.02.18 19:46:24 | 000,004,709 | ---- | C] ()(C:\Users\Nutzer\Documents\?????????.odt) -- C:\Users\Nutzer\Documents\КЕЛБМІНЦІ.odt [2010.12.17 14:33:56 | 000,004,709 | ---- | M] ()(C:\Users\Nutzer\Documents\?????????.odt) -- C:\Users\Nutzer\Documents\КЕЛБМІНЦІ.odt < End of report > Die von dir vorgeschlagenen Schritte 3 bis 5 poste ich in meiner nächsten Antwort. |
|
04.06.2012, 13:37
| #4 |
| | TR.Crypt.ZPACK.Gen8 Scanner finden nichts mehr Hallo Marius, bitte entschuldige, meine vorigen OTL-Logfiles stammen von einer älteren Version von OTL. Soll ich Dir Logs mit der neuesten OTL-Version schicken? Mit dem aswMBR-Scanner habe ich vergeblich mehrere Male zu scannen versucht. Der Scanner stoppt bei "C:\Wndows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications" und meldet "Das Programm wird aufgrund eines Problems nicht richtig ausgeführt. Das Programm wird geschlossen und Sie werden benachrichtigt, wenn eine Lösung verfügbar ist." Mit dem TDSS-Killer habe ich einen Scan durchgeführt mit dem Ergebnis "No threats found". 13:27:51.0551 7008 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16 13:27:51.0894 7008 ============================================================ 13:27:51.0894 7008 Current date / time: 2012/06/04 13:27:51.0894 13:27:51.0894 7008 SystemInfo: 13:27:51.0894 7008 13:27:51.0894 7008 OS Version: 6.1.7601 ServicePack: 1.0 13:27:51.0894 7008 Product type: Workstation 13:27:51.0894 7008 ComputerName: ***-VAIO 13:27:51.0894 7008 UserName: *** 13:27:51.0894 7008 Windows directory: C:\Windows 13:27:51.0894 7008 System windows directory: C:\Windows 13:27:51.0894 7008 Running under WOW64 13:27:51.0894 7008 Processor architecture: Intel x64 13:27:51.0894 7008 Number of processors: 8 13:27:51.0894 7008 Page size: 0x1000 13:27:51.0894 7008 Boot type: Normal boot 13:27:51.0894 7008 ============================================================ 13:27:52.0612 7008 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 13:27:52.0627 7008 Drive \Device\Harddisk1\DR1 - Size: 0x1D1BF100000 (1862.99 Gb), SectorSize: 0x200, Cylinders: 0x3B5FD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 13:27:53.0064 7008 ============================================================ 13:27:53.0064 7008 \Device\Harddisk0\DR0: 13:27:53.0064 7008 MBR partitions: 13:27:53.0064 7008 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1487800, BlocksNum 0x32000 13:27:53.0064 7008 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14B9800, BlocksNum 0x38ECC000 13:27:53.0064 7008 \Device\Harddisk1\DR1: 13:27:53.0064 7008 MBR partitions: 13:27:53.0064 7008 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8DF8000 13:27:53.0064 7008 ============================================================ 13:27:53.0095 7008 C: <-> \Device\Harddisk0\DR0\Partition1 13:27:53.0127 7008 E: <-> \Device\Harddisk1\DR1\Partition0 13:27:53.0127 7008 ============================================================ 13:27:53.0127 7008 Initialize success 13:27:53.0127 7008 ============================================================ 13:28:38.0616 3400 ============================================================ 13:28:38.0616 3400 Scan started 13:28:38.0616 3400 Mode: Manual; TDLFS; 13:28:38.0616 3400 ============================================================ 13:28:39.0443 3400 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 13:28:39.0443 3400 1394ohci - ok 13:28:39.0521 3400 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe 13:28:39.0537 3400 ACDaemon - ok 13:28:39.0599 3400 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 13:28:39.0615 3400 ACPI - ok 13:28:39.0630 3400 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 13:28:39.0646 3400 AcpiPmi - ok 13:28:39.0693 3400 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 13:28:39.0693 3400 AdobeARMservice - ok 13:28:39.0849 3400 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 13:28:39.0849 3400 AdobeFlashPlayerUpdateSvc - ok 13:28:39.0911 3400 adp3132 (132190688d8e51d61f88a150d7df9fb4) C:\Windows\system32\drivers\adp3132.sys 13:28:39.0927 3400 adp3132 - ok 13:28:40.0005 3400 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 13:28:40.0036 3400 adp94xx - ok 13:28:40.0098 3400 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 13:28:40.0098 3400 adpahci - ok 13:28:40.0145 3400 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 13:28:40.0161 3400 adpu320 - ok 13:28:40.0192 3400 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 13:28:40.0192 3400 AeLookupSvc - ok 13:28:40.0270 3400 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 13:28:40.0285 3400 AFD - ok 13:28:40.0317 3400 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 13:28:40.0332 3400 agp440 - ok 13:28:40.0363 3400 ahcix64s (ad7decef1655b9d1d9a79e9afe0aa186) C:\Windows\system32\drivers\ahcix64s.sys 13:28:40.0379 3400 ahcix64s - ok 13:28:40.0395 3400 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 13:28:40.0395 3400 ALG - ok 13:28:40.0410 3400 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 13:28:40.0410 3400 aliide - ok 13:28:40.0473 3400 ALSysIO - ok 13:28:40.0519 3400 amdhub30 (30bfeee0dffd5bd79d29157cf080deed) C:\Windows\system32\drivers\amdhub30.sys 13:28:40.0519 3400 amdhub30 - ok 13:28:40.0535 3400 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 13:28:40.0551 3400 amdide - ok 13:28:40.0566 3400 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 13:28:40.0566 3400 AmdK8 - ok 13:28:40.0582 3400 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 13:28:40.0597 3400 AmdPPM - ok 13:28:40.0629 3400 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 13:28:40.0644 3400 amdsata - ok 13:28:40.0675 3400 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 13:28:40.0691 3400 amdsbs - ok 13:28:40.0707 3400 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 13:28:40.0707 3400 amdxata - ok 13:28:40.0753 3400 amdxhc (321533578132c811ec834a1b741c994c) C:\Windows\system32\drivers\amdxhc.sys 13:28:40.0753 3400 amdxhc - ok 13:28:40.0800 3400 amd_sata (2fbb00a7616106b95104574c6cd640c2) C:\Windows\system32\drivers\amd_sata.sys 13:28:40.0800 3400 amd_sata - ok 13:28:40.0831 3400 amd_xata (87d0d7645cb0d53220649bd5fe15d93e) C:\Windows\system32\drivers\amd_xata.sys 13:28:40.0831 3400 amd_xata - ok 13:28:40.0972 3400 AntiVirMailService (b9b5dfafea592bd4ca967824ebb42e3d) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe 13:28:40.0987 3400 AntiVirMailService - ok 13:28:41.0050 3400 AntiVirSchedulerService (67b1d78711b4386c26241096326ee14a) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 13:28:41.0065 3400 AntiVirSchedulerService - ok 13:28:41.0097 3400 AntiVirService (845c4e7ae211edad5e0b832126f56932) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 13:28:41.0097 3400 AntiVirService - ok 13:28:41.0159 3400 AntiVirWebService (30d71e0c149943a8985d02ea0944f2fe) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE 13:28:41.0175 3400 AntiVirWebService - ok 13:28:41.0237 3400 ApfiltrService (2d45f2dfbc3d8f53df7ebeffa8c9bc38) C:\Windows\system32\DRIVERS\Apfiltr.sys 13:28:41.0253 3400 ApfiltrService - ok 13:28:41.0284 3400 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 13:28:41.0299 3400 AppID - ok 13:28:41.0315 3400 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 13:28:41.0315 3400 AppIDSvc - ok 13:28:41.0346 3400 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 13:28:41.0346 3400 Appinfo - ok 13:28:41.0409 3400 arc (d2c224a80234064c97285767ab6ea823) C:\Windows\system32\drivers\arc.sys 13:28:41.0424 3400 arc - ok 13:28:41.0440 3400 arcsas (aa9e02257fec7f416bdd97644b84fd73) C:\Windows\system32\drivers\arcsas.sys 13:28:41.0455 3400 arcsas - ok 13:28:41.0471 3400 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys 13:28:41.0471 3400 ArcSoftKsUFilter - ok 13:28:41.0518 3400 asmthub3 (6fe3237c1177e66437e7ad0e8ac1a6e5) C:\Windows\system32\drivers\asmthub3.sys 13:28:41.0533 3400 asmthub3 - ok 13:28:41.0580 3400 asmtxhci (c4043e39a2abbc56581ca25df161e9f7) C:\Windows\system32\drivers\asmtxhci.sys 13:28:41.0611 3400 asmtxhci - ok 13:28:41.0627 3400 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 13:28:41.0643 3400 AsyncMac - ok 13:28:41.0674 3400 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 13:28:41.0674 3400 atapi - ok 13:28:41.0861 3400 athr (08baaa2432e81031a6c3b11ad5a67e2b) C:\Windows\system32\DRIVERS\athrx.sys 13:28:41.0939 3400 athr - ok 13:28:42.0111 3400 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 13:28:42.0142 3400 AudioEndpointBuilder - ok 13:28:42.0157 3400 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 13:28:42.0157 3400 AudioSrv - ok 13:28:42.0235 3400 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys 13:28:42.0235 3400 avgntflt - ok 13:28:42.0267 3400 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys 13:28:42.0267 3400 avipbb - ok 13:28:42.0282 3400 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys 13:28:42.0298 3400 avkmgr - ok 13:28:42.0360 3400 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Wi13:28:42.0360 3400 AxInstSV - ok 13:28:42.0423 3400 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 13:28:42.0454 3400 b06bdrv - ok 13:28:42.0501 3400 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 13:28:42.0516 3400 b57nd60a - ok 13:28:42.0547 3400 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 13:28:42.0563 3400 BDESVC - ok 13:28:42.0563 3400 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 13:28:42.0563 3400 Beep - ok 13:28:42.0641 3400 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 13:28:42.0657 3400 BFE - ok 13:28:42.0750 3400 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll 13:28:42.0781 3400 BITS - ok 13:28:42.0828 3400 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys 13:28:42.0828 3400 blbdrive - ok 13:28:42.0859 3400 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 13:28:42.0859 3400 bowser - ok 13:28:42.0891 3400 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 13:28:42.0891 3400 BrFiltLo - ok 13:28:42.0906 3400 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 13:28:42.0906 3400 BrFiltUp - ok 13:28:42.0937 3400 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 13:28:42.0937 3400 BridgeMP - ok 13:28:42.0969 3400 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 13:28:42.0969 3400 Browser - ok 13:28:43.0000 3400 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 13:28:43.0015 3400 Brserid - ok 13:28:43.0031 3400 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 13:28:43.0031 3400 BrSerWdm - ok 13:28:43.0047 3400 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 13:28:43.0047 3400 BrUsbMdm - ok 13:28:43.0062 3400 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 13:28:43.0062 3400 BrUsbSer - ok 13:28:43.0109 3400 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 13:28:43.0125 3400 BthEnum - ok 13:28:43.0125 3400 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys 13:28:43.0140 3400 BTHMODEM - ok 13:28:43.0156 3400 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 13:28:43.0156 3400 BthPan - ok 13:28:43.0218 3400 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys 13:28:43.0234 3400 BTHPORT - ok 13:28:43.0281 3400 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll ndows\System32\AxInstSV.dll 13:28:43.0281 3400 bthserv - ok 13:28:43.0296 3400 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys 13:28:43.0296 3400 BTHUSB - ok 13:28:43.0359 3400 btwampfl (71a07b6fc98030935e60edbffe9e9c85) C:\Windows\system32\drivers\btwampfl.sys 13:28:43.0359 3400 btwampfl - ok 13:28:43.0405 3400 btwaudio (ba5622f5544c6c445dff1a05acc8b19d) C:\Windows\system32\drivers\btwaudio.sys 13:28:43.0405 3400 btwaudio - ok 13:28:43.0437 3400 btwavdt (a11905d0f4bd34771f195217b6aa5ae0) C:\Windows\system32\DRIVERS\btwavdt.sys 13:28:43.0452 3400 btwavdt - ok 13:28:43.0577 3400 btwdins (1af4adb12e5ec25041166da38c3b42c9) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe 13:28:43.0608 3400 btwdins - ok 13:28:43.0624 3400 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys 13:28:43.0624 3400 btwl2cap - ok 13:28:43.0639 3400 btwrchid (bd776f32d64ec615be4563dc2747224e) C:\Windows\system32\DRIVERS\btwrchid.sys 13:28:43.0639 3400 btwrchid - ok 13:28:43.0671 3400 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 13:28:43.0671 3400 cdfs - ok 13:28:43.0702 3400 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 13:28:43.0717 3400 cdrom - ok 13:28:43.0764 3400 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 13:28:43.0764 3400 CertPropSvc - ok 13:28:43.0780 3400 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 13:28:43.0780 3400 circlass - ok 13:28:43.0842 3400 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 13:28:43.0842 3400 CLFS - ok 13:28:43.0920 3400 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 13:28:43.0920 3400 clr_optimization_v2.0.50727_32 - ok 13:28:43.0967 3400 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 13:28:43.0967 3400 clr_optimization_v2.0.50727_64 - ok 13:28:44.0029 3400 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 13:28:44.0045 3400 clr_optimization_v4.0.30319_32 - ok 13:28:44.0092 3400 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 13:28:44.0107 3400 clr_optimization_v4.0.30319_64 - ok 13:28:44.0139 3400 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys 13:28:44.0139 3400 CmBatt - ok 13:28:44.0170 3400 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 13:28:44.0170 3400 cmdide - ok 13:28:44.0232 3400 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 13:28:44.0248 3400 CNG - ok 13:28:44.0263 3400 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys 13:28:44.0263 3400 Compbatt - ok 13:28:44.0310 3400 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 13:28:44.0310 3400 CompositeBus - ok 13:28:44.0326 3400 COMSysApp - ok 13:28:44.0341 3400 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 13:28:44.0357 3400 crcdisk - ok 13:28:44.0388 3400 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll 13:28:44.0388 3400 CryptSvc - ok 13:28:44.0466 3400 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 13:28:44.0497 3400 DcomLaunch - ok 13:28:44.0529 3400 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 13:28:44.0544 3400 defragsvc - ok 13:28:44.0575 3400 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 13:28:44.0575 3400 DfsC - ok 13:28:44.0622 3400 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 13:28:44.0622 3400 Dhcp - ok 13:28:44.0638 3400 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 13:28:44.0638 3400 discache - ok 13:28:44.0669 3400 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 13:28:44.0669 3400 Disk - ok 13:28:44.0700 3400 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 13:28:44.0716 3400 Dnscache - ok 13:28:44.0747 3400 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 13:28:44.0763 3400 dot3svc - ok 13:28:44.0794 3400 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 13:28:44.0809 3400 DPS - ok 13:28:44.0825 3400 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 13:28:44.0825 3400 drmkaud - ok 13:28:44.0919 3400 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 13:28:44.0950 3400 DXGKrnl - ok 13:28:44.0997 3400 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 13:28:44.0997 3400 EapHost - ok 13:28:45.0231 3400 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 13:28:45.0293 3400 ebdrv - ok 13:28:45.0418 3400 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 13:28:45.0418 3400 EFS - ok 13:28:45.0511 3400 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 13:28:45.0527 3400 ehRecvr - ok 13:28:45.0574 3400 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 13:28:45.0574 3400 ehSched - ok 13:28:45.0667 3400 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 13:28:45.0683 3400 elxstor - ok 13:28:45.0699 3400 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 13:28:45.0714 3400 ErrDev - ok 13:28:45.0730 3400 EtronHub3 (72eccb2f5c9cfc32a9b2a60933832501) C:\Windows\System32\Drivers\EtronHub3.sys 13:28:45.0730 3400 EtronHub3 - ok 13:28:45.0761 3400 EtronXHCI (7bb310f6fb9e1b9d21dd2ce7eb0d5464) C:\Windows\System32\Drivers\EtronXHCI.sys 13:28:45.0777 3400 EtronXHCI - ok 13:28:45.0823 3400 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 13:28:45.0839 3400 EventSystem - ok 13:28:46.0026 3400 EvtEng (51643ee2712d9212e1e53ca7e8d8eb4a) C:\Program Files\Intel\WiFi\bin\EvtEng.exe 13:28:46.0073 3400 EvtEng - ok 13:28:46.0229 3400 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 13:28:46.0245 3400 exfat - ok 13:28:46.0260 3400 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 13:28:46.0276 3400 fastfat - ok 13:28:46.0354 3400 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 13:28:46.0369 3400 Fax - ok 13:28:46.0385 3400 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 13:28:46.0385 3400 fdc - ok 13:28:46.0432 3400 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 13:28:46.0432 3400 fdPHost - ok 13:28:46.0463 3400 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 13:28:46.0463 3400 FDResPub - ok 13:28:46.0494 3400 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 13:28:46.0494 3400 FileInfo - ok 13:28:46.0510 3400 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 13:28:46.0510 3400 Filetrace - ok 13:28:46.0525 3400 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 13:28:46.0525 3400 flpydisk - ok 13:28:46.0572 3400 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 13:28:46.0588 3400 FltMgr - ok 13:28:46.0650 3400 FLxHCIc (4a8d45a1de1b1e53f81190ca4e437dd6) C:\Windows\system32\drivers\FLxHCIc.sys 13:28:46.0650 3400 FLxHCIc - ok 13:28:46.0681 3400 FLxHCIh (bb0a3fb710c90d1bc2d78266012c0cf6) C:\Windows\system32\drivers\FLxHCIh.sys 13:28:46.0681 3400 FLxHCIh - ok 13:28:46.0791 3400 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 13:28:46.0822 3400 FontCache - ok 13:28:46.0884 3400 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 13:28:46.0884 3400 FontCache3.0.0.0 - ok 13:28:46.0900 3400 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 13:28:46.0900 3400 FsDepends - ok 13:28:46.0931 3400 fssfltr (53dab1791917a72738539ad25c4eed7f) C:\Windows\system32\DRIVERS\fssfltr.sys 13:28:46.0931 3400 fssfltr - ok 13:28:47.0056 3400 fsssvc (45b52394f9624237f33a8a3d73c0b221) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 13:28:47.0103 3400 fsssvc - ok 13:28:47.0149 3400 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 13:28:47.0149 3400 Fs_Rec - ok 13:28:47.0196 3400 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 13:28:47.0212 3400 fvevol - ok 13:28:47.0243 3400 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 13:28:47.0243 3400 gagp30kx - ok 13:28:47.0321 3400 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 13:28:47.0352 3400 gpsvc - ok 13:28:47.0415 3400 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 13:28:47.0430 3400 gupdate - ok 13:28:47.0446 3400 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 13:28:47.0446 3400 gupdatem - ok 13:28:47.0493 3400 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 13:28:47.0493 3400 gusvc - ok 13:28:47.0524 3400 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 13:28:47.0524 3400 hcw85cir - ok 13:28:47.0586 3400 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 13:28:47.0602 3400 HdAudAddService - ok 13:28:47.0649 3400 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 13:28:47.0649 3400 HDAudBus - ok 13:28:47.0664 3400 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 13:28:47.0664 3400 HidBatt - ok 13:28:47.0695 3400 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys 13:28:47.0695 3400 HidBth - ok 13:28:47.0727 3400 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 13:28:47.0727 3400 HidIr - ok 13:28:47.0742 3400 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll 13:28:47.0742 3400 hidserv - ok 13:28:47.0773 3400 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 13:28:47.0773 3400 HidUsb - ok 13:28:47.0805 3400 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 13:28:47.0805 3400 hkmsvc - ok 13:28:47.0836 3400 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 13:28:47.0851 3400 HomeGroupListener - ok 13:28:47.0883 3400 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 13:28:47.0898 3400 HomeGroupProvider - ok 13:28:47.0929 3400 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 13:28:47.0929 3400 HpSAMD - ok 13:28:48.0007 3400 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 13:28:48.0054 3400 HTTP - ok 13:28:48.0085 3400 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 13:28:48.0085 3400 hwpolicy - ok 13:28:48.0117 3400 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 13:28:48.0132 3400 i8042prt - ok 13:28:48.0195 3400 iaStor (2fdaec4b02729c48c0fd1b0b4695995b) C:\Windows\system32\drivers\iaStor.sys 13:28:48.0195 3400 iaStor - ok 13:28:48.0273 3400 IAStorDataMgrSvc (cc800d2d9fd467542bac7c186c4774ad) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 13:28:48.0273 3400 IAStorDataMgrSvc - ok 13:28:48.0335 3400 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 13:28:48.0351 3400 iaStorV - ok 13:28:48.0475 3400 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 13:28:48.0507 3400 idsvc - ok 13:28:48.0538 3400 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 13:28:48.0538 3400 iirsp - ok 13:28:48.0647 3400 IJPLMSVC (a06efd4965f8a3f97a8c9a291d032678) C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE 13:28:48.0647 3400 IJPLMSVC - ok 13:28:48.0741 3400 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 13:28:48.0772 3400 IKEEXT - ok 13:28:48.0819 3400 Impcd (4b6363cd4610bb848531bb260b15dfcc) C:\Windows\system32\drivers\Impcd.sys 13:28:48.0834 3400 Impcd - ok 13:28:49.0037 3400 IntcAzAudAddService (2e3b99e8c23be2bf32ebe1db5261f275) C:\Windows\system32\drivers\RTKVHD64.sys 13:28:49.0084 3400 IntcAzAudAddService - ok 13:28:49.0240 3400 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 13:28:49.0240 3400 intelide - ok 13:28:49.0287 3400 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 13:28:49.0287 3400 intelppm - ok 13:28:49.0318 3400 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 13:28:49.0318 3400 IPBusEnum - ok 13:28:49.0349 3400 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 13:28:49.0349 3400 IpFilterDriver - ok 13:28:49.0443 3400 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 13:28:49.0458 3400 iphlpsvc - ok 13:28:49.0489 3400 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 13:28:49.0489 3400 IPMIDRV - ok 13:28:49.0521 3400 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 13:28:49.0521 3400 IPNAT - ok 13:28:49.0552 3400 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 13:28:49.0552 3400 IRENUM - ok 13:28:49.0583 3400 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 13:28:49.0583 3400 isapnp - ok 13:28:49.0614 3400 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 13:28:49.0630 3400 iScsiPrt - ok 13:28:49.0723 3400 IviRegMgr (213822072085b5bbad9af30ab577d817) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe 13:28:49.0739 3400 IviRegMgr - ok 13:28:49.0770 3400 JRAID (1c368c1a2733dcc5b8e15420aa2b0f6d) C:\Windows\system32\drivers\jraid.sys 13:28:49.0786 3400 JRAID - ok 13:28:49.0817 3400 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 13:28:49.0817 3400 kbdclass - ok 13:28:49.0833 3400 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys 13:28:49.0848 3400 kbdhid - ok 13:28:49.0864 3400 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 13:28:49.0879 3400 KeyIso - ok 13:28:49.0895 3400 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 13:28:49.0895 3400 KSecDD - ok 13:28:49.0926 3400 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 13:28:49.0926 3400 KSecPkg - ok 13:28:49.0957 3400 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 13:28:49.0957 3400 ksthunk - ok 13:28:50.0020 3400 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 13:28:50.0051 3400 KtmRm - ok 13:28:50.0098 3400 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll 13:28:50.0098 3400 LanmanServer - ok 13:28:50.0145 3400 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 13:28:50.0145 3400 LanmanWorkstation - ok 13:28:50.0176 3400 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 13:28:50.0176 3400 lltdio - ok 13:28:50.0223 3400 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 13:28:50.0238 3400 lltdsvc - ok 13:28:50.0254 3400 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 13:28:50.0269 3400 lmhosts - ok 13:28:50.0301 3400 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 13:28:50.0316 3400 LSI_FC - ok 13:28:50.0332 3400 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 13:28:50.0347 3400 LSI_SAS - ok 13:28:50.0363 3400 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 13:28:50.0363 3400 LSI_SAS2 - ok 13:28:50.0379 3400 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 13:28:50.0379 3400 LSI_SCSI - ok 13:28:50.0410 3400 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 13:28:50.0410 3400 luafv - ok 13:28:50.0441 3400 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 13:28:50.0441 3400 Mcx2Svc - ok 13:28:50.0457 3400 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 13:28:50.0457 3400 megasas - ok 13:28:50.0503 3400 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 13:28:50.0503 3400 MegaSR - ok 13:28:50.0519 3400 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 13:28:50.0519 3400 MMCSS - ok 13:28:50.0550 3400 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 13:28:50.0550 3400 Modem - ok 13:28:50.0566 3400 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 13:28:50.0566 3400 monitor - ok 13:28:50.0613 3400 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 13:28:50.0613 3400 mouclass - ok 13:28:50.0628 3400 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 13:28:50.0628 3400 mouhid - ok 13:28:50.0659 3400 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 13:28:50.0675 3400 mountmgr - ok 13:28:50.0706 3400 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 13:28:50.0706 3400 mpio - ok 13:28:50.0737 3400 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 13:28:50.0737 3400 mpsdrv - ok 13:28:50.0815 3400 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 13:28:50.0831 3400 MpsSvc - ok 13:28:50.0862 3400 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 13:28:50.0862 3400 MRxDAV - ok 13:28:50.0909 3400 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 13:28:50.0909 3400 mrxsmb - ok 13:28:50.0940 3400 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 13:28:50.0956 3400 mrxsmb10 - ok 13:28:50.0987 3400 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 13:28:50.0987 3400 mrxsmb20 - ok 13:28:51.0034 3400 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 13:28:51.0034 3400 msahci - ok 13:28:51.0049 3400 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 13:28:51.0065 3400 msdsm - ok 13:28:51.0096 3400 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 13:28:51.0096 3400 MSDTC - ok 13:28:51.0143 3400 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 13:28:51.0143 3400 Msfs - ok 13:28:51.0143 3400 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 13:28:51.0159 3400 mshidkmdf - ok 13:28:51.0174 3400 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 13:28:51.0174 3400 msisadrv - ok 13:28:51.0190 3400 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 13:28:51.0205 3400 MSiSCSI - ok 13:28:51.0205 3400 msiserver - ok 13:28:51.0221 3400 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 13:28:51.0221 3400 MSKSSRV - ok 13:28:51.0237 3400 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 13:28:51.0237 3400 MSPCLOCK - ok 13:28:51.0252 3400 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 13:28:51.0252 3400 MSPQM - ok 13:28:51.0283 3400 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 13:28:51.0299 3400 MsRPC - ok 13:28:51.0315 3400 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 13:28:51.0315 3400 mssmbios - ok 13:28:51.0346 3400 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 13:28:51.0346 3400 MSTEE - ok 13:28:51.0361 3400 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 13:28:51.0361 3400 MTConfig - ok 13:28:51.0377 3400 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 13:28:51.0377 3400 Mup - ok 13:28:51.0455 3400 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 13:28:51.0471 3400 napagent - ok 13:28:51.0533 3400 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 13:28:51.0533 3400 NativeWifiP - ok 13:28:51.0642 3400 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 13:28:51.0658 3400 NDIS - ok 13:28:51.0689 3400 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 13:28:51.0689 3400 NdisCap - ok 13:28:51.0705 3400 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 13:28:51.0705 3400 NdisTapi - ok 13:28:51.0736 3400 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 13:28:51.0736 3400 Ndisuio - ok 13:28:51.0767 3400 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 13:28:51.0767 3400 NdisWan - ok 13:28:51.0783 3400 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 13:28:51.0783 3400 NDProxy - ok 13:28:51.0814 3400 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 13:28:51.0814 3400 NetBIOS - ok 13:28:51.0861 3400 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 13:28:51.0876 3400 NetBT - ok 13:28:51.0892 3400 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 13:28:51.0907 3400 Netlogon - ok 13:28:51.0954 3400 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 13:28:51.0970 3400 Netman - ok 13:28:52.0017 3400 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 13:28:52.0048 3400 netprofm - ok 13:28:52.0110 3400 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 13:28:52.0126 3400 NetTcpPortSharing - ok 13:28:52.0641 3400 NETw5s64 (4d85a450edef10c38882182753a49aae) C:\Windows\system32\DRIVERS\NETw5s64.sys 13:28:52.0750 3400 NETw5s64 - ok 13:28:52.0875 3400 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 13:28:52.0875 3400 nfrd960 - ok 13:28:52.0921 3400 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 13:28:52.0937 3400 NlaSvc - ok 13:28:52.0968 3400 nmwcd (5fe6f8c05f0769bbb74afac11453b182) C:\Windows\system32\drivers\ccdcmbx64.sys 13:28:52.0984 3400 nmwcd - ok 13:28:52.0984 3400 nmwcdc (73c929945c0850b8d1fe2fea05fdf05d) C:\Windows\system32\drivers\ccdcmbox64.sys 13:28:52.0999 3400 nmwcdc - ok 13:28:52.0999 3400 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 13:28:52.0999 3400 Npfs - ok 13:28:53.0031 3400 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 13:28:53.0031 3400 nsi - ok 13:28:53.0031 3400 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 13:28:53.0031 3400 nsiproxy - ok 13:28:53.0171 3400 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 13:28:53.0202 3400 Ntfs - ok 13:28:53.0327 3400 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 13:28:53.0327 3400 Null - ok 13:28:53.0374 3400 nusb3hub (9a33100ac62a0463c49e47ee8e77083a) C:\Windows\system32\drivers\nusb3hub.sys 13:28:53.0389 3400 nusb3hub - ok 13:28:53.0436 3400 nusb3xhc (87c321f7bee646b7ec6eedd6eb725741) C:\Windows\system32\drivers\nusb3xhc.sys 13:28:53.0452 3400 nusb3xhc - ok 13:28:53.0483 3400 NVHDA (cddd4478757288df4bb1494bfd084259) C:\Windows\system32\drivers\nvhda64v.sys 13:28:53.0499 3400 NVHDA - ok 13:28:54.0310 3400 nvlddmkm (db2bee926e7dfc59896a2d6800eb13f7) C:\Windows\system32\DRIVERS\nvlddmkm.sys 13:28:54.0513 3400 nvlddmkm - ok 13:28:54.0653 3400 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 13:28:54.0669 3400 nvraid - ok 13:28:54.0715 3400 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 13:28:54.0731 3400 nvstor - ok 13:28:54.0793 3400 nvsvc (24ab15d09a13d5a40567211a1ab9b479) C:\Windows\system32\nvvsvc.exe 13:28:54.0809 3400 nvsvc - ok 13:28:54.0840 3400 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 13:28:54.0856 3400 nv_agp - ok 13:28:54.0871 3400 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 13:28:54.0887 3400 ohci1394 - ok 13:28:54.0949 3400 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 13:28:54.0965 3400 ose - ok 13:28:55.0402 3400 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 13:28:55.0495 3400 osppsvc - ok 13:28:55.0636 3400 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 13:28:55.0651 3400 p2pimsvc - ok 13:28:55.0698 3400 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 13:28:55.0714 3400 p2psvc - ok 13:28:55.0761 3400 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 13:28:55.0776 3400 Parport - ok 13:28:55.0807 3400 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 13:28:55.0807 3400 partmgr - ok 13:28:55.0839 3400 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 13:28:55.0839 3400 PcaSvc - ok 13:28:55.0870 3400 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys 13:28:55.0870 3400 pccsmcfd - ok 13:28:55.0917 3400 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 13:28:55.0917 3400 pci - ok 13:28:55.0948 3400 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 13:28:55.0948 3400 pciide - ok 13:28:55.0979 3400 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 13:28:55.0995 3400 pcmcia - ok 13:28:56.0010 3400 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 13:28:56.0010 3400 pcw - ok 13:28:56.0073 3400 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 13:28:56.0104 3400 PEAUTH - ok 13:28:56.0182 3400 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 13:28:56.0182 3400 PerfHost - ok 13:28:56.0307 3400 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 13:28:56.0353 3400 pla - ok 13:28:56.0416 3400 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 13:28:56.0431 3400 PlugPlay - ok 13:28:56.0556 3400 PMBDeviceInfoProvider (627fa58adc043704f9d14ca44340956f) c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe 13:28:56.0572 3400 PMBDeviceInfoProvider - ok 13:28:56.0603 3400 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 13:28:56.0603 3400 PNRPAutoReg - ok 13:28:56.0650 3400 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 13:28:56.0650 3400 PNRPsvc - ok 13:28:56.0712 3400 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 13:28:56.0743 3400 PolicyAgent - ok 13:28:56.0790 3400 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 13:28:56.0790 3400 Power - ok 13:28:56.0853 3400 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 13:28:56.0853 3400 PptpMiniport - ok 13:28:56.0884 3400 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 13:28:56.0884 3400 Processor - ok 13:28:56.0931 3400 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll 13:28:56.0931 3400 ProfSvc - ok 13:28:56.0962 3400 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 13:28:56.0962 3400 ProtectedStorage - ok 13:28:56.0993 3400 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 13:28:56.0993 3400 Psched - ok 13:28:57.0071 3400 PSI_SVC_2 (a6a7ad767bf5141665f5c675f671b3e1) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe 13:28:57.0087 3400 PSI_SVC_2 - ok 13:28:57.0118 3400 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys 13:28:57.0133 3400 PxHlpa64 - ok 13:28:57.0274 3400 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 13:28:57.0321 3400 ql2300 - ok 13:28:57.0461 3400 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 13:28:57.0461 3400 ql40xx - ok 13:28:57.0508 3400 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 13:28:57.0523 3400 QWAVE - ok 13:28:57.0539 3400 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 13:28:57.0539 3400 QWAVEdrv - ok 13:28:57.0555 3400 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 13:28:57.0555 3400 RasAcd - ok 13:28:57.0586 3400 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 13:28:57.0586 3400 RasAgileVpn - ok 13:28:57.0617 3400 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 13:28:57.0617 3400 RasAuto - ok 13:28:57.0648 3400 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 13:28:57.0648 3400 Rasl2tp - ok 13:28:57.0695 3400 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 13:28:57.0726 3400 RasMan - ok 13:28:57.0742 3400 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 13:28:57.0742 3400 RasPppoe - ok 13:28:57.0773 3400 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 13:28:57.0773 3400 RasSstp - ok 13:28:57.0804 3400 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 13:28:57.0820 3400 rdbss - ok 13:28:57.0835 3400 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys 13:28:57.0835 3400 rdpbus - ok 13:28:57.0851 3400 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 13:28:57.0851 3400 RDPCDD - ok 13:28:57.0867 3400 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 13:28:57.0867 3400 RDPENCDD - ok 13:28:57.0898 3400 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 13:28:57.0898 3400 RDPREFMP - ok 13:28:57.0929 3400 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys 13:28:57.0945 3400 RDPWD - ok 13:28:57.0991 3400 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 13:28:57.0991 3400 rdyboost - ok 13:28:58.0023 3400 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys 13:28:58.0023 3400 regi - ok 13:28:58.0163 3400 RegSrvc (3b71b5b91e7dca93585d5a86c897adc4) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 13:28:58.0210 3400 RegSrvc - ok 13:28:58.0225 3400 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 13:28:58.0241 3400 RemoteAccess - ok 13:28:58.0272 3400 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 13:28:58.0272 3400 RemoteRegistry - ok 13:28:58.0319 3400 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 13:28:58.0335 3400 RFCOMM - ok 13:28:58.0366 3400 rimspci (6ded176a14770339f1415cfdbcc9e07f) C:\Windows\system32\drivers\rimssne64.sys 13:28:58.0366 3400 rimspci - ok 13:28:58.0397 3400 risdsnpe (ddf5f666c2a5b3729e8bea01fb999cc0) C:\Windows\system32\drivers\risdsne64.sys 13:28:58.0397 3400 risdsnpe - ok 13:28:58.0475 3400 Roxio UPnP Renderer 10 (ba6ce930e1453677f7565ae45181ad76) C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe 13:28:58.0506 3400 Roxio UPnP Renderer 10 - ok 13:28:58.0553 3400 Roxio Upnp Server 10 (3a3d707a35ea30a6cf88b9e555e3d815) C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe 13:28:58.0584 3400 Roxio Upnp Server 10 - ok 13:28:58.0600 3400 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 13:28:58.0600 3400 RpcEptMapper - ok 13:28:58.0615 3400 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 13:28:58.0615 3400 RpcLocator - ok 13:28:58.0678 3400 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 13:28:58.0693 3400 RpcSs - ok 13:28:58.0756 3400 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 13:28:58.0756 3400 rspndr - ok 13:28:58.0803 3400 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 13:28:58.0803 3400 SamSs - ok 13:28:58.0834 3400 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 13:28:58.0849 3400 sbp2port - ok 13:28:58.0881 3400 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 13:28:58.0881 3400 SCardSvr - ok 13:28:58.0912 3400 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 13:28:58.0912 3400 scfilter - ok 13:28:59.0021 3400 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 13:28:59.0052 3400 Schedule - ok 13:28:59.0083 3400 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 13:28:59.0083 3400 SCPolicySvc - ok 13:28:59.0115 3400 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys 13:28:59.0115 3400 sdbus - ok 13:28:59.0146 3400 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 13:28:59.0161 3400 SDRSVC - ok 13:28:59.0193 3400 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 13:28:59.0193 3400 secdrv - ok 13:28:59.0193 3400 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 13:28:59.0208 3400 seclogon - ok 13:28:59.0224 3400 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll 13:28:59.0239 3400 SENS - ok 13:28:59.0239 3400 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 13:28:59.0255 3400 SensrSvc - ok 13:28:59.0271 3400 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 13:28:59.0271 3400 Serenum - ok 13:28:59.0302 3400 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 13:28:59.0302 3400 Serial - ok 13:28:59.0333 3400 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 13:28:59.0333 3400 sermouse - ok 13:28:59.0442 3400 ServiceLayer (f31e9531af225ca25350d5e87e999b31) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe 13:28:59.0473 3400 ServiceLayer - ok 13:28:59.0505 3400 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 13:28:59.0505 3400 SessionEnv - ok 13:28:59.0551 3400 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys 13:28:59.0551 3400 SFEP - ok 13:28:59.0567 3400 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 13:28:59.0583 3400 sffdisk - ok 13:28:59.0583 3400 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 13:28:59.0583 3400 sffp_mmc - ok 13:28:59.0598 3400 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 13:28:59.0598 3400 sffp_sd - ok 13:28:59.0629 3400 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 13:28:59.0645 3400 sfloppy - ok 13:28:59.0692 3400 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 13:28:59.0707 3400 SharedAccess - ok 13:28:59.0754 3400 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 13:28:59.0770 3400 ShellHWDetection - ok 13:28:59.0817 3400 Si3124r5 (da492c8305434ec6f9bdd60c8b83b10e) C:\Windows\system32\drivers\Si3124r5.sys 13:28:59.0832 3400 Si3124r5 - ok 13:28:59.0863 3400 SiFilter (8d10887a1699cf61e74467694b929b09) C:\Windows\system32\drivers\SiWinAcc.sys 13:28:59.0863 3400 SiFilter - ok 13:28:59.0895 3400 SiRemFil (94e1eda9a0b305a67ee1bbd0a68ce21a) C:\Windows\system32\drivers\SiRemFil.sys 13:28:59.0895 3400 SiRemFil - ok 13:28:59.0910 3400 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 13:28:59.0910 3400 SiSRaid2 - ok 13:28:59.0926 3400 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 13:28:59.0926 3400 SiSRaid4 - ok 13:28:59.0957 3400 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 13:28:59.0957 3400 Smb - ok 13:28:59.0988 3400 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 13:29:00.0004 3400 SNMPTRAP - ok 13:29:00.0097 3400 SOHCImp (c3e69db0a4e59564230e053232f39ac7) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe 13:29:00.0113 3400 SOHCImp - ok 13:29:00.0160 3400 SOHDms (65cc4779a29c3e82b987bd4961790dff) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe 13:29:00.0175 3400 SOHDms - ok 13:29:00.0207 3400 SOHDs (f47d75cee1844eef4a9ea6ee768828fb) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe 13:29:00.0207 3400 SOHDs - ok 13:29:00.0285 3400 SpfService (65e5659e9c2a0762d05657c0e22a7ca2) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe 13:29:00.0300 3400 SpfService - ok 13:29:00.0331 3400 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 13:29:00.0331 3400 spldr - ok 13:29:00.0409 3400 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 13:29:00.0425 3400 Spooler - ok 13:29:00.0690 3400 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 13:29:00.0768 3400 sppsvc - ok 13:29:00.0924 3400 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 13:29:00.0924 3400 sppuinotify - ok 13:29:01.0002 3400 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 13:29:01.0018 3400 srv - ok 13:29:01.0065 3400 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 13:29:01.0080 3400 srv2 - ok 13:29:01.0111 3400 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 13:29:01.0111 3400 srvnet - ok 13:29:01.0143 3400 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 13:29:01.0158 3400 SSDPSRV - ok 13:29:01.0174 3400 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 13:29:01.0189 3400 SstpSvc - ok 13:29:01.0205 3400 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 13:29:01.0205 3400 stexstor - ok 13:29:01.0267 3400 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 13:29:01.0283 3400 stisvc - ok 13:29:01.0299 3400 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 13:29:01.0314 3400 swenum - ok 13:29:01.0361 3400 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 13:29:01.0377 3400 swprv - ok 13:29:01.0548 3400 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 13:29:01.0579 3400 SysMain - ok 13:29:01.0704 3400 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 13:29:01.0704 3400 TabletInputService - ok 13:29:01.0751 3400 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 13:29:01.0767 3400 TapiSrv - ok 13:29:01.0798 3400 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 13:29:01.0798 3400 TBS - ok 13:29:02.0094 3400 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 13:29:02.0125 3400 Tcpip - ok 13:29:02.0359 3400 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 13:29:02.0391 3400 TCPIP6 - ok 13:29:02.0469 3400 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 13:29:02.0469 3400 tcpipreg - ok 13:29:02.0500 3400 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 13:29:02.0500 3400 TDPIPE - ok 13:29:02.0531 3400 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 13:29:02.0531 3400 TDTCP - ok 13:29:02.0562 3400 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 13:29:02.0562 3400 tdx - ok 13:29:02.0593 3400 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 13:29:02.0593 3400 TermDD - ok 13:29:02.0671 3400 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 13:29:02.0687 3400 TermService - ok 13:29:02.0718 3400 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 13:29:02.0734 3400 Themes - ok 13:29:02.0749 3400 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 13:29:02.0749 3400 THREADORDER - ok 13:29:02.0781 3400 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 13:29:02.0781 3400 TrkWks - ok 13:29:02.0843 3400 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 13:29:02.0843 3400 TrustedInstaller - ok 13:29:02.0874 3400 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 13:29:02.0874 3400 tssecsrv - ok 13:29:02.0905 3400 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 13:29:02.0905 3400 TsUsbFlt - ok 13:29:02.0952 3400 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 13:29:02.0952 3400 tunnel - ok 13:29:02.0968 3400 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 13:29:02.0983 3400 uagp35 - ok 13:29:03.0030 3400 uCamMonitor (63f6d08c54d5b3c1b12a6172032055c7) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe 13:29:03.0046 3400 uCamMonitor - ok 13:29:03.0093 3400 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 13:29:03.0093 3400 udfs - ok 13:29:03.0139 3400 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 13:29:03.0139 3400 UI0Detect - ok 13:29:03.0171 3400 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 13:29:03.0171 3400 uliagpkx - ok 13:29:03.0217 3400 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 13:29:03.0217 3400 umbus - ok 13:29:03.0233 3400 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 13:29:03.0233 3400 UmPass - ok 13:29:03.0264 3400 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 13:29:03.0295 3400 upnphost - ok 13:29:03.0311 3400 upperdev (34afb83c7bba370e404e52cc2290350c) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys 13:29:03.0311 3400 upperdev - ok 13:29:03.0358 3400 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 13:29:03.0373 3400 usbccgp - ok 13:29:03.0389 3400 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 13:29:03.0405 3400 usbcir - ok 13:29:03.0436 3400 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 13:29:03.0436 3400 usbehci - ok 13:29:03.0483 3400 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 13:29:03.0498 3400 usbhub - ok 13:29:03.0514 3400 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 13:29:03.0514 3400 usbohci - ok 13:29:03.0561 3400 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 13:29:03.0561 3400 usbprint - ok 13:29:03.0592 3400 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 13:29:03.0592 3400 usbscan - ok 13:29:03.0623 3400 usbser (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\DRIVERS\usbser.sys 13:29:03.0623 3400 usbser - ok 13:29:03.0670 3400 UsbserFilt (aa75e1efbee7186b4cbaaacf1f15e6ca) C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys 13:29:03.0670 3400 UsbserFilt - ok 13:29:03.0685 3400 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 13:29:03.0685 3400 USBSTOR - ok 13:29:03.0701 3400 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 13:29:03.0717 3400 usbuhci - ok 13:29:03.0763 3400 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 13:29:03.0763 3400 usbvideo - ok 13:29:03.0795 3400 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 13:29:03.0795 3400 UxSms - ok 13:29:03.0873 3400 VAIO Entertainment TV Device Arbitration Service (8e68e4aa2d7abbf7c9159d9d2a38ae0f) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe 13:29:03.0873 3400 VAIO Entertainment TV Device Arbitration Service - ok 13:29:03.0951 3400 VAIO Event Service (218f78b39832a2a0761ce2422828a57c) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe 13:29:03.0966 3400 VAIO Event Service - ok 13:29:04.0060 3400 VAIO Power Management (1cf1a4dd7a58c966c9014b83c7229cf3) C:\Program Files\Sony\VAIO Power Management\SPMService.exe 13:29:04.0091 3400 VAIO Power Management - ok 13:29:04.0107 3400 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 13:29:04.0107 3400 VaultSvc - ok 13:29:04.0200 3400 VCFw (d00058c1fff3f3de990444a5734e9639) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe 13:29:04.0231 3400 VCFw - ok 13:29:04.0325 3400 VcmIAlzMgr (10e212bfb7eab152a64c1aaec2f7f4e0) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe 13:29:04.0341 3400 VcmIAlzMgr - ok 13:29:04.0387 3400 VcmINSMgr (7a88cfd3fe99f2c9b95a6e2a08b96e14) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe 13:29:04.0403 3400 VcmINSMgr - ok 13:29:04.0465 3400 VcmXmlIfHelper (8efaaccc7bfa1e9031efdfb01a1b0d69) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe 13:29:04.0465 3400 VcmXmlIfHelper - ok 13:29:04.0497 3400 VCService (d347d3abe070aa09c22fc37121555d52) C:\Program Files\Sony\VAIO Care\VCService.exe 13:29:04.0512 3400 VCService - ok 13:29:04.0653 3400 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 13:29:04.0668 3400 vdrvroot - ok 13:29:04.0715 3400 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 13:29:04.0731 3400 vds - ok 13:29:04.0762 3400 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 13:29:04.0762 3400 vga - ok 13:29:04.0777 3400 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 13:29:04.0777 3400 VgaSave - ok 13:29:04.0824 3400 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 13:29:04.0824 3400 vhdmp - ok 13:29:04.0855 3400 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 13:29:04.0871 3400 viaide - ok 13:29:04.0902 3400 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 13:29:04.0902 3400 volmgr - ok 13:29:04.0949 3400 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 13:29:04.0949 3400 volmgrx - ok 13:29:04.0980 3400 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 13:29:04.0996 3400 volsnap - ok 13:29:05.0027 3400 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 13:29:05.0027 3400 vsmraid - ok 13:29:05.0167 3400 VSNService (047f22bdfdae6df6f1e47e747a1237a2) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe 13:29:05.0199 3400 VSNService - ok 13:29:05.0339 3400 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 13:29:05.0370 3400 VSS - ok 13:29:05.0495 3400 VUAgent (8ab3da5ea4f94ee38680b3aced11d57d) C:\Program Files\Sony\VAIO Update 5\VUAgent.exe 13:29:05.0542 3400 VUAgent - ok 13:29:05.0682 3400 VUSB3HUB (5be34bfade20ff6c154b4663605b6212) C:\Windows\system32\drivers\ViaHub3.sys 13:29:05.0698 3400 VUSB3HUB - ok 13:29:05.0713 3400 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 13:29:05.0713 3400 vwifibus - ok 13:29:05.0729 3400 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 13:29:05.0729 3400 vwififlt - ok 13:29:05.0760 3400 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 13:29:05.0760 3400 vwifimp - ok 13:29:05.0823 3400 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 13:29:05.0854 3400 W32Time - ok 13:29:05.0869 3400 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 13:29:05.0885 3400 WacomPen - ok 13:29:05.0916 3400 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 13:29:05.0916 3400 WANARP - ok 13:29:05.0932 3400 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 13:29:05.0932 3400 Wanarpv6 - ok 13:29:06.0072 3400 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 13:29:06.0119 3400 wbengine - ok 13:29:06.0244 3400 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 13:29:06.0244 3400 WbioSrvc - ok 13:29:06.0306 3400 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 13:29:06.0337 3400 wcncsvc - ok 13:29:06.0353 3400 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 13:29:06.0353 3400 WcsPlugInService - ok 13:29:06.0400 3400 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 13:29:06.0400 3400 Wd - ok 13:29:06.0431 3400 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys 13:29:06.0447 3400 WDC_SAM - ok 13:29:06.0509 3400 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 13:29:06.0525 3400 Wdf01000 - ok 13:29:06.0556 3400 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 13:29:06.0556 3400 WdiServiceHost - ok 13:29:06.0556 3400 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 13:29:06.0571 3400 WdiSystemHost - ok 13:29:06.0618 3400 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 13:29:06.0634 3400 WebClient - ok 13:29:06.0665 3400 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 13:29:06.0681 3400 Wecsvc - ok 13:29:06.0696 3400 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 13:29:06.0696 3400 wercplsupport - ok 13:29:06.0727 3400 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 13:29:06.0727 3400 WerSvc - ok 13:29:06.0774 3400 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 13:29:06.0774 3400 WfpLwf - ok 13:29:06.0790 3400 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 13:29:06.0790 3400 WIMMount - ok 13:29:06.0821 3400 WinDefend - ok 13:29:06.0821 3400 WinHttpAutoProxySvc - ok 13:29:06.0883 3400 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 13:29:06.0899 3400 Winmgmt - ok 13:29:07.0071 3400 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 13:29:07.0133 3400 WinRM - ok 13:29:07.0289 3400 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 13:29:07.0289 3400 WinUsb - ok 13:29:07.0367 3400 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 13:29:07.0398 3400 Wlansvc - ok 13:29:07.0414 3400 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 13:29:07.0414 3400 WmiAcpi - ok 13:29:07.0476 3400 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 13:29:07.0476 3400 wmiApSrv - ok 13:29:07.0523 3400 WMPNetworkSvc - ok 13:29:07.0554 3400 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 13:29:07.0570 3400 WPCSvc - ok 13:29:07.0601 3400 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 13:29:07.0601 3400 WPDBusEnum - ok 13:29:07.0632 3400 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 13:29:07.0632 3400 ws2ifsl - ok 13:29:07.0663 3400 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll 13:29:07.0663 3400 wscsvc - ok 13:29:07.0695 3400 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys 13:29:07.0695 3400 WSDPrintDevice - ok 13:29:07.0726 3400 WSDScan (4a2a5c50dd1a63577d3aca94269fbc7f) C:\Windows\system32\DRIVERS\WSDScan.sys 13:29:07.0726 3400 WSDScan - ok 13:29:07.0726 3400 WSearch - ok 13:29:07.0913 3400 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll 13:29:07.0975 3400 wuauserv - ok 13:29:08.0131 3400 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 13:29:08.0131 3400 WudfPf - ok 13:29:08.0178 3400 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 13:29:08.0178 3400 WUDFRd - ok 13:29:08.0209 3400 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 13:29:08.0209 3400 wudfsvc - ok 13:29:08.0256 3400 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 13:29:08.0272 3400 WwanSvc - ok 13:29:08.0319 3400 xhcdrv (109b6f1888845661d19b7a458776d5d1) C:\Windows\system32\drivers\xhcdrv.sys 13:29:08.0334 3400 xhcdrv - ok 13:29:08.0397 3400 yukonw7 (6affd75c6807b3dd3ab018e27b88ef95) C:\Windows\system32\DRIVERS\yk62x64.sys 13:29:08.0412 3400 yukonw7 - ok 13:29:08.0443 3400 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 13:29:08.0943 3400 \Device\Harddisk0\DR0 - ok 13:29:08.0943 3400 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1 13:29:09.0535 3400 \Device\Harddisk1\DR1 - ok 13:29:09.0535 3400 Boot (0x1200) (3705630064fa732b1db9edcd108fe6d1) \Device\Harddisk0\DR0\Partition0 13:29:09.0535 3400 \Device\Harddisk0\DR0\Partition0 - ok 13:29:09.0567 3400 Boot (0x1200) (1a76ed194f7edfcb4391aa366bf286e4) \Device\Harddisk0\DR0\Partition1 13:29:09.0582 3400 \Device\Harddisk0\DR0\Partition1 - ok 13:29:09.0582 3400 Boot (0x1200) (97793c6ebe782489632be676e2c9be30) \Device\Harddisk1\DR1\Partition0 13:29:09.0582 3400 \Device\Harddisk1\DR1\Partition0 - ok 13:29:09.0582 3400 ============================================================ 13:29:09.0582 3400 Scan finished 13:29:09.0582 3400 ============================================================ 13:29:09.0598 2316 Detected object count: 0 13:29:09.0598 2316 Actual detected object count: 0 Wie zippe und hänge ich das Archiv von Malwarebytes an? Ich habe mir die 7-ZiP Anwendung heruntergeladen, schaffe es aber nicht, das Archiv zu zippen. Herzlichen Dank im Voraus für deine weitere Hilfestellung! |
|
04.06.2012, 13:41
| #5 |
| /// Malwareteam | TR.Crypt.ZPACK.Gen8 Scanner finden nichts mehr Poste mir die Logfiles bitte in Codetags - diese Funktion findest du als #-Symbol oben im Antwortfenster. So kannst du auch das MBAM-Log posten. aswMBR: Wenn du beim Programmstart gefragt wirst, verneine das Scannen mit Avast!-Signaturen. Falls dieser download bereits geschehen ist, scanne ohne diese Signaturen - dies kannst du in dem kleinen Menü im Programm selbst einstellen.
__________________ Kein Asylrecht für Trojaner!  Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
04.06.2012, 19:27
| #6 | |||||
| | TR.Crypt.ZPACK.Gen8 Scanner finden nichts mehr Hallo Marius, beim posten aller Logdateien (OTL, MBAM und aswMBR) kam die Meldung: "Die folgenden Fehler traten bei der Verarbeitung auf Sie haben für diese Aktion nicht die benötigte Berechtigung. Bitte laden Sie diese Seite erneut und melden Sie sich an, bevor Sie es erneut versuchen." Deshalb probiere ich, Dir die Logdateien getrennt in drei Antwortfenstern zu übermitteln. Hier nun die neueren OTL-Logs:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 04.06.2012 11:05:39 - Run 2
OTL by OldTimer - Version 3.2.46.0 Folder = C:\Users\***\Desktop\Sicherheit
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
5,98 Gb Total Physical Memory | 3,66 Gb Available Physical Memory | 61,21% Memory free
11,96 Gb Paging File | 9,14 Gb Available in Paging File | 76,40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455,40 Gb Total Space | 363,76 Gb Free Space | 79,88% Space Free | Partition Type: NTFS
Drive E: | 1862,98 Gb Total Space | 1073,37 Gb Free Space | 57,62% Space Free | Partition Type: NTFS
Computer Name: ***-VAIO | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{12B6A568-BEAA-4832-B07D-AE6A15FAF14B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{18DC69F5-A75D-49BD-ADF1-D87775D734AC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2AE6D44D-2C51-45F6-909C-2DF69BC6D407}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3F1E3B75-9C84-43F7-BF0D-36410414C927}" = rport=445 | protocol=6 | dir=out | app=system |
"{4DA6DB71-B8A0-4960-ADC3-DF9455C999BC}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{4E2A890F-5CD1-4A04-825C-2627F6EF7563}" = lport=445 | protocol=6 | dir=in | app=system |
"{64ACE2FD-80A6-49B2-954E-5AB7C731BF83}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{65D95DB5-2982-477E-95A2-DB0D44021291}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{664CA157-9FFA-462F-8451-8180182FF4FC}" = lport=139 | protocol=6 | dir=in | app=system |
"{714EC8CE-E0B3-4B7C-AB95-D34A4A0A7F48}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{71802707-5246-4ACF-B090-0C54C072698D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7B76487E-1F12-4B27-BADB-96E0B23E9F94}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{81D8896F-B7FB-401B-AB49-D6C34E1DF424}" = rport=138 | protocol=17 | dir=out | app=system |
"{949C43C6-86AE-4D04-BC87-BCDD628554D7}" = rport=10243 | protocol=6 | dir=out | app=system |
"{9853CB8D-B913-446B-8C9C-D5D5D510D77E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{9A50DB3A-A735-4C12-804D-BE929B47B4CC}" = lport=138 | protocol=17 | dir=in | app=system |
"{A076FC9F-F6A9-4EF6-84B6-A500CB05A3CF}" = rport=139 | protocol=6 | dir=out | app=system |
"{A6E77B8C-7A8F-45E0-BFD1-293FCA68395D}" = rport=137 | protocol=17 | dir=out | app=system |
"{A947D436-67EE-4CB6-AFE9-A1C67B032CD4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AA40566E-C35D-4A46-B7CA-D09B603A93CD}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AFCDCFA6-69E3-42AE-8B0E-47339CFC8850}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DCFCC48C-17FC-43FF-9411-1B718218B464}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DE20E426-C2FE-4CCE-8F4E-5762D2BA8118}" = lport=10243 | protocol=6 | dir=in | app=system |
"{EAA2BC50-6524-40B7-A1D0-D4D159CA17EF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F4576DA9-F538-4948-9FFA-85A16087A5EF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F6988359-C0A1-40C7-926D-E3A246062421}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06F59826-5505-4BFD-9CFA-FA8D44EEEB5D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0A914883-71F1-4BCA-BFD9-EFFD35A2D291}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1494138B-B82E-45F2-B213-605F5A9B2044}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{214B67BC-2996-44CF-8BA3-C7242C6F7473}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{2245C59D-59E5-4928-98D2-002D448BB957}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{27D900D5-8479-4502-9228-16BD9EF956C3}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{379EC087-C193-498A-A3FA-4A4D8ED94996}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{385455FE-E75A-418B-877D-42C744BB25F2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3C00C49E-A208-424C-9BFA-0AC5A1A9A9DB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{471FBB37-A94D-4278-AD12-8CE1A4CAEF97}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4BA6D594-AA79-4DD0-B6F1-06A31ACFEF01}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{57296F57-C11C-4472-8971-48776D8A8B41}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{57A9A13E-E546-4FCA-919B-00A0ED21E578}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{5E891BE7-E2F0-49D1-8A01-21EC1116FEF1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7AED70AF-C62C-46F3-866B-78FD71BF0D34}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{8CE51898-DE1F-4510-92E2-3D6D469BEC14}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{8EC317C0-97AA-4731-960D-954FFC708CED}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{954C0A9F-0AD6-4941-BA90-D23D22DC6943}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohcimp.exe |
"{9A20B27D-0060-4AC5-82DA-0AA223F2B624}" = protocol=6 | dir=out | app=system |
"{9A75C963-650E-4D9D-B2A2-51ABD4DEA39F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9B48627D-630A-4C5A-BA74-66106FA766A8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AAAECB7D-7F01-4C07-85D3-BB1F1EEAA256}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{AB11E8A6-9113-4D23-B971-D9D943B4DD58}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{ADDD7413-9F56-4CF9-B7A4-F59EFD547E8E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C5AD1DC8-B2C5-4715-A481-7DD7C93BADEF}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohdms.exe |
"{CDDA98CA-628D-494D-8007-A3134278C164}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{CE9B1D74-9B54-4EC3-8456-533635CBD99A}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohds.exe |
"{D4EB9290-2165-4535-AB9D-9FE0614163BA}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{FD2B52F8-C8EB-44B6-A819-CC8A17621C4F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{7469BE78-0FC7-46D3-9BF1-C79D85842FF0}C:\program files (x86)\phonostar-player\phonostar.exe" = protocol=6 | dir=in | app=c:\program files (x86)\phonostar-player\phonostar.exe |
"TCP Query User{C4B8FA26-B048-4F02-974A-F9AF5C5088DE}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{CDD4F8B4-9835-4C2C-8D2B-BAE330879FC5}C:\program files (x86)\phonostar-player\phonostar.exe" = protocol=17 | dir=in | app=c:\program files (x86)\phonostar-player\phonostar.exe |
"UDP Query User{D89F751F-B29F-48BE-9B1D-AF432B35A697}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{115B60D5-BBDB-490E-AF2E-064D37A3CE01}" = Media Gallery MergeModules x64
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP990_series" = Canon MP990 series MP Drivers
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{17B77355-3934-4D0E-8FAC-C420482C8E7D}" = Windows Live Family Safety
"{1C6B6716-84AC-412A-A296-247D41EBB7FB}" = Setup_msm_VCMS_x64
"{26A24AE4-039D-4CA4-87B4-2F86416018FF}" = Java(TM) 6 Update 18 (64-bit)
"{393A9268-A428-4F5A-9B20-BD753309A98E}" = Click to Disc MergeModules x64
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5AFD1F5C-8FDA-413C-AF38-F1E7BD10D72F}" = VMp MergeModule x64
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{7BF099BD-10EE-4B04-A195-CAE2742C943E}" = Setup_VEP_x64
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{C37B6246-7D4A-4E5C-BFB4-11C8660BDC99}" = VAIO Movie Story MergeModules x64
"{C69A835B-67A5-4542-AD24-FE36E3140BA9}" = Setup_msm_VOFS_x64
"{CCAFF072-4DDB-4846-963D-15F02A8E9472}" = Intel(R) PROSet/Wireless WiFi-Software
"{D8CC254C-C671-4664-9A38-FA368D1E2C97}" = SES Driver
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F83779DF-E1F5-43A2-A7BE-732F856FADB7}" = Microsoft SQL Server Compact 3.5 SP1 x64 English
"3366905E6EFF86120E12E2DB3F8F2EDC3B7F5003" = Windows-Treiberpaket - Broadcom HIDClass (09/11/2009 6.3.0.1500)
"4CA7CFBB29889F25ACB3DF6E3A42BAE29EB43B20" = Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (01/19/2011 1.0.0009.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"C3D0C7A1290AAA6A45D0D0422262CE3370E27BE5" = Windows-Treiberpaket - Broadcom Corporation (BTHUSB) Bluetooth (02/12/2010 6.3.0.3820)
"CCleaner" = CCleaner
"D9022850BCF278EAFBF9EDC8741DC09A1AE20B6B" = Windows-Treiberpaket - Broadcom Corporation (BTHUSB) Bluetooth (02/28/2010 6.3.0.3850)
"Defraggler" = Defraggler
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel PROSet Wireless
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00B03993-F5A1-47B1-9C54-EC8FBDDDE17E}" = VAIO Care
"{0138F525-6C8A-333F-A105-14AE030B9A54}" = Visual C++ 9.0 CRT (x86) WinSXS MSM
"{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}" = WISO Steuer-Sparbuch 2011
"{0489D044-6386-4BDF-9F98-577D60CF79DD}" = VAIO Entertainment Platform
"{06C05B90-2127-4933-8ABA-61833BDE13FA}" = Einstellungen für VAIO-Inhaltsüberwachung
"{07441A52-E208-478A-92B7-5C337CA8C131}" = Remote Play mit PlayStation®3
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{0CC1DAFB-40C8-4903-953D-471E541477C7}" = WISO Steuer-Sparbuch 2012
"{0E13CAA3-B5FC-48C0-AA4A-26F5CD0C371C}" = Garmin Lifetime Updater
"{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}" = Windows Media Center Add-in for Silverlight
"{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"{1D10C273-3F95-42A2-8371-AB6B1F59821B}" = WOT for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2BDD5DFD-9F1F-4754-8BEB-A780D49E8C73}" = Sony Home Network Library
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = PMB VAIO Edition Guide
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A221E47-E361-45C3-886A-7B2D7AD0E5AA}" = SOHLib Merge Module
"{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update 5
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{641DD10E-47E0-4A1D-B858-EF507F948C50}" = VAIO Hardware Diagnostics
"{65B138AE-F636-4D4C-BA5D-A06E21E47C53}" = Remote-Tastatur mit PlayStation 3
"{6D320CE8-79EB-4D45-8C6D-DEF74D84B49A}" = VAIO Window Organizer
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D423AE8-0E7D-4703-8EF7-500C5D36FD7F}" = Sony Home Network Library
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" = VAIO Energie Verwaltung
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}" = Nokia Suite
"{95140000-0080-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{98F2FA0E-923A-48C2-8EC7-62BD97E38FC0}" = VAIO Data Restore Tool
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center
"{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution
"{A6B90666-2A1F-49E8-A40E-27EAAD11C096}" = Sony Home Network Library
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB259D46-F851-41B0-9AFA-AED8998AD68A}" = MusicStation
"{AB270FA2-DF21-4C3A-99DB-3300802089AE}" = Garmin City Navigator Europe (Unicode) NT 2012.40 Update
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{C416CBB4-00BA-4E78-878A-590C5FD4A7A1}" = VAIO Media plus
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C8A09003-7FAB-4D48-99DD-DC2A734EC9FA}" = Remote Play with PlayStation 3
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{DD88F979-FA58-41AC-980C-A6E1A82B61D9}" = Media Gallery
"{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{ED8EF3C2-FA5B-4A1E-950D-5A0227161F97}" = ArcSoft PhotoStudio 6
"{EFBA1469-E0DA-4825-96AB-12B2988E9A28}" = Media Gallery
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote
"{F82C6574-AD88-4B40-A432-970BC77F1BD2}" = DesignPro 5
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Ahnenblatt_is1" = Ahnenblatt 2.70
"Avira AntiVir Desktop" = Avira Antivirus Premium 2012
"Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data" = Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data
"Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data" = Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data
"Canon MP990 series Benutzerregistrierung" = Canon MP990 series Benutzerregistrierung
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-PhotoPrint Pro" = Canon Utilities Easy-PhotoPrint Pro
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ESET Online Scanner" = ESET Online Scanner v3
"Google Chrome" = Google Chrome
"InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = VAIO - PMB VAIO Edition Guide
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}" = DesignPro 5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"Nokia Suite" = Nokia Suite
"Office14.SingleImage" = Microsoft Office Home and Business 2010
"phonostar3RadioPlayer_is1" = phonostar-Player Version 3.02.4
"Picasa 3" = Picasa 3
"VAIO Help and Support" =
"VAIO Premium Partners" = VAIO Premium Partners
"VAIO screensaver" = VAIO screensaver
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 25.05.2012 08:09:28 | Computer Name = ****-VAIO | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\phonostar-Player\phonostar.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 25.05.2012 08:10:11 | Computer Name = ***-VAIO | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\phonostar-Player\phonostar.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 25.05.2012 08:38:29 | Computer Name = ***-VAIO | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\phonostar-Player\phonostar.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 25.05.2012 12:57:45 | Computer Name = ***-VAIO | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\phonostar-Player\phonostar.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 25.05.2012 14:37:33 | Computer Name = ***-VAIO | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\phonostar-player\phonostar.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 28.05.2012 14:58:37 | Computer Name = ***-VAIO | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\phonostar-player\phonostar.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 29.05.2012 02:51:49 | Computer Name = ***-VAIO | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\phonostar-Player\phonostar.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 29.05.2012 02:52:54 | Computer Name = ***-VAIO | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\phonostar-Player\phonostar.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 29.05.2012 03:35:57 | Computer Name = ***-VAIO | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\phonostar-Player\phonostar.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 29.05.2012 06:42:32 | Computer Name = ***-VAIO | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\phonostar-Player\phonostar.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
[ Media Center Events ]
Error - 04.04.2012 11:05:44 | Computer Name = ***-VAIO | Source = MCUpdate | ID = 0
Description = 17:05:43 - Fehler beim Herstellen der Internetverbindung. 17:05:44
- Serververbindung konnte nicht hergestellt werden..
Error - 04.04.2012 11:06:36 | Computer Name = ***-VAIO | Source = MCUpdate | ID = 0
Description = 17:05:52 - Fehler beim Herstellen der Internetverbindung. 17:05:52
- Serververbindung konnte nicht hergestellt werden..
Error - 08.04.2012 14:04:17 | Computer Name = ***-VAIO | Source = MCUpdate | ID = 0
Description = 20:04:17 - Fehler beim Herstellen der Internetverbindung. 20:04:17
- Serververbindung konnte nicht hergestellt werden..
Error - 08.04.2012 14:04:26 | Computer Name = ***-VAIO | Source = MCUpdate | ID = 0
Description = 20:04:23 - Fehler beim Herstellen der Internetverbindung. 20:04:23
- Serververbindung konnte nicht hergestellt werden..
Error - 16.04.2012 12:25:15 | Computer Name = ***-VAIO | Source = MCUpdate | ID = 0
Description = 18:25:15 - Fehler beim Herstellen der Internetverbindung. 18:25:15
- Serververbindung konnte nicht hergestellt werden..
Error - 16.04.2012 12:25:27 | Computer Name = ***-VAIO | Source = MCUpdate | ID = 0
Description = 18:25:20 - Fehler beim Herstellen der Internetverbindung. 18:25:20
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 23.05.2012 08:07:44 | Computer Name = ***-VAIO | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.
Error - 23.05.2012 08:08:06 | Computer Name = ***-VAIO | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.
Error - 23.05.2012 08:40:04 | Computer Name = ***-VAIO | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.
Error - 23.05.2012 08:40:04 | Computer Name = ***-VAIO | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.
Error - 23.05.2012 08:40:04 | Computer Name = ***-VAIO | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.
Error - 23.05.2012 08:40:05 | Computer Name = ***-VAIO | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.
Error - 23.05.2012 08:40:05 | Computer Name = ***-VAIO | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.
Error - 23.05.2012 08:40:25 | Computer Name = ***-VAIO | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.
Error - 23.05.2012 08:40:25 | Computer Name = ***-VAIO | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.
Error - 23.05.2012 08:40:51 | Computer Name = ***-VAIO | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.
< End of report >
OTL Logfile: Code:
ATTFilter OTL logfile created on: 04.06.2012 11:05:39 - Run 2 OTL by OldTimer - Version 3.2.46.0 Folder = C:\Users\***\Desktop\Sicherheit 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 5,98 Gb Total Physical Memory | 3,66 Gb Available Physical Memory | 61,21% Memory free 11,96 Gb Paging File | 9,14 Gb Available in Paging File | 76,40% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 455,40 Gb Total Space | 363,76 Gb Free Space | 79,88% Space Free | Partition Type: NTFS Drive E: | 1862,98 Gb Total Space | 1073,37 Gb Free Space | 57,62% Space Free | Partition Type: NTFS Computer Name: NUTZER-VAIO | User Name: Nutzer | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\***\Desktop\Sicherheit\OTL.exe (OldTimer Tools) PRC - C:\Users\***\Desktop\Defogger.exe () PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Care\listener.exe (Sony of America Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) PRC - C:\Programme\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (Broadcom Corporation.) PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation) PRC - C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation) PRC - C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Personalization Manager\VpmIfPav.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation) PRC - C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.) PRC - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE () PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.) PRC - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) PRC - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) ========== Modules (No Company Name) ========== MOD - C:\Users\***\Desktop\Defogger.exe () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\90555968565afd59bce4b0974e9903bd\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\69f6e582cb79f107c61308b468c1a215\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll () MOD - C:\Program Files (x86)\WOT\WOT.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Programme\Sony\VAIO Personalization Manager\sqlite3.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation) SRV:64bit: - (Mcx2Svc) -- C:\Windows\SysNative\Mcx2Svc.dll (Microsoft Corporation) SRV:64bit: - (RemoteAccess) -- C:\Windows\SysNative\mprdim.dll (Microsoft Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG) SRV - (AntiVirMailService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (VCService) -- C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation) SRV - (SpfService) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation) SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation) SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation) SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation) SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation) SRV - (VSNService) -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation) SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV - (VcmXmlIfHelper) -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation) SRV - (VcmINSMgr) -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation) SRV - (VcmIAlzMgr) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update 5\VUAgent.exe (Sony Corporation) SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation) SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (Roxio Upnp Server 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe (Sonic Solutions) SRV - (Roxio UPnP Renderer 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe (Sonic Solutions) SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (PMBDeviceInfoProvider) -- c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation) SRV - (EvtEng) Intel(R) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV - (RegSrvc) Intel(R) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV - (RemoteAccess) -- C:\Windows\SysWOW64\mprdim.dll (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE () SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.) SRV - (PSI_SVC_2) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) SRV - (IviRegMgr) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) ========== Driver Services (SafeList) ========== DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys (Nokia) DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia) DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia) DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia) DRV:64bit: - (FLxHCIc) Fresco Logic xHCI (USB3) -- C:\Windows\SysNative\drivers\FLxHCIc.sys (Fresco Logic) DRV:64bit: - (FLxHCIh) Fresco Logic xHCI (USB3) -- C:\Windows\SysNative\drivers\FLxHCIh.sys (Fresco Logic) DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation) DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation) DRV:64bit: - (EtronXHCI) -- C:\Windows\SysNative\drivers\EtronXHCI.sys (Etron Technology Inc) DRV:64bit: - (EtronHub3) -- C:\Windows\SysNative\drivers\EtronHub3.sys (Etron Technology Inc) DRV:64bit: - (VUSB3HUB) -- C:\Windows\SysNative\drivers\ViaHub3.sys (VIA Technologies, Inc.) DRV:64bit: - (xhcdrv) -- C:\Windows\SysNative\drivers\xhcdrv.sys (VIA Technologies, Inc.) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (amdxhc) -- C:\Windows\SysNative\drivers\amdxhc.sys (Advanced Micro Devices, INC.) DRV:64bit: - (amdhub30) -- C:\Windows\SysNative\drivers\amdhub30.sys (Advanced Micro Devices, INC.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc) DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc) DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices) DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices) DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (udfs) -- C:\Windows\SysNative\drivers\udfs.sys (Microsoft Corporation) DRV:64bit: - (SiFilter) -- C:\Windows\SysNative\drivers\SiWinAcc.sys (Silicon Image, Inc.) DRV:64bit: - (SiRemFil) -- C:\Windows\SysNative\drivers\SiRemFil.sys (Silicon Image, Inc.) DRV:64bit: - (Si3124r5) -- C:\Windows\SysNative\drivers\Si3124r5.sys (Silicon Image, Inc) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (rimspci) -- C:\Windows\SysNative\drivers\rimssne64.sys (REDC) DRV:64bit: - (risdsnpe) -- C:\Windows\SysNative\drivers\risdsne64.sys (REDC) DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.) DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.) DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.) DRV:64bit: - (btwampfl) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.) DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation) DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation) DRV:64bit: - (adp3132) -- C:\Windows\SysNative\drivers\adp3132.sys (Adaptec, Inc.) DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.) DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell) DRV:64bit: - (NETw5s64) Intel(R) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation) DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (crcdisk) -- C:\Windows\SysNative\drivers\crcdisk.sys (Microsoft Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation) DRV:64bit: - (WSDScan) -- C:\Windows\SysNative\drivers\WSDScan.sys (Microsoft Corporation) DRV:64bit: - (cdfs) -- C:\Windows\SysNative\drivers\cdfs.sys (Microsoft Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.) DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia) DRV:64bit: - (ahcix64s) -- C:\Windows\SysNative\drivers\ahcix64s.sys (AMD Technologies Inc.) DRV:64bit: - (regi) -- C:\Windows\SysNative\drivers\regi.sys (InterVideo) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Upgrade to Google Chrome IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Upgrade to Google Chrome IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Nachrichten - Service - Shopping bei t-online.de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Upgrade to Google Chrome IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Upgrade to Google Chrome IE - HKCU\..\SearchScopes,DefaultScope = {42CE7C5F-7C13-4FD9-B9C8-88D546DBF375} IE - HKCU\..\SearchScopes\{3C78909D-0F98-44DF-ACF6-2B7C0EB5A9F4}: "URL" = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices IE - HKCU\..\SearchScopes\{42CE7C5F-7C13-4FD9-B9C8-88D546DBF375}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKCU\..\SearchScopes\{49B85D9D-FDB7-4DE6-9CF6-1E120E8BC3C1}: "URL" = Shopping.com Deutschland - der große Produkt- und Preisvergleich IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searcearchTerms}&rf=sonyslices IE - HKCU\..\SearchScopes\{A163B09D-95EF-49A3-B7F5-06160AA4EA60}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-0/4?satitle={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@phonostar.de/phonostar: C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll ( ) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fe_9.0@nokia.com: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0 [2012.02.28 15:05:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_9.0@nokia.com: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012.02.28 15:06:01 | 000,000,000 | ---D | M] ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.180.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll CHR - plugin: Java(TM) Platform SE 6 U20 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programme\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll () O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll () O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll () O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.) O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.) O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation) O4 - HKLM..\Run: [SHTtray.exe] C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe (Sony Corporation) O4 - HKCU..\Run: [] File not found O4 - HKCU..\Run: [Elbserver] C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe (Sony Corporation) O4 - HKCU..\Run: [VRLPHelper] C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe (Sony Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab (Bitdefender QuickScan Control) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_32.CAB (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{50023FD4-732F-43D8-B217-5AC91BB2A015}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wot - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll () O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.06.04 10:45:26 | 002,127,960 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\***\Desktop\tdsskiller.exe [2012.06.04 10:44:46 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\***\Desktop\aswMBR.exe [2012.06.03 02:25:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2012.06.02 11:33:28 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\2012_06_02 [2012.06.01 09:17:25 | 000,000,000 | R-SD | C] -- C:\Users\***\Documents\My Stationery [2012.05.20 18:06:50 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Roxio [2012.05.20 18:06:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Roxio [2012.05.20 18:02:25 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Roxio Log Files [2012.05.20 09:43:39 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\TAGESGELD [2012.05.17 15:42:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache [2012.05.17 13:39:50 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\***\HiJackThis204.exe [2012.05.14 09:29:44 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Corel [2012.05.14 09:29:31 | 000,000,000 | ---D | C] -- C:\Users\***\Corel [2012.05.10 22:58:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Bitdefender [2012.05.10 12:44:14 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012.05.09 18:57:01 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2012.05.09 18:56:59 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012.05.09 18:56:57 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012.05.09 18:56:57 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012.05.08 18:04:06 | 000,000,000 | ---D | C] -- C:\Program Files\WDCSAM [2012.05.08 14:16:31 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Avira [2012.05.08 14:15:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2012.05.08 14:14:53 | 000,132,832 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2012.05.08 14:14:53 | 000,098,848 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2012.05.08 14:14:53 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys [2012.05.08 14:14:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2012.05.08 14:14:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2012.05.05 17:26:26 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Eraser 6 [2012.05.05 16:03:09 | 008,769,696 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe [2 C:\Users\***\AppData\Local\*.tmp files -> C:\Users\***\AppData\Local\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.06.04 11:02:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.06.04 10:45:26 | 002,127,960 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\***\Desktop\tdsskiller.exe [2012.06.04 10:44:46 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\***\Desktop\aswMBR.exe [2012.06.04 10:43:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.06.04 10:26:18 | 000,397,310 | ---- | M] () -- C:\test.xml [2012.06.04 09:44:46 | 000,000,000 | ---- | M] () -- C:\Users\***\defogger_reenable [2012.06.04 09:41:09 | 000,050,477 | ---- | M] () -- C:\Users\***\Desktop\Defogger.exe [2012.06.04 09:24:17 | 000,009,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.06.04 09:24:17 | 000,009,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.06.04 09:20:05 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.06.04 09:16:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.06.04 09:16:31 | 522,760,191 | -HS- | M] () -- C:\hiberfil.sys [2012.06.03 14:50:28 | 000,015,629 | ---- | M] () -- C:\Users\***\prüfung15 [2012.06.02 15:35:06 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.06.02 15:35:06 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.06.02 15:35:06 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.06.02 15:35:06 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.06.02 15:35:06 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.06.02 15:21:32 | 000,000,448 | ---- | M] () -- C:\Users\Public\Documents\cc_20120602_152128.reg [2012.06.02 15:10:31 | 000,015,504 | ---- | M] () -- C:\Users\***\prüfung [2012.06.01 19:46:41 | 000,000,958 | ---- | M] () -- C:\Windows\wiso.ini [2012.05.31 21:39:44 | 000,038,465 | ---- | M] () -- C:\Users\***\AppData\Roaming\Kommagetrennte Werte (Windows).ADR [2012.05.31 15:34:23 | 000,000,952 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys [2012.05.21 23:33:45 | 000,177,103 | ---- | M] () -- C:\Users\Public\Documents\Messetickets-Rg.12-0001091716_bfc8fbcb5be0ace39311b33c0584809a.pdf [2012.05.21 23:28:44 | 000,671,330 | ---- | M] () -- C:\Users\***\Documents\Messetickets ges_12-0001091716_6b50461e19a4707da5ff7c5f4153da5e.pdf [2012.05.21 09:22:08 | 000,000,448 | ---- | M] () -- C:\Users\Public\Documents\cc_20120521_092203.reg [2012.05.20 17:36:34 | 019,840,742 | ---- | M] () -- C:\Users\***\Documents\Dual Golden 1 # Bedienungsanleitung.pdf [2012.05.17 13:43:29 | 000,015,087 | ---- | M] () -- C:\Users\Public\Documents\prüfung [2012.05.17 13:39:59 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\***\HiJackThis204.exe [2012.05.14 15:30:57 | 000,132,832 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2012.05.14 15:30:57 | 000,098,848 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2012.05.11 00:41:36 | 000,013,540 | ---- | M] () -- C:\Users\Public\Documents\cc_20120511_004131.reg [2012.05.10 09:01:04 | 000,391,032 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.05.08 17:00:19 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif [2012.05.08 14:13:05 | 000,027,760 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys [2012.05.06 22:50:27 | 000,000,858 | ---- | M] () -- C:\Users\Public\Documents\cc_20120506_225022.reg [2012.05.05 16:03:34 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.05.05 16:03:34 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.05.05 16:03:16 | 008,769,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe [2 C:\Users\***\AppData\Local\*.tmp files -> C:\Users\***\AppData\Local\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.06.04 10:26:18 | 000,397,310 | ---- | C] () -- C:\test.xml [2012.06.04 09:44:46 | 000,000,000 | ---- | C] () -- C:\Users\***\defogger_reenable [2012.06.04 09:41:09 | 000,050,477 | ---- | C] () -- C:\Users\***\Desktop\Defogger.exe [2012.06.03 14:50:28 | 000,015,629 | ---- | C] () -- C:\Users\***\prüfung15 [2012.06.02 15:21:30 | 000,000,448 | ---- | C] () -- C:\Users\Public\Documents\cc_20120602_152128.reg [2012.06.02 15:10:31 | 000,015,504 | ---- | C] () -- C:\Users\***\prüfung [2012.05.31 21:39:44 | 000,038,465 | ---- | C] () -- C:\Users\***\AppData\Roaming\Kommagetrennte Werte (Windows).ADR [2012.05.21 23:33:45 | 000,177,103 | ---- | C] () -- C:\Users\Public\Documents\Messetickets-Rg.12-0001091716_bfc8fbcb5be0ace39311b33c0584809a.pdf [2012.05.21 23:28:36 | 000,671,330 | ---- | C] () -- C:\Users\***\Documents\Messetickets ges_12-0001091716_6b50461e19a4707da5ff7c5f4153da5e.pdf [2012.05.21 09:22:04 | 000,000,448 | ---- | C] () -- C:\Users\Public\Documents\cc_20120521_092203.reg [2012.05.20 17:36:26 | 019,840,742 | ---- | C] () -- C:\Users\***\Documents\Dual Golden 1 # Bedienungsanleitung.pdf [2012.05.17 13:43:29 | 000,015,087 | ---- | C] () -- C:\Users\Public\Documents\prüfung [2012.05.14 09:29:43 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2012.05.11 00:41:33 | 000,013,540 | ---- | C] () -- C:\Users\Public\Documents\cc_20120511_004131.reg [2012.05.06 22:50:25 | 000,000,858 | ---- | C] () -- C:\Users\Public\Documents\cc_20120506_225022.reg [2012.04.09 09:59:11 | 000,006,144 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.02.20 17:29:52 | 000,000,958 | ---- | C] () -- C:\Windows\wiso.ini [2012.02.20 08:47:41 | 000,059,232 | ---- | C] () -- C:\Windows\SysWow64\CNC990W.DAT [2012.02.14 17:21:43 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012.02.14 17:21:43 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012.02.14 17:21:43 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012.02.14 17:21:43 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012.02.14 17:21:42 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012.02.14 16:24:09 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.02.10 11:24:10 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\SonyVideoProcessor.dll [2012.02.10 11:19:06 | 000,000,221 | ---- | C] () -- C:\ProgramData\MusicStation.xml ========== Files - Unicode (All) ========== [2012.02.18 19:46:24 | 000,004,709 | ---- | C] ()(C:\Users\***\Documents\?????????.odt) -- C:\Users\***\Documents\КЕЛБМІНЦІ.odt [2010.12.17 14:33:56 | 000,004,709 | ---- | M] ()(C:\Users\***\Documents\?????????.odt) -- C:\Users\***\Documents\КЕЛБМІНЦІ.odt < End of report > Dieser Post enthält die Malwarebytes Logdateien. Zitat:
Zitat:
Zitat:
Zitat:
Zitat:
Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-06-04 20:44:22
-----------------------------
20:44:22.609 OS Version: Windows x64 6.1.7601 Service Pack 1
20:44:22.609 Number of processors: 8 586 0x1E05
20:44:22.609 ComputerName: ***-VAIO UserName: ***
20:44:25.276 Initialize success
20:44:28.864 AVAST engine defs: 12060400
20:44:45.213 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
20:44:45.229 Disk 0 Vendor: ST950042 0002 Size: 476940MB BusType: 3
20:44:45.322 Disk 0 MBR read successfully
20:44:45.322 Disk 0 MBR scan
20:44:45.338 Disk 0 Windows 7 default MBR code
20:44:45.353 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 10510 MB offset 2048
20:44:45.369 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 21526528
20:44:45.369 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 466328 MB offset 21731328
20:44:45.385 Disk 0 scanning C:\Windows\system32\drivers
20:44:57.537 Service scanning
20:45:17.022 Modules scanning
20:45:17.037 Disk 0 trace - called modules:
20:45:17.068 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
20:45:17.084 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006293790]
20:45:17.100 3 CLASSPNP.SYS[fffff88001fcf43f] -> nt!IofCallDriver -> [0xfffffa8005c70490]
20:45:17.115 5 ACPI.sys[fffff88000f797a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8005c73050]
20:45:17.115 Scan finished successfully
20:45:34.681 Disk 0 MBR has been saved successfully to "C:\Users\***\Documents\PC\MBR.dat"
20:45:34.681 The log file has been saved successfully to "C:\Users\***\Documents\PC\aswMBR1.txt"
|
|
05.06.2012, 08:11
| #7 | |
| /// Malwareteam | TR.Crypt.ZPACK.Gen8 Scanner finden nichts mehr Combofix Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!Downloade dir bitte Combofix von einem dieser Downloadspiegel Link 1 Link 2 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
05.06.2012, 11:34
| #8 |
| | TR.Crypt.ZPACK.Gen8 Scanner finden nichts mehr Hallo Marius, auf Deine Ergebnisinterpretation meiner Combofix Logfile bin ich sehr gespannt. Frage zu Defogger: Gibst Du mir bitte Anweisung, wann und wie ich den Re-enable Button aktivieren soll? Im Anhang findest Du bitte die gezipte Combofix Logdatei. Geändert von Schofseckel (05.06.2012 um 11:53 Uhr) |
|
05.06.2012, 15:01
| #9 |
| /// Malwareteam | TR.Crypt.ZPACK.Gen8 Scanner finden nichts mehr Wenn wir ihn nicht mehr brauchen, wird er entfernt, keine Sorge! Schritt 1: MBAM Downloade Dir bitte Malwarebytes
Schritt 2: adwCleaner Downloade Dir bitte AdwCleaner auf deinen Desktop.
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
05.06.2012, 21:28
| #10 | ||
| | TR.Crypt.ZPACK.Gen8 Scanner finden nichts mehr Hallo Marius, der MBAM Scan hat wieder 0 Funde ergeben. Zitat:
Zitat:
|
|
06.06.2012, 06:58
| #11 |
| /// Malwareteam | TR.Crypt.ZPACK.Gen8 Scanner finden nichts mehr Schritt 1: Fix mit adwCleaner
Schritt 2: Onlinescan zur Kontrolle ESET Online Scanner
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
06.06.2012, 16:15
| #12 | |
| | TR.Crypt.ZPACK.Gen8 Scanner finden nichts mehr Guten Abend Marius, hier das Ergebnis von adwCleaner: Zitat:
Keine Bedrohungen gefunden. Geprüfte Dateien: 491.217 Infizierte Dateien: 0 Wiederhergestellte Dateien: 0 Gesamtdauer der Prüfung: 04:32:33 Prüfstatus: Abgeschlossen. Geändert von Schofseckel (06.06.2012 um 16:21 Uhr) |
|
11.06.2012, 06:55
| #13 |
| /// Malwareteam | TR.Crypt.ZPACK.Gen8 Scanner finden nichts mehr Schritt 1: Adobe Flash Player update Dein Flash-Player ist veraltet. Da gerade diese Software gerne von Schädlingen als Sprungbrett ins System genutzt wird, muss sie immer aktuell gehalten werden. Um den Flash Player zu aktualisieren, gehe bitte wie folgt vor:
Schritt 2: Java update Dein Java ist nicht mehr aktuell. Älter Versionen enthalten Sicherheitslücken, die von Malware missbraucht werden können.
Schritt 3: Adobe Shockwave Player update Dein Shockwave-Player ist veraltet. Um den Shockwave Player zu aktualisieren, gehe bitte wie folgt vor:
Schritt 4: Neues OTL-Log zur Kontrolle Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden)
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
11.06.2012, 09:42
| #14 |
| | TR.Crypt.ZPACK.Gen8 Scanner finden nichts mehr Guten Morgen Marius, Du hattest hoffentlich ein erholsames Wochenende und bist in eine neue Arbeitswoche gestartet, die optimal für Dich läuft. Die empfohlenen Updates habe ich erfolgreich erledigt. Hier meine OTL Logfiles: OTL Logfile: Code:
ATTFilter OTL logfile created on: 11.06.2012 10:14:58 - Run 3 OTL by OldTimer - Version 3.2.46.0 Folder = C:\Users\***\Desktop\Sicherheit 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 5,98 Gb Total Physical Memory | 3,85 Gb Available Physical Memory | 64,34% Memory free 11,96 Gb Paging File | 9,47 Gb Available in Paging File | 79,17% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 455,40 Gb Total Space | 362,27 Gb Free Space | 79,55% Space Free | Partition Type: NTFS Drive E: | 1862,98 Gb Total Space | 1065,93 Gb Free Space | 57,22% Space Free | Partition Type: NTFS Computer Name: ***-VAIO | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\***\Desktop\Sicherheit\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Care\listener.exe (Sony of America Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) PRC - C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) PRC - C:\Programme\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (Broadcom Corporation.) PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation) PRC - C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation) PRC - C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation) PRC - C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.) PRC - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE () PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.) PRC - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) PRC - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\90555968565afd59bce4b0974e9903bd\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\69f6e582cb79f107c61308b468c1a215\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll () MOD - C:\Program Files (x86)\WOT\WOT.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation) SRV:64bit: - (Mcx2Svc) -- C:\Windows\SysNative\Mcx2Svc.dll (Microsoft Corporation) SRV:64bit: - (RemoteAccess) -- C:\Windows\SysNative\mprdim.dll (Microsoft Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG) SRV - (AntiVirMailService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (VCService) -- C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation) SRV - (SpfService) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation) SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation) SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation) SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation) SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation) SRV - (VSNService) -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation) SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV - (VcmXmlIfHelper) -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation) SRV - (VcmINSMgr) -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation) SRV - (VcmIAlzMgr) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update 5\VUAgent.exe (Sony Corporation) SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation) SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (Roxio Upnp Server 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe (Sonic Solutions) SRV - (Roxio UPnP Renderer 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe (Sonic Solutions) SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (PMBDeviceInfoProvider) -- c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation) SRV - (EvtEng) Intel(R) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV - (RegSrvc) Intel(R) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV - (RemoteAccess) -- C:\Windows\SysWOW64\mprdim.dll (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE () SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.) SRV - (PSI_SVC_2) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) SRV - (IviRegMgr) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) ========== Driver Services (SafeList) ========== DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys (Nokia) DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia) DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia) DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia) DRV:64bit: - (FLxHCIc) Fresco Logic xHCI (USB3) -- C:\Windows\SysNative\drivers\FLxHCIc.sys (Fresco Logic) DRV:64bit: - (FLxHCIh) Fresco Logic xHCI (USB3) -- C:\Windows\SysNative\drivers\FLxHCIh.sys (Fresco Logic) DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation) DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation) DRV:64bit: - (EtronXHCI) -- C:\Windows\SysNative\drivers\EtronXHCI.sys (Etron Technology Inc) DRV:64bit: - (EtronHub3) -- C:\Windows\SysNative\drivers\EtronHub3.sys (Etron Technology Inc) DRV:64bit: - (VUSB3HUB) -- C:\Windows\SysNative\drivers\ViaHub3.sys (VIA Technologies, Inc.) DRV:64bit: - (xhcdrv) -- C:\Windows\SysNative\drivers\xhcdrv.sys (VIA Technologies, Inc.) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (amdxhc) -- C:\Windows\SysNative\drivers\amdxhc.sys (Advanced Micro Devices, INC.) DRV:64bit: - (amdhub30) -- C:\Windows\SysNative\drivers\amdhub30.sys (Advanced Micro Devices, INC.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc) DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc) DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices) DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices) DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (udfs) -- C:\Windows\SysNative\drivers\udfs.sys (Microsoft Corporation) DRV:64bit: - (SiFilter) -- C:\Windows\SysNative\drivers\SiWinAcc.sys (Silicon Image, Inc.) DRV:64bit: - (SiRemFil) -- C:\Windows\SysNative\drivers\SiRemFil.sys (Silicon Image, Inc.) DRV:64bit: - (Si3124r5) -- C:\Windows\SysNative\drivers\Si3124r5.sys (Silicon Image, Inc) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (rimspci) -- C:\Windows\SysNative\drivers\rimssne64.sys (REDC) DRV:64bit: - (risdsnpe) -- C:\Windows\SysNative\drivers\risdsne64.sys (REDC) DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.) DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.) DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.) DRV:64bit: - (btwampfl) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.) DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation) DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation) DRV:64bit: - (adp3132) -- C:\Windows\SysNative\drivers\adp3132.sys (Adaptec, Inc.) DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.) DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell) DRV:64bit: - (NETw5s64) Intel(R) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation) DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (crcdisk) -- C:\Windows\SysNative\drivers\crcdisk.sys (Microsoft Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation) DRV:64bit: - (WSDScan) -- C:\Windows\SysNative\drivers\WSDScan.sys (Microsoft Corporation) DRV:64bit: - (cdfs) -- C:\Windows\SysNative\drivers\cdfs.sys (Microsoft Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.) DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia) DRV:64bit: - (ahcix64s) -- C:\Windows\SysNative\drivers\ahcix64s.sys (AMD Technologies Inc.) DRV:64bit: - (regi) -- C:\Windows\SysNative\drivers\regi.sys (InterVideo) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKCU\..\SearchScopes,DefaultScope = {42CE7C5F-7C13-4FD9-B9C8-88D546DBF375} IE - HKCU\..\SearchScopes\{3C78909D-0F98-44DF-ACF6-2B7C0EB5A9F4}: "URL" = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices IE - HKCU\..\SearchScopes\{42CE7C5F-7C13-4FD9-B9C8-88D546DBF375}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKCU\..\SearchScopes\{49B85D9D-FDB7-4DE6-9CF6-1E120E8BC3C1}: "URL" = hxxp://de.shopping.com/?linkin_id=8056363 IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searcearchTerms}&rf=sonyslices IE - HKCU\..\SearchScopes\{A163B09D-95EF-49A3-B7F5-06160AA4EA60}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-0/4?satitle={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@phonostar.de/phonostar: C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll ( ) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fe_9.0@nokia.com: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0 [2012.02.28 15:05:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_9.0@nokia.com: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012.02.28 15:06:01 | 000,000,000 | ---D | M] ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.46\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.180.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll CHR - plugin: Java(TM) Platform SE 6 U20 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin O1 HOSTS File: ([2012.06.05 09:58:19 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programme\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll () O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll () O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll () O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.) O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.) O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation) O4 - HKLM..\Run: [SHTtray.exe] C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe (Sony Corporation) O4 - HKCU..\Run: [Elbserver] C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe (Sony Corporation) O4 - HKCU..\Run: [VRLPHelper] C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe (Sony Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab (Bitdefender QuickScan Control) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 10.4.1) O16 - DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 1.7.0_04) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 10.4.1) O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_32.CAB (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{50023FD4-732F-43D8-B217-5AC91BB2A015}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wot - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll () O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.06.11 09:58:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012.06.11 09:50:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle [2012.06.11 09:50:24 | 000,772,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2012.06.11 09:50:24 | 000,227,784 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012.06.09 15:37:29 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\CD-LabelPrint [2012.06.07 22:34:56 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\vlc [2012.06.07 22:34:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN [2012.06.05 10:04:02 | 000,000,000 | ---D | C] -- C:\Windows\temp [2012.06.05 10:00:21 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN [2012.06.05 09:46:57 | 004,537,193 | R--- | C] (Swearware) -- C:\Users\***\Desktop\ComboFix.exe [2012.06.04 13:57:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2012.06.04 13:57:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip [2012.06.03 02:25:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2012.06.02 11:33:28 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\2012_06_02 [2012.06.01 09:17:25 | 000,000,000 | R-SD | C] -- C:\Users\***\Documents\My Stationery [2012.05.20 18:06:50 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Roxio [2012.05.20 18:06:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Roxio [2012.05.20 18:02:25 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Roxio Log Files [2012.05.20 09:43:39 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\TAGESGELD [2012.05.17 15:42:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache [2012.05.14 09:29:44 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Corel [2012.05.14 09:29:31 | 000,000,000 | ---D | C] -- C:\Users\***\Corel [2 C:\Users\***\AppData\Local\*.tmp files -> C:\Users\***\AppData\Local\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.06.11 10:09:49 | 000,009,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.06.11 10:09:49 | 000,009,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.06.11 10:03:13 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.06.11 10:02:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.06.11 10:02:08 | 522,760,191 | -HS- | M] () -- C:\hiberfil.sys [2012.06.11 09:50:09 | 000,227,784 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012.06.11 09:50:09 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012.06.11 09:50:09 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012.06.11 09:43:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.06.11 09:42:49 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.06.11 09:42:49 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.06.11 09:42:49 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.06.11 09:42:49 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.06.11 09:42:49 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.06.11 08:02:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.06.11 08:01:22 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.06.11 08:01:22 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.06.09 15:03:06 | 000,000,952 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys [2012.06.07 22:34:46 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2012.06.06 19:51:01 | 000,005,891 | ---- | M] () -- C:\Users\***\Desktop\NumisDat - Verknüpfung.lnk [2012.06.05 09:58:19 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2012.06.05 09:47:16 | 004,537,193 | R--- | M] (Swearware) -- C:\Users\***\Desktop\ComboFix.exe [2012.06.04 10:26:18 | 000,397,310 | ---- | M] () -- C:\test.xml [2012.06.04 09:44:46 | 000,000,000 | ---- | M] () -- C:\Users\***\defogger_reenable [2012.06.03 14:50:28 | 000,015,629 | ---- | M] () -- C:\Users\***\prüfung15 [2012.06.02 15:21:32 | 000,000,448 | ---- | M] () -- C:\Users\Public\Documents\cc_20120602_152128.reg [2012.06.02 15:10:31 | 000,015,504 | ---- | M] () -- C:\Users\***\prüfung [2012.06.01 19:46:41 | 000,000,958 | ---- | M] () -- C:\Windows\wiso.ini [2012.05.31 21:39:44 | 000,038,465 | ---- | M] () -- C:\Users\***\AppData\Roaming\Kommagetrennte Werte (Windows).ADR [2012.05.21 23:33:45 | 000,177,103 | ---- | M] () -- C:\Users\Public\Documents\Messetickets-Rg.12-0001091716_bfc8fbcb5be0ace39311b33c0584809a.pdf [2012.05.21 23:28:44 | 000,671,330 | ---- | M] () -- C:\Users\***\Documents\Messetickets ges_12-0001091716_6b50461e19a4707da5ff7c5f4153da5e.pdf [2012.05.21 09:22:08 | 000,000,448 | ---- | M] () -- C:\Users\Public\Documents\cc_20120521_092203.reg [2012.05.20 17:36:34 | 019,840,742 | ---- | M] () -- C:\Users\***\Documents\Dual Golden 1 # Bedienungsanleitung.pdf [2012.05.17 13:43:29 | 000,015,087 | ---- | M] () -- C:\Users\Public\Documents\prüfung [2012.05.14 15:30:57 | 000,132,832 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2012.05.14 15:30:57 | 000,098,848 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2 C:\Users\***\AppData\Local\*.tmp files -> C:\Users\***\AppData\Local\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.06.07 22:34:46 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2012.06.06 19:51:01 | 000,005,891 | ---- | C] () -- C:\Users\***\Desktop\NumisDat - Verknüpfung.lnk [2012.06.04 10:26:18 | 000,397,310 | ---- | C] () -- C:\test.xml [2012.06.04 09:44:46 | 000,000,000 | ---- | C] () -- C:\Users\***\defogger_reenable [2012.06.03 14:50:28 | 000,015,629 | ---- | C] () -- C:\Users\***\prüfung15 [2012.06.02 15:21:30 | 000,000,448 | ---- | C] () -- C:\Users\Public\Documents\cc_20120602_152128.reg [2012.06.02 15:10:31 | 000,015,504 | ---- | C] () -- C:\Users\***\prüfung [2012.05.31 21:39:44 | 000,038,465 | ---- | C] () -- C:\Users\***\AppData\Roaming\Kommagetrennte Werte (Windows).ADR [2012.05.21 23:33:45 | 000,177,103 | ---- | C] () -- C:\Users\Public\Documents\Messetickets-Rg.12-0001091716_bfc8fbcb5be0ace39311b33c0584809a.pdf [2012.05.21 23:28:36 | 000,671,330 | ---- | C] () -- C:\Users\***\Documents\Messetickets ges_12-0001091716_6b50461e19a4707da5ff7c5f4153da5e.pdf [2012.05.21 09:22:04 | 000,000,448 | ---- | C] () -- C:\Users\Public\Documents\cc_20120521_092203.reg [2012.05.20 17:36:26 | 019,840,742 | ---- | C] () -- C:\Users\***\Documents\Dual Golden 1 # Bedienungsanleitung.pdf [2012.05.17 13:43:29 | 000,015,087 | ---- | C] () -- C:\Users\Public\Documents\prüfung [2012.05.14 09:29:43 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2012.04.09 09:59:11 | 000,006,144 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.02.20 17:29:52 | 000,000,958 | ---- | C] () -- C:\Windows\wiso.ini [2012.02.20 08:47:41 | 000,059,232 | ---- | C] () -- C:\Windows\SysWow64\CNC990W.DAT [2012.02.14 17:21:43 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012.02.14 17:21:43 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012.02.14 17:21:43 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012.02.14 17:21:43 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012.02.14 17:21:42 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012.02.14 16:24:09 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.02.10 11:24:10 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\SonyVideoProcessor.dll [2012.02.10 11:19:06 | 000,000,221 | ---- | C] () -- C:\ProgramData\MusicStation.xml ========== Files - Unicode (All) ========== [2012.02.18 19:46:24 | 000,004,709 | ---- | C] ()(C:\Users\***\Documents\?????????.odt) -- C:\Users\***\Documents\КЕЛБМІНЦІ.odt [2010.12.17 14:33:56 | 000,004,709 | ---- | M] ()(C:\Users\***\Documents\?????????.odt) -- C:\Users\***\Documents\КЕЛБМІНЦІ.odt < End of report > OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 11.06.2012 10:14:58 - Run 3
OTL by OldTimer - Version 3.2.46.0 Folder = C:\Users\***\Desktop\Sicherheit
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
5,98 Gb Total Physical Memory | 3,85 Gb Available Physical Memory | 64,34% Memory free
11,96 Gb Paging File | 9,47 Gb Available in Paging File | 79,17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455,40 Gb Total Space | 362,27 Gb Free Space | 79,55% Space Free | Partition Type: NTFS
Drive E: | 1862,98 Gb Total Space | 1065,93 Gb Free Space | 57,22% Space Free | Partition Type: NTFS
Computer Name: ***-VAIO | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{12B6A568-BEAA-4832-B07D-AE6A15FAF14B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{18DC69F5-A75D-49BD-ADF1-D87775D734AC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2AE6D44D-2C51-45F6-909C-2DF69BC6D407}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3F1E3B75-9C84-43F7-BF0D-36410414C927}" = rport=445 | protocol=6 | dir=out | app=system |
"{4DA6DB71-B8A0-4960-ADC3-DF9455C999BC}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{4E2A890F-5CD1-4A04-825C-2627F6EF7563}" = lport=445 | protocol=6 | dir=in | app=system |
"{64ACE2FD-80A6-49B2-954E-5AB7C731BF83}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{65D95DB5-2982-477E-95A2-DB0D44021291}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{664CA157-9FFA-462F-8451-8180182FF4FC}" = lport=139 | protocol=6 | dir=in | app=system |
"{714EC8CE-E0B3-4B7C-AB95-D34A4A0A7F48}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{71802707-5246-4ACF-B090-0C54C072698D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7B76487E-1F12-4B27-BADB-96E0B23E9F94}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{81D8896F-B7FB-401B-AB49-D6C34E1DF424}" = rport=138 | protocol=17 | dir=out | app=system |
"{949C43C6-86AE-4D04-BC87-BCDD628554D7}" = rport=10243 | protocol=6 | dir=out | app=system |
"{9853CB8D-B913-446B-8C9C-D5D5D510D77E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{9A50DB3A-A735-4C12-804D-BE929B47B4CC}" = lport=138 | protocol=17 | dir=in | app=system |
"{A076FC9F-F6A9-4EF6-84B6-A500CB05A3CF}" = rport=139 | protocol=6 | dir=out | app=system |
"{A6E77B8C-7A8F-45E0-BFD1-293FCA68395D}" = rport=137 | protocol=17 | dir=out | app=system |
"{A947D436-67EE-4CB6-AFE9-A1C67B032CD4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AA40566E-C35D-4A46-B7CA-D09B603A93CD}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AFCDCFA6-69E3-42AE-8B0E-47339CFC8850}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DCFCC48C-17FC-43FF-9411-1B718218B464}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DE20E426-C2FE-4CCE-8F4E-5762D2BA8118}" = lport=10243 | protocol=6 | dir=in | app=system |
"{EAA2BC50-6524-40B7-A1D0-D4D159CA17EF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F4576DA9-F538-4948-9FFA-85A16087A5EF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F6988359-C0A1-40C7-926D-E3A246062421}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06F59826-5505-4BFD-9CFA-FA8D44EEEB5D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0A914883-71F1-4BCA-BFD9-EFFD35A2D291}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1494138B-B82E-45F2-B213-605F5A9B2044}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{214B67BC-2996-44CF-8BA3-C7242C6F7473}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{2245C59D-59E5-4928-98D2-002D448BB957}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{27D900D5-8479-4502-9228-16BD9EF956C3}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{379EC087-C193-498A-A3FA-4A4D8ED94996}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{385455FE-E75A-418B-877D-42C744BB25F2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3C00C49E-A208-424C-9BFA-0AC5A1A9A9DB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{471FBB37-A94D-4278-AD12-8CE1A4CAEF97}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4BA6D594-AA79-4DD0-B6F1-06A31ACFEF01}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{57296F57-C11C-4472-8971-48776D8A8B41}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{57A9A13E-E546-4FCA-919B-00A0ED21E578}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{5E891BE7-E2F0-49D1-8A01-21EC1116FEF1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7AED70AF-C62C-46F3-866B-78FD71BF0D34}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{8CE51898-DE1F-4510-92E2-3D6D469BEC14}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{8EC317C0-97AA-4731-960D-954FFC708CED}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{954C0A9F-0AD6-4941-BA90-D23D22DC6943}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohcimp.exe |
"{9A20B27D-0060-4AC5-82DA-0AA223F2B624}" = protocol=6 | dir=out | app=system |
"{9A75C963-650E-4D9D-B2A2-51ABD4DEA39F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9B48627D-630A-4C5A-BA74-66106FA766A8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AAAECB7D-7F01-4C07-85D3-BB1F1EEAA256}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{AB11E8A6-9113-4D23-B971-D9D943B4DD58}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{ADDD7413-9F56-4CF9-B7A4-F59EFD547E8E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C5AD1DC8-B2C5-4715-A481-7DD7C93BADEF}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohdms.exe |
"{CDDA98CA-628D-494D-8007-A3134278C164}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{CE9B1D74-9B54-4EC3-8456-533635CBD99A}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohds.exe |
"{D4EB9290-2165-4535-AB9D-9FE0614163BA}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{FD2B52F8-C8EB-44B6-A819-CC8A17621C4F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{7469BE78-0FC7-46D3-9BF1-C79D85842FF0}C:\program files (x86)\phonostar-player\phonostar.exe" = protocol=6 | dir=in | app=c:\program files (x86)\phonostar-player\phonostar.exe |
"TCP Query User{C4B8FA26-B048-4F02-974A-F9AF5C5088DE}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{CDD4F8B4-9835-4C2C-8D2B-BAE330879FC5}C:\program files (x86)\phonostar-player\phonostar.exe" = protocol=17 | dir=in | app=c:\program files (x86)\phonostar-player\phonostar.exe |
"UDP Query User{D89F751F-B29F-48BE-9B1D-AF432B35A697}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{115B60D5-BBDB-490E-AF2E-064D37A3CE01}" = Media Gallery MergeModules x64
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP990_series" = Canon MP990 series MP Drivers
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{17B77355-3934-4D0E-8FAC-C420482C8E7D}" = Windows Live Family Safety
"{1C6B6716-84AC-412A-A296-247D41EBB7FB}" = Setup_msm_VCMS_x64
"{393A9268-A428-4F5A-9B20-BD753309A98E}" = Click to Disc MergeModules x64
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5AFD1F5C-8FDA-413C-AF38-F1E7BD10D72F}" = VMp MergeModule x64
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{7BF099BD-10EE-4B04-A195-CAE2742C943E}" = Setup_VEP_x64
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{C37B6246-7D4A-4E5C-BFB4-11C8660BDC99}" = VAIO Movie Story MergeModules x64
"{C69A835B-67A5-4542-AD24-FE36E3140BA9}" = Setup_msm_VOFS_x64
"{CCAFF072-4DDB-4846-963D-15F02A8E9472}" = Intel(R) PROSet/Wireless WiFi-Software
"{D8CC254C-C671-4664-9A38-FA368D1E2C97}" = SES Driver
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F83779DF-E1F5-43A2-A7BE-732F856FADB7}" = Microsoft SQL Server Compact 3.5 SP1 x64 English
"3366905E6EFF86120E12E2DB3F8F2EDC3B7F5003" = Windows-Treiberpaket - Broadcom HIDClass (09/11/2009 6.3.0.1500)
"4CA7CFBB29889F25ACB3DF6E3A42BAE29EB43B20" = Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (01/19/2011 1.0.0009.0)
"C3D0C7A1290AAA6A45D0D0422262CE3370E27BE5" = Windows-Treiberpaket - Broadcom Corporation (BTHUSB) Bluetooth (02/12/2010 6.3.0.3820)
"CCleaner" = CCleaner
"D9022850BCF278EAFBF9EDC8741DC09A1AE20B6B" = Windows-Treiberpaket - Broadcom Corporation (BTHUSB) Bluetooth (02/28/2010 6.3.0.3850)
"Defraggler" = Defraggler
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel PROSet Wireless
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00B03993-F5A1-47B1-9C54-EC8FBDDDE17E}" = VAIO Care
"{0138F525-6C8A-333F-A105-14AE030B9A54}" = Visual C++ 9.0 CRT (x86) WinSXS MSM
"{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}" = WISO Steuer-Sparbuch 2011
"{0489D044-6386-4BDF-9F98-577D60CF79DD}" = VAIO Entertainment Platform
"{06C05B90-2127-4933-8ABA-61833BDE13FA}" = Einstellungen für VAIO-Inhaltsüberwachung
"{07441A52-E208-478A-92B7-5C337CA8C131}" = Remote Play mit PlayStation®3
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{0CC1DAFB-40C8-4903-953D-471E541477C7}" = WISO Steuer-Sparbuch 2012
"{0E13CAA3-B5FC-48C0-AA4A-26F5CD0C371C}" = Garmin Lifetime Updater
"{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}" = Windows Media Center Add-in for Silverlight
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"{1D10C273-3F95-42A2-8371-AB6B1F59821B}" = WOT for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4
"{2BDD5DFD-9F1F-4754-8BEB-A780D49E8C73}" = Sony Home Network Library
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = PMB VAIO Edition Guide
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A221E47-E361-45C3-886A-7B2D7AD0E5AA}" = SOHLib Merge Module
"{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update 5
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{641DD10E-47E0-4A1D-B858-EF507F948C50}" = VAIO Hardware Diagnostics
"{65B138AE-F636-4D4C-BA5D-A06E21E47C53}" = Remote-Tastatur mit PlayStation 3
"{6D320CE8-79EB-4D45-8C6D-DEF74D84B49A}" = VAIO Window Organizer
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D423AE8-0E7D-4703-8EF7-500C5D36FD7F}" = Sony Home Network Library
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" = VAIO Energie Verwaltung
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}" = Nokia Suite
"{95140000-0080-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{98F2FA0E-923A-48C2-8EC7-62BD97E38FC0}" = VAIO Data Restore Tool
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center
"{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution
"{A6B90666-2A1F-49E8-A40E-27EAAD11C096}" = Sony Home Network Library
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB259D46-F851-41B0-9AFA-AED8998AD68A}" = MusicStation
"{AB270FA2-DF21-4C3A-99DB-3300802089AE}" = Garmin City Navigator Europe (Unicode) NT 2012.40 Update
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{C416CBB4-00BA-4E78-878A-590C5FD4A7A1}" = VAIO Media plus
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C8A09003-7FAB-4D48-99DD-DC2A734EC9FA}" = Remote Play with PlayStation 3
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{DD88F979-FA58-41AC-980C-A6E1A82B61D9}" = Media Gallery
"{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{ED8EF3C2-FA5B-4A1E-950D-5A0227161F97}" = ArcSoft PhotoStudio 6
"{EFBA1469-E0DA-4825-96AB-12B2988E9A28}" = Media Gallery
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote
"{F82C6574-AD88-4B40-A432-970BC77F1BD2}" = DesignPro 5
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Ahnenblatt_is1" = Ahnenblatt 2.70
"Avira AntiVir Desktop" = Avira Antivirus Premium 2012
"Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data" = Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data
"Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data" = Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data
"Canon MP990 series Benutzerregistrierung" = Canon MP990 series Benutzerregistrierung
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-PhotoPrint Pro" = Canon Utilities Easy-PhotoPrint Pro
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ESET Online Scanner" = ESET Online Scanner v3
"Google Chrome" = Google Chrome
"InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = VAIO - PMB VAIO Edition Guide
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}" = DesignPro 5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"Nokia Suite" = Nokia Suite
"Office14.SingleImage" = Microsoft Office Home and Business 2010
"phonostar3RadioPlayer_is1" = phonostar-Player Version 3.02.4
"Picasa 3" = Picasa 3
"VAIO Help and Support" =
"VAIO Premium Partners" = VAIO Premium Partners
"VAIO screensaver" = VAIO screensaver
"VLC media player" = VLC media player 2.0.1
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 02.06.2012 03:12:07 | Computer Name = ***-VAIO | Source = Windows Search Service | ID = 3058
Description =
Error - 02.06.2012 03:12:07 | Computer Name = ***-VAIO | Source = Windows Search Service | ID = 7010
Description =
Error - 02.06.2012 09:07:41 | Computer Name = ***-VAIO | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\phonostar-Player\phonostar.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 02.06.2012 09:11:39 | Computer Name = ***-VAIO | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\phonostar-Player\phonostar.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 02.06.2012 19:41:31 | Computer Name = ***-VAIO | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\phonostar-Player\phonostar.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 02.06.2012 20:24:25 | Computer Name = ***-VAIO | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\phonostar-Player\phonostar.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 03.06.2012 00:41:32 | Computer Name = ***-VAIO | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\phonostar-Player\phonostar.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 03.06.2012 00:41:50 | Computer Name = ***-VAIO | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\phonostar-Player\phonostar.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 03.06.2012 02:32:56 | Computer Name = ***-VAIO | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 03.06.2012 02:33:56 | Computer Name = ***-VAIO | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\phonostar-player\phonostar.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
[ Media Center Events ]
Error - 04.04.2012 11:05:44 | Computer Name = ***-VAIO | Source = MCUpdate | ID = 0
Description = 17:05:43 - Fehler beim Herstellen der Internetverbindung. 17:05:44
- Serververbindung konnte nicht hergestellt werden..
Error - 04.04.2012 11:06:36 | Computer Name = ***-VAIO | Source = MCUpdate | ID = 0
Description = 17:05:52 - Fehler beim Herstellen der Internetverbindung. 17:05:52
- Serververbindung konnte nicht hergestellt werden..
Error - 08.04.2012 14:04:17 | Computer Name = ***-VAIO | Source = MCUpdate | ID = 0
Description = 20:04:17 - Fehler beim Herstellen der Internetverbindung. 20:04:17
- Serververbindung konnte nicht hergestellt werden..
Error - 08.04.2012 14:04:26 | Computer Name = ***-VAIO | Source = MCUpdate | ID = 0
Description = 20:04:23 - Fehler beim Herstellen der Internetverbindung. 20:04:23
- Serververbindung konnte nicht hergestellt werden..
Error - 16.04.2012 12:25:15 | Computer Name = ***-VAIO | Source = MCUpdate | ID = 0
Description = 18:25:15 - Fehler beim Herstellen der Internetverbindung. 18:25:15
- Serververbindung konnte nicht hergestellt werden..
Error - 16.04.2012 12:25:27 | Computer Name = ***-VAIO | Source = MCUpdate | ID = 0
Description = 18:25:20 - Fehler beim Herstellen der Internetverbindung. 18:25:20
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 23.05.2012 08:40:04 | Computer Name = ***-VAIO | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.
Error - 23.05.2012 08:40:04 | Computer Name = ***-VAIO | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.
Error - 23.05.2012 08:40:05 | Computer Name = ***-VAIO | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.
Error - 23.05.2012 08:40:05 | Computer Name = ***-VAIO | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.
Error - 23.05.2012 08:40:25 | Computer Name = ***-VAIO | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.
Error - 23.05.2012 08:40:25 | Computer Name = ***-VAIO | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.
Error - 23.05.2012 08:40:51 | Computer Name = ***-VAIO | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.
Error - 23.05.2012 13:13:39 | Computer Name = ***-VAIO | Source = bowser | ID = 8003
Description =
Error - 23.05.2012 13:45:13 | Computer Name = ***-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Roxio Upnp Server 10 erreicht.
Error - 23.05.2012 13:53:40 | Computer Name = ***-VAIO | Source = bowser | ID = 8003
Description =
< End of report >
|
|
11.06.2012, 10:06
| #15 |
| /// Malwareteam | TR.Crypt.ZPACK.Gen8 Scanner finden nichts mehr Dann sind wir durch!  Defogger re-enable Starte bitte den Defogger und klicke den re-enable Button ComboFix Bitte vor der folgenden Aktion wieder temporär Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren. Windows-Taste + R drücke. Kopiere nun folgende Zeile in die Kommandozeile und klicke OK. Code:
ATTFilter Combofix /Uninstall
 Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert, damit auch aus dieser die Schädlinge verschwinden. Nun die eben deaktivierten Programme wieder aktivieren. adwCleaner
OTL Starte bitte OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Hier noch ein paar Tipps zur Absicherung deines Systems. Aktualität Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, damit ich diesen Thread aus meinen Abos löschen kann.
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
| Themen zu TR.Crypt.ZPACK.Gen8 Scanner finden nichts mehr |
| anti-malware, antivirus, appdata, avira, datei, dateien, dateisystem, defender, dllhost.exe, document, echtzeitscanner, ergebnis, eset, fehler, fucking, heuristiks/extra, heuristiks/shuriken, infizierte, infizierte dateien, internet, malwarebytes, microsoft, microsoft security, nicht mehr, nt.dll, online, programm, scan, scanner, scanner finden nichts, schwarzer balken, tr/crypt.zpack.gen, trojaner, unerwünschtes programm, verweise, win64, windows |
Linear-Darstellung
