| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: tr/atraps.gen2 gefunden und Registryänderungen festgestelltWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
17.06.2012, 23:10
| #1 |
 |  tr/atraps.gen2 gefunden und Registryänderungen festgestellt Eines vorweg: Ich bin gerade ein wenig panisch. Sobald etwas mit meinem Laptop nicht stimmt, drehe ich immer gleich am Rad. Aber ich versuche mich zusammenzureißen, weil ich weiß das einem hier stets geholfen wird..  Folgendes Problem: Seit heute Abend schlägt Avira bei mir öfters an, also ich höre den Avira-Sound. Allerdings ploppt keine Meldung auf. Bis auf vorhin, da kam eine Meldung von Avira, es sei der Trojaner "tr/atraps.gen2" gefunden worden. Ich habe daraufhin mal Spybot Search & Destroy suchen lassen. Das hat festgestellt, dass wohl zwei Registry-Änderungen gemacht wurden, die das Starten des Microsoft Security Centers ausschalten. Sprich: Ich traue mich nun nicht meinen Laptop neu zu starten. (Spybot hat diese Änderungen zwar rückgängig gemacht, aber ich habe so meine Zweifel, dass sich die Sache damit endgültig hat...) Wäre sehr nett wenn jemand versuchen könnte mir zu helfen. Eigentlich wollte ich ins Bett, aber jetzt bin ich zu nervös.  |
|
18.06.2012, 07:45
| #2 |
  |  tr/atraps.gen2 gefunden und Registryänderungen festgestellt Hi,
__________________dann hoffen wir mal, dass Du trotzdem etwas Schlaf gefunden hast... Das dürfte ein Rootkit sein, muss aber erst wissen was für ein System du hast... OTL Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop
TDSS-Killer Download und Anweisung unter: Wie werden Schadprogramme der Familie Rootkit.Win32.TDSS bekämpft? Entpacke alle Dateien in einem eigenen Verzeichnis (z. B: C:\TDSS)! Aufruf über den Explorer duch Doppelklick auf die TDSSKiller.exe. Stelle den Killer wir folgt ein:  Dann den Scan starten durch (Start Scan). Wenn der Scan fertig ist bitte "Report" anwählen (eventuelle Funde erstmal mit Skip übergehen). Es öffnet sich ein Fenster, den Text abkopieren und hier posten... chris
__________________ |
|
18.06.2012, 08:06
| #3 |
| | tr/atraps.gen2 gefunden und Registryänderungen festgestellt Ja danke, ich bin einfach irgendwann weggepennt. xD
__________________OTL läuft gerade durch. Hab währenddessen eine Frage: Hatte gestern auch Malwarebytes mal suchen lassen, woraufhin 4 Dinge gefunden und in Quarantäne gesteckt wurden. Allerdings verlangt Malwarebytes ja einen Neustart um die Dinge löschen zu können, und den Neustart hab ich mich ja gestern nicht getraut zu machen (Laptop lief die Nacht über im Standbymodus). Soll ich das vielleicht doch noch versuchen bevor ich mich hier dumm und dämlich scanne? Oder die Funde während den Scans in Quarantäne lassen? EDIT: Habe die Funde jetzt während den Scans in Quarantäne gelassen, bitte korrigieren falls das falsch war. OTL: Code:
ATTFilter OTL logfile created on: 18.06.2012 09:01:13 - Run 1 OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\Nadja\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,86 Gb Total Physical Memory | 2,17 Gb Available Physical Memory | 56,28% Memory free 11,58 Gb Paging File | 9,55 Gb Available in Paging File | 82,49% Paging File free Paging file location(s): c:\pagefile.sys 7905 7905 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 452,34 Gb Total Space | 368,02 Gb Free Space | 81,36% Space Free | Partition Type: NTFS Computer Name: NADJA-NOTEBOOK | User Name: Nadja | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Nadja\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Care\listener.exe (Sony of America Corporation) PRC - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\MausII\MausII.exe (www.ALGOMAHE.de) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software) PRC - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe (Brother Industries, Ltd.) PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\262285b3d0afafc5059f3fe9be69bff5\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8177623eac8f15cf95b587625439eac7\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\5be773440afa1e1f565f9021d8fd9730\IAStorUtil.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a1c4a635721f85bef0ea4194b888b871\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll () MOD - C:\Program Files (x86)\MausII\MausII.dll () MOD - C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll () MOD - C:\Program Files (x86)\WinRAR\rarext.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation) SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV - (Akamai) -- c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll () SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update Common\VUAgent.exe (Sony Corporation) SRV - (VcmIAlzMgr) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) SRV - (VCService) -- C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation) SRV - (VcmINSMgr) -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation) SRV - (VcmXmlIfHelper) -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation) SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation) SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation) SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation) SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation) SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV - (VSNService) -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation) SRV - (SpfService) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation) SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation) SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (StarWindServiceAE) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software) SRV - (AdobeActiveFileMonitor8.0) -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.) SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®) ========== Driver Services (SafeList) ========== DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys () DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys () DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (HPub4DE3) USB Mouse Low Filter Driver_4DE3 (WDF Version) -- C:\Windows\SysNative\drivers\HPub4DE3.sys (TPMX Electronics Ltd.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HPMo4DE3) Mouse Suite Driver_4DE3 (WDF Version) -- C:\Windows\SysNative\drivers\HPMo4DE3.sys (TPMX Electronics Ltd.) DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys () DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (IntcDAud) Intel(R) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.) DRV:64bit: - (btwampfl) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.) DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.) DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.) DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.) DRV:64bit: - (risdsnpe) -- C:\Windows\SysNative\drivers\risdsne64.sys (REDC) DRV:64bit: - (rimspci) -- C:\Windows\SysNative\drivers\rimssne64.sys (REDC) DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation) DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation) DRV:64bit: - (SCDEmu) -- C:\Windows\SysNative\drivers\scdemu.sys (PowerISO Computing, Inc.) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKCU\..\SearchScopes\{49617DE8-6AB3-4157-A35F-ED9BC249E64E}: "URL" = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices IE - HKCU\..\SearchScopes\{5FEF25B0-7B10-4E3C-92F5-1CFADE371A77}: "URL" = hxxp://de.shopping.com/?linkin_id=8056363 IE - HKCU\..\SearchScopes\{898E5F44-1F4A-442C-9EAD-15AF6410DA4A}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;192.168.*.*;127.0.0.1:9421; ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Yahoo" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de" FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.1 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.8 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25 FF - prefs.js..extensions.enabledItems: html5notifications@paxal.net:0.7.2 FF - prefs.js..extensions.enabledItems: selectionlinks@floriangilles.com:0.0.4 FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.2.1: C:\Windows\system32\npDeployJava1.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.03.09 20:12:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.03.09 20:12:20 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.04.25 10:59:51 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.07.31 23:51:55 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.04.25 10:59:51 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.07.31 23:51:55 | 000,000,000 | ---D | M] [2010.12.28 18:08:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nadja\AppData\Roaming\mozilla\Extensions [2012.05.17 21:43:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nadja\AppData\Roaming\mozilla\Firefox\Profiles\6fwi0ip4.default\extensions [2012.03.05 21:06:31 | 000,000,000 | ---D | M] (Buyertools) -- C:\Users\Nadja\AppData\Roaming\mozilla\Firefox\Profiles\6fwi0ip4.default\extensions\{411F2F11-830F-4AB5-B7F0-FBC77B870B5A} [2012.03.30 13:51:24 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Nadja\AppData\Roaming\mozilla\Firefox\Profiles\6fwi0ip4.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012.05.17 21:43:45 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Nadja\AppData\Roaming\mozilla\Firefox\Profiles\6fwi0ip4.default\extensions\ich@maltegoetz.de [2011.06.22 01:47:12 | 000,000,000 | ---D | M] (Selection Links) -- C:\Users\Nadja\AppData\Roaming\mozilla\Firefox\Profiles\6fwi0ip4.default\extensions\selectionlinks@floriangilles.com [2011.11.09 16:05:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.01.06 00:45:21 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\NADJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6FWI0IP4.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2012.02.26 01:59:24 | 000,046,888 | ---- | M] () (No name found) -- C:\USERS\NADJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6FWI0IP4.DEFAULT\EXTENSIONS\HTML5NOTIFICATIONS@PAXAL.NET.XPI [2011.06.22 22:35:26 | 000,024,747 | ---- | M] () (No name found) -- C:\USERS\NADJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6FWI0IP4.DEFAULT\EXTENSIONS\LINKY@GEMAL.DK.XPI [2011.12.27 01:58:35 | 000,038,090 | ---- | M] () (No name found) -- C:\USERS\NADJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6FWI0IP4.DEFAULT\EXTENSIONS\MULTILINKS@PLUGIN.XPI [2012.04.25 10:59:51 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.04.14 05:08:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011.02.14 15:07:10 | 000,000,960 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com O1 - Hosts: 127.0.0.1 alcohol-soft.com O1 - Hosts: 127.0.0.1 images.alcohol-soft.com O1 - Hosts: 127.0.0.1 mermaidconsulting.dk O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation) O4 - HKCU..\Run: [MausII - algomahe.de] C:\Program Files (x86)\MausII\MausII.exe (www.ALGOMAHE.de) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited) O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC863AAA-54E2-4F05-A57B-5B003D0368DB}: DhcpNameServer = 172.16.16.19 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C3FA99C0-6D20-46D3-A571-87208C430CB4}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\igfxcui: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\autorun_setup.bat O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.06.18 08:59:18 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Nadja\Desktop\OTL.exe [2012.06.17 23:46:47 | 000,000,000 | ---D | C] -- C:\Users\Nadja\AppData\Roaming\Malwarebytes [2012.06.17 23:46:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.06.17 23:46:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.06.17 23:46:40 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.06.17 23:46:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.06.16 08:47:28 | 000,000,000 | ---D | C] -- C:\Users\Nadja\AppData\Local\Macromedia [2012.05.19 23:32:50 | 002,557,952 | ---- | C] (Nokia Corporation and/or its subsidiary(-ies)) -- C:\Windows\SysWow64\QtCore4.dll [2011.01.04 13:28:27 | 000,437,248 | ---- | C] (Microsoft Corporation) -- C:\Program Files\mspaint.exe [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== File not found -- C:\Windows\SysNative\ [2012.06.18 08:59:19 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Nadja\Desktop\OTL.exe [2012.06.18 08:44:53 | 000,013,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.06.18 08:44:53 | 000,013,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.06.18 08:29:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.06.17 23:46:42 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.06.17 23:20:22 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.06.17 10:13:18 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.06.17 10:13:18 | 000,697,082 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.06.17 10:13:18 | 000,652,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.06.17 10:13:18 | 000,148,346 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.06.17 10:13:18 | 000,121,292 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.06.17 09:57:47 | 3106,480,128 | -HS- | M] () -- C:\hiberfil.sys [2012.06.16 23:57:26 | 000,001,205 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Status Monitor.lnk [2012.06.16 08:19:41 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.06.16 08:19:41 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.06.08 10:50:03 | 000,000,805 | ---- | M] () -- C:\Windows\ULEAD32.INI [2012.05.19 23:32:50 | 000,002,232 | ---- | M] () -- C:\Users\Nadja\Desktop\Free Audio Converter.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== File not found -- C:\Windows\SysNative\ [2012.06.18 02:49:16 | 000,022,016 | ---- | C] () -- C:\Windows\Installer\{f9365b67-4dbf-fa77-e471-0b88407f90f7}\U\800000cb.@ [2012.06.18 01:19:40 | 000,016,896 | ---- | C] () -- C:\Windows\Installer\{f9365b67-4dbf-fa77-e471-0b88407f90f7}\U\80000000.@ [2012.06.18 01:19:40 | 000,001,648 | ---- | C] () -- C:\Windows\Installer\{f9365b67-4dbf-fa77-e471-0b88407f90f7}\U\00000001.@ [2012.06.17 23:46:42 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.05.19 23:32:50 | 000,002,232 | ---- | C] () -- C:\Users\Nadja\Desktop\Free Audio Converter.lnk [2012.04.07 14:23:03 | 000,004,439 | ---- | C] () -- C:\Users\Nadja\AppData\Roaming\CamStudio.cfg [2012.04.07 14:23:03 | 000,000,115 | ---- | C] () -- C:\Users\Nadja\AppData\Roaming\Camdata.ini [2012.04.07 14:23:02 | 000,000,408 | ---- | C] () -- C:\Users\Nadja\AppData\Roaming\CamShapes.ini [2012.04.07 14:23:02 | 000,000,408 | ---- | C] () -- C:\Users\Nadja\AppData\Roaming\CamLayout.ini [2012.03.16 00:56:16 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll [2012.03.14 00:51:42 | 000,000,149 | ---- | C] () -- C:\Windows\MausII-Cfg.INI [2012.01.11 21:48:05 | 000,015,873 | ---- | C] () -- C:\Windows\SysWow64\Inetde.dll [2012.01.11 10:54:40 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{f9365b67-4dbf-fa77-e471-0b88407f90f7}\@ [2012.01.11 10:54:40 | 000,002,048 | -HS- | C] () -- C:\Users\Nadja\AppData\Local\{f9365b67-4dbf-fa77-e471-0b88407f90f7}\@ [2011.11.16 09:52:10 | 000,001,890 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2011.11.16 09:52:10 | 000,000,088 | RHS- | C] () -- C:\ProgramData\B63FEA3E66.sys [2011.05.29 10:11:59 | 000,714,526 | ---- | C] () -- C:\Windows\unins000.exe [2011.05.29 10:11:59 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll [2011.05.29 10:11:59 | 000,001,996 | ---- | C] () -- C:\Windows\unins000.dat [2011.05.29 00:20:22 | 000,001,474 | ---- | C] () -- C:\Users\Nadja\AppData\Local\RecConfig.xml [2011.05.28 11:07:37 | 000,005,632 | ---- | C] () -- C:\Users\Nadja\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.05.27 22:57:59 | 001,591,234 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.03.21 19:56:22 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll [2011.03.11 10:32:30 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI [2011.03.11 10:32:30 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2011.02.26 23:21:18 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll [2011.02.26 23:20:56 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini [2011.02.22 20:33:33 | 000,000,805 | ---- | C] () -- C:\Windows\ULEAD32.INI [2011.02.14 14:03:25 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib [2011.02.01 16:37:40 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\BrMuSNMP.dll [2011.01.29 18:00:22 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2011.01.29 18:00:22 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2011.01.29 18:00:22 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2011.01.29 18:00:22 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2011.01.24 05:57:11 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll [2010.12.31 01:51:07 | 000,017,408 | ---- | C] () -- C:\Users\Nadja\AppData\Local\WebpageIcons.db [2010.12.29 01:12:59 | 000,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2010.12.29 01:12:56 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll [2010.12.29 01:12:56 | 000,755,027 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2010.12.29 01:12:56 | 000,159,839 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2010.12.29 01:12:55 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2010.12.29 00:59:53 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2010.10.08 08:55:10 | 000,002,023 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2010.07.13 00:11:37 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2010.07.12 22:27:34 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin [2010.07.12 22:27:34 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll [2010.07.12 22:27:34 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll [2010.07.12 22:27:33 | 000,104,636 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin [2010.07.12 22:27:32 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin [2010.07.12 22:27:25 | 000,028,732 | ---- | C] () -- C:\Windows\SysWow64\ativvsny.dat [2010.07.12 22:27:25 | 000,026,936 | ---- | C] () -- C:\Windows\SysWow64\ativvsnl.dat ========== Alternate Data Streams ========== @Alternate Data Stream - 24 bytes -> C:\Windows:AFF2E49F2F588B4A < End of report > OTL Extras: Code:
ATTFilter OTL logfile created on: 18.06.2012 09:01:13 - Run 1 OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\Nadja\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,86 Gb Total Physical Memory | 2,17 Gb Available Physical Memory | 56,28% Memory free 11,58 Gb Paging File | 9,55 Gb Available in Paging File | 82,49% Paging File free Paging file location(s): c:\pagefile.sys 7905 7905 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 452,34 Gb Total Space | 368,02 Gb Free Space | 81,36% Space Free | Partition Type: NTFS Computer Name: NADJA-NOTEBOOK | User Name: Nadja | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Nadja\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Care\listener.exe (Sony of America Corporation) PRC - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\MausII\MausII.exe (www.ALGOMAHE.de) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software) PRC - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe (Brother Industries, Ltd.) PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\262285b3d0afafc5059f3fe9be69bff5\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8177623eac8f15cf95b587625439eac7\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\5be773440afa1e1f565f9021d8fd9730\IAStorUtil.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a1c4a635721f85bef0ea4194b888b871\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll () MOD - C:\Program Files (x86)\MausII\MausII.dll () MOD - C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll () MOD - C:\Program Files (x86)\WinRAR\rarext.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation) SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV - (Akamai) -- c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll () SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update Common\VUAgent.exe (Sony Corporation) SRV - (VcmIAlzMgr) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) SRV - (VCService) -- C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation) SRV - (VcmINSMgr) -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation) SRV - (VcmXmlIfHelper) -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation) SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation) SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation) SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation) SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation) SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV - (VSNService) -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation) SRV - (SpfService) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation) SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation) SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (StarWindServiceAE) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software) SRV - (AdobeActiveFileMonitor8.0) -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.) SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®) ========== Driver Services (SafeList) ========== DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys () DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys () DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (HPub4DE3) USB Mouse Low Filter Driver_4DE3 (WDF Version) -- C:\Windows\SysNative\drivers\HPub4DE3.sys (TPMX Electronics Ltd.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HPMo4DE3) Mouse Suite Driver_4DE3 (WDF Version) -- C:\Windows\SysNative\drivers\HPMo4DE3.sys (TPMX Electronics Ltd.) DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys () DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (IntcDAud) Intel(R) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.) DRV:64bit: - (btwampfl) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.) DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.) DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.) DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.) DRV:64bit: - (risdsnpe) -- C:\Windows\SysNative\drivers\risdsne64.sys (REDC) DRV:64bit: - (rimspci) -- C:\Windows\SysNative\drivers\rimssne64.sys (REDC) DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation) DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation) DRV:64bit: - (SCDEmu) -- C:\Windows\SysNative\drivers\scdemu.sys (PowerISO Computing, Inc.) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKCU\..\SearchScopes\{49617DE8-6AB3-4157-A35F-ED9BC249E64E}: "URL" = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices IE - HKCU\..\SearchScopes\{5FEF25B0-7B10-4E3C-92F5-1CFADE371A77}: "URL" = hxxp://de.shopping.com/?linkin_id=8056363 IE - HKCU\..\SearchScopes\{898E5F44-1F4A-442C-9EAD-15AF6410DA4A}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;192.168.*.*;127.0.0.1:9421; ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Yahoo" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de" FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.1 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.8 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25 FF - prefs.js..extensions.enabledItems: html5notifications@paxal.net:0.7.2 FF - prefs.js..extensions.enabledItems: selectionlinks@floriangilles.com:0.0.4 FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.2.1: C:\Windows\system32\npDeployJava1.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.03.09 20:12:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.03.09 20:12:20 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.04.25 10:59:51 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.07.31 23:51:55 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.04.25 10:59:51 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.07.31 23:51:55 | 000,000,000 | ---D | M] [2010.12.28 18:08:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nadja\AppData\Roaming\mozilla\Extensions [2012.05.17 21:43:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nadja\AppData\Roaming\mozilla\Firefox\Profiles\6fwi0ip4.default\extensions [2012.03.05 21:06:31 | 000,000,000 | ---D | M] (Buyertools) -- C:\Users\Nadja\AppData\Roaming\mozilla\Firefox\Profiles\6fwi0ip4.default\extensions\{411F2F11-830F-4AB5-B7F0-FBC77B870B5A} [2012.03.30 13:51:24 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Nadja\AppData\Roaming\mozilla\Firefox\Profiles\6fwi0ip4.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012.05.17 21:43:45 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Nadja\AppData\Roaming\mozilla\Firefox\Profiles\6fwi0ip4.default\extensions\ich@maltegoetz.de [2011.06.22 01:47:12 | 000,000,000 | ---D | M] (Selection Links) -- C:\Users\Nadja\AppData\Roaming\mozilla\Firefox\Profiles\6fwi0ip4.default\extensions\selectionlinks@floriangilles.com [2011.11.09 16:05:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.01.06 00:45:21 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\NADJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6FWI0IP4.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2012.02.26 01:59:24 | 000,046,888 | ---- | M] () (No name found) -- C:\USERS\NADJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6FWI0IP4.DEFAULT\EXTENSIONS\HTML5NOTIFICATIONS@PAXAL.NET.XPI [2011.06.22 22:35:26 | 000,024,747 | ---- | M] () (No name found) -- C:\USERS\NADJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6FWI0IP4.DEFAULT\EXTENSIONS\LINKY@GEMAL.DK.XPI [2011.12.27 01:58:35 | 000,038,090 | ---- | M] () (No name found) -- C:\USERS\NADJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6FWI0IP4.DEFAULT\EXTENSIONS\MULTILINKS@PLUGIN.XPI [2012.04.25 10:59:51 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.04.14 05:08:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011.02.14 15:07:10 | 000,000,960 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com O1 - Hosts: 127.0.0.1 alcohol-soft.com O1 - Hosts: 127.0.0.1 images.alcohol-soft.com O1 - Hosts: 127.0.0.1 mermaidconsulting.dk O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation) O4 - HKCU..\Run: [MausII - algomahe.de] C:\Program Files (x86)\MausII\MausII.exe (www.ALGOMAHE.de) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited) O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC863AAA-54E2-4F05-A57B-5B003D0368DB}: DhcpNameServer = 172.16.16.19 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C3FA99C0-6D20-46D3-A571-87208C430CB4}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\igfxcui: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\autorun_setup.bat O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.06.18 08:59:18 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Nadja\Desktop\OTL.exe [2012.06.17 23:46:47 | 000,000,000 | ---D | C] -- C:\Users\Nadja\AppData\Roaming\Malwarebytes [2012.06.17 23:46:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.06.17 23:46:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.06.17 23:46:40 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.06.17 23:46:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.06.16 08:47:28 | 000,000,000 | ---D | C] -- C:\Users\Nadja\AppData\Local\Macromedia [2012.05.19 23:32:50 | 002,557,952 | ---- | C] (Nokia Corporation and/or its subsidiary(-ies)) -- C:\Windows\SysWow64\QtCore4.dll [2011.01.04 13:28:27 | 000,437,248 | ---- | C] (Microsoft Corporation) -- C:\Program Files\mspaint.exe [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== File not found -- C:\Windows\SysNative\ [2012.06.18 08:59:19 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Nadja\Desktop\OTL.exe [2012.06.18 08:44:53 | 000,013,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.06.18 08:44:53 | 000,013,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.06.18 08:29:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.06.17 23:46:42 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.06.17 23:20:22 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.06.17 10:13:18 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.06.17 10:13:18 | 000,697,082 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.06.17 10:13:18 | 000,652,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.06.17 10:13:18 | 000,148,346 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.06.17 10:13:18 | 000,121,292 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.06.17 09:57:47 | 3106,480,128 | -HS- | M] () -- C:\hiberfil.sys [2012.06.16 23:57:26 | 000,001,205 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Status Monitor.lnk [2012.06.16 08:19:41 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.06.16 08:19:41 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.06.08 10:50:03 | 000,000,805 | ---- | M] () -- C:\Windows\ULEAD32.INI [2012.05.19 23:32:50 | 000,002,232 | ---- | M] () -- C:\Users\Nadja\Desktop\Free Audio Converter.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== File not found -- C:\Windows\SysNative\ [2012.06.18 02:49:16 | 000,022,016 | ---- | C] () -- C:\Windows\Installer\{f9365b67-4dbf-fa77-e471-0b88407f90f7}\U\800000cb.@ [2012.06.18 01:19:40 | 000,016,896 | ---- | C] () -- C:\Windows\Installer\{f9365b67-4dbf-fa77-e471-0b88407f90f7}\U\80000000.@ [2012.06.18 01:19:40 | 000,001,648 | ---- | C] () -- C:\Windows\Installer\{f9365b67-4dbf-fa77-e471-0b88407f90f7}\U\00000001.@ [2012.06.17 23:46:42 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.05.19 23:32:50 | 000,002,232 | ---- | C] () -- C:\Users\Nadja\Desktop\Free Audio Converter.lnk [2012.04.07 14:23:03 | 000,004,439 | ---- | C] () -- C:\Users\Nadja\AppData\Roaming\CamStudio.cfg [2012.04.07 14:23:03 | 000,000,115 | ---- | C] () -- C:\Users\Nadja\AppData\Roaming\Camdata.ini [2012.04.07 14:23:02 | 000,000,408 | ---- | C] () -- C:\Users\Nadja\AppData\Roaming\CamShapes.ini [2012.04.07 14:23:02 | 000,000,408 | ---- | C] () -- C:\Users\Nadja\AppData\Roaming\CamLayout.ini [2012.03.16 00:56:16 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll [2012.03.14 00:51:42 | 000,000,149 | ---- | C] () -- C:\Windows\MausII-Cfg.INI [2012.01.11 21:48:05 | 000,015,873 | ---- | C] () -- C:\Windows\SysWow64\Inetde.dll [2012.01.11 10:54:40 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{f9365b67-4dbf-fa77-e471-0b88407f90f7}\@ [2012.01.11 10:54:40 | 000,002,048 | -HS- | C] () -- C:\Users\Nadja\AppData\Local\{f9365b67-4dbf-fa77-e471-0b88407f90f7}\@ [2011.11.16 09:52:10 | 000,001,890 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2011.11.16 09:52:10 | 000,000,088 | RHS- | C] () -- C:\ProgramData\B63FEA3E66.sys [2011.05.29 10:11:59 | 000,714,526 | ---- | C] () -- C:\Windows\unins000.exe [2011.05.29 10:11:59 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll [2011.05.29 10:11:59 | 000,001,996 | ---- | C] () -- C:\Windows\unins000.dat [2011.05.29 00:20:22 | 000,001,474 | ---- | C] () -- C:\Users\Nadja\AppData\Local\RecConfig.xml [2011.05.28 11:07:37 | 000,005,632 | ---- | C] () -- C:\Users\Nadja\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.05.27 22:57:59 | 001,591,234 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.03.21 19:56:22 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll [2011.03.11 10:32:30 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI [2011.03.11 10:32:30 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2011.02.26 23:21:18 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll [2011.02.26 23:20:56 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini [2011.02.22 20:33:33 | 000,000,805 | ---- | C] () -- C:\Windows\ULEAD32.INI [2011.02.14 14:03:25 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib [2011.02.01 16:37:40 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\BrMuSNMP.dll [2011.01.29 18:00:22 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2011.01.29 18:00:22 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2011.01.29 18:00:22 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2011.01.29 18:00:22 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2011.01.24 05:57:11 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll [2010.12.31 01:51:07 | 000,017,408 | ---- | C] () -- C:\Users\Nadja\AppData\Local\WebpageIcons.db [2010.12.29 01:12:59 | 000,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2010.12.29 01:12:56 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll [2010.12.29 01:12:56 | 000,755,027 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2010.12.29 01:12:56 | 000,159,839 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2010.12.29 01:12:55 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2010.12.29 00:59:53 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2010.10.08 08:55:10 | 000,002,023 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2010.07.13 00:11:37 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2010.07.12 22:27:34 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin [2010.07.12 22:27:34 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll [2010.07.12 22:27:34 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll [2010.07.12 22:27:33 | 000,104,636 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin [2010.07.12 22:27:32 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin [2010.07.12 22:27:25 | 000,028,732 | ---- | C] () -- C:\Windows\SysWow64\ativvsny.dat [2010.07.12 22:27:25 | 000,026,936 | ---- | C] () -- C:\Windows\SysWow64\ativvsnl.dat ========== Alternate Data Streams ========== @Alternate Data Stream - 24 bytes -> C:\Windows:AFF2E49F2F588B4A < End of report > Geändert von Sabishii (18.06.2012 um 08:28 Uhr) |
|
18.06.2012, 08:27
| #4 |
| | tr/atraps.gen2 gefunden und Registryänderungen festgestellt TDSS-Killer: Code:
ATTFilter 09:13:58.0300 4524 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
09:13:58.0393 4524 ============================================================
09:13:58.0393 4524 Current date / time: 2012/06/18 09:13:58.0393
09:13:58.0393 4524 SystemInfo:
09:13:58.0393 4524
09:13:58.0393 4524 OS Version: 6.1.7601 ServicePack: 1.0
09:13:58.0393 4524 Product type: Workstation
09:13:58.0393 4524 ComputerName: NADJA-NOTEBOOK
09:13:58.0393 4524 UserName: Nadja
09:13:58.0393 4524 Windows directory: C:\Windows
09:13:58.0393 4524 System windows directory: C:\Windows
09:13:58.0393 4524 Running under WOW64
09:13:58.0393 4524 Processor architecture: Intel x64
09:13:58.0393 4524 Number of processors: 4
09:13:58.0393 4524 Page size: 0x1000
09:13:58.0393 4524 Boot type: Normal boot
09:13:58.0393 4524 ============================================================
09:13:58.0814 4524 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:13:58.0814 4524 ============================================================
09:13:58.0814 4524 \Device\Harddisk0\DR0:
09:13:58.0814 4524 MBR partitions:
09:13:58.0814 4524 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1AA7000, BlocksNum 0x32000
09:13:58.0814 4524 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1AD9000, BlocksNum 0x388AC830
09:13:58.0814 4524 ============================================================
09:13:58.0846 4524 C: <-> \Device\Harddisk0\DR0\Partition1
09:13:58.0846 4524 ============================================================
09:13:58.0846 4524 Initialize success
09:13:58.0846 4524 ============================================================
09:13:59.0953 7076 ============================================================
09:13:59.0953 7076 Scan started
09:13:59.0953 7076 Mode: Manual;
09:13:59.0953 7076 ============================================================
09:14:00.0374 7076 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
09:14:00.0390 7076 1394ohci - ok
09:14:00.0484 7076 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
09:14:00.0484 7076 ACDaemon - ok
09:14:00.0562 7076 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
09:14:00.0562 7076 ACPI - ok
09:14:00.0608 7076 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
09:14:00.0608 7076 AcpiPmi - ok
09:14:00.0702 7076 AdobeActiveFileMonitor8.0 (34400005de52842c4d6d4ee978b4d7ce) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
09:14:00.0702 7076 AdobeActiveFileMonitor8.0 - ok
09:14:00.0796 7076 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
09:14:00.0811 7076 adp94xx - ok
09:14:00.0874 7076 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
09:14:00.0874 7076 adpahci - ok
09:14:00.0936 7076 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
09:14:00.0952 7076 adpu320 - ok
09:14:00.0983 7076 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
09:14:00.0983 7076 AeLookupSvc - ok
09:14:01.0076 7076 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
09:14:01.0076 7076 AFD - ok
09:14:01.0123 7076 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
09:14:01.0139 7076 agp440 - ok
09:14:01.0529 7076 Akamai (c775d704feb2b600a5bf7b0b088546af) c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll
09:14:01.0529 7076 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll. md5: c775d704feb2b600a5bf7b0b088546af
09:14:01.0529 7076 Akamai ( HiddenFile.Multi.Generic ) - warning
09:14:01.0529 7076 Akamai - detected HiddenFile.Multi.Generic (1)
09:14:01.0700 7076 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
09:14:01.0700 7076 ALG - ok
09:14:01.0763 7076 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
09:14:01.0763 7076 aliide - ok
09:14:01.0825 7076 AMD External Events Utility (3f9b03b72577a6a7405bf30801cbd159) C:\Windows\system32\atiesrxx.exe
09:14:01.0825 7076 AMD External Events Utility - ok
09:14:01.0872 7076 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
09:14:01.0888 7076 amdide - ok
09:14:01.0919 7076 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
09:14:01.0919 7076 AmdK8 - ok
09:14:02.0512 7076 amdkmdag (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys
09:14:02.0558 7076 amdkmdag - ok
09:14:02.0746 7076 amdkmdap (dca6e341a4a7c31ea8a14c6166c9b249) C:\Windows\system32\DRIVERS\atikmpag.sys
09:14:02.0746 7076 amdkmdap - ok
09:14:02.0777 7076 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
09:14:02.0777 7076 AmdPPM - ok
09:14:02.0824 7076 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
09:14:02.0824 7076 amdsata - ok
09:14:02.0886 7076 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
09:14:02.0886 7076 amdsbs - ok
09:14:02.0917 7076 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
09:14:02.0917 7076 amdxata - ok
09:14:03.0026 7076 AntiVirSchedulerService (a122d68ea2541453f787f341877cb40b) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
09:14:03.0042 7076 AntiVirSchedulerService - ok
09:14:03.0089 7076 AntiVirService (2fe359edeb34efcf42574752f8aebd3f) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
09:14:03.0089 7076 AntiVirService - ok
09:14:03.0182 7076 ApfiltrService (2d45f2dfbc3d8f53df7ebeffa8c9bc38) C:\Windows\system32\drivers\Apfiltr.sys
09:14:03.0198 7076 ApfiltrService - ok
09:14:03.0245 7076 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
09:14:03.0245 7076 AppID - ok
09:14:03.0276 7076 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
09:14:03.0292 7076 AppIDSvc - ok
09:14:03.0323 7076 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
09:14:03.0338 7076 Appinfo - ok
09:14:03.0385 7076 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
09:14:03.0385 7076 arc - ok
09:14:03.0432 7076 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
09:14:03.0432 7076 arcsas - ok
09:14:03.0448 7076 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
09:14:03.0448 7076 ArcSoftKsUFilter - ok
09:14:03.0572 7076 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:14:03.0572 7076 aspnet_state - ok
09:14:03.0604 7076 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
09:14:03.0604 7076 AsyncMac - ok
09:14:03.0666 7076 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
09:14:03.0666 7076 atapi - ok
09:14:03.0822 7076 athr (cca705cdf038d5bc243203ce4416b345) C:\Windows\system32\DRIVERS\athrx.sys
09:14:03.0853 7076 athr - ok
09:14:04.0555 7076 atikmdag (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys
09:14:04.0602 7076 atikmdag - ok
09:14:04.0820 7076 atksgt (fc0e8778c000291caf60eb88c011e931) C:\Windows\system32\DRIVERS\atksgt.sys
09:14:04.0836 7076 atksgt - ok
09:14:04.0930 7076 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
09:14:04.0945 7076 AudioEndpointBuilder - ok
09:14:04.0961 7076 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
09:14:04.0961 7076 AudioSrv - ok
09:14:05.0023 7076 avgntflt (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
09:14:05.0023 7076 avgntflt - ok
09:14:05.0086 7076 avipbb (852e3c0a60d368c487949e55ad52a47f) C:\Windows\system32\DRIVERS\avipbb.sys
09:14:05.0101 7076 avipbb - ok
09:14:05.0117 7076 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
09:14:05.0117 7076 avkmgr - ok
09:14:05.0195 7076 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
09:14:05.0195 7076 AxInstSV - ok
09:14:05.0257 7076 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
09:14:05.0273 7076 b06bdrv - ok
09:14:05.0320 7076 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
09:14:05.0335 7076 b57nd60a - ok
09:14:05.0382 7076 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
09:14:05.0398 7076 BDESVC - ok
09:14:05.0413 7076 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
09:14:05.0413 7076 Beep - ok
09:14:05.0522 7076 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
09:14:05.0522 7076 BFE - ok
09:14:05.0632 7076 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
09:14:05.0647 7076 BITS - ok
09:14:05.0710 7076 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
09:14:05.0710 7076 blbdrive - ok
09:14:05.0772 7076 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
09:14:05.0772 7076 bowser - ok
09:14:05.0803 7076 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
09:14:05.0819 7076 BrFiltLo - ok
09:14:05.0834 7076 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
09:14:05.0834 7076 BrFiltUp - ok
09:14:05.0881 7076 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
09:14:05.0881 7076 Browser - ok
09:14:05.0928 7076 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
09:14:05.0944 7076 Brserid - ok
09:14:05.0975 7076 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
09:14:05.0975 7076 BrSerWdm - ok
09:14:06.0022 7076 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
09:14:06.0022 7076 BrUsbMdm - ok
09:14:06.0053 7076 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
09:14:06.0053 7076 BrUsbSer - ok
09:14:06.0115 7076 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
09:14:06.0131 7076 BthEnum - ok
09:14:06.0146 7076 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
09:14:06.0146 7076 BTHMODEM - ok
09:14:06.0209 7076 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
09:14:06.0209 7076 BthPan - ok
09:14:06.0271 7076 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
09:14:06.0287 7076 BTHPORT - ok
09:14:06.0349 7076 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
09:14:06.0349 7076 bthserv - ok
09:14:06.0365 7076 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
09:14:06.0365 7076 BTHUSB - ok
09:14:06.0443 7076 btwampfl (59e3510784548c6939c1b3b985c232e3) C:\Windows\system32\drivers\btwampfl.sys
09:14:06.0458 7076 btwampfl - ok
09:14:06.0490 7076 btwaudio (1872074ed0a3fb22e3f1e3197b984bfa) C:\Windows\system32\drivers\btwaudio.sys
09:14:06.0490 7076 btwaudio - ok
09:14:06.0552 7076 btwavdt (691cf076c33ab1c3a5b2fd5450300733) C:\Windows\system32\drivers\btwavdt.sys
09:14:06.0568 7076 btwavdt - ok
09:14:06.0739 7076 btwdins (8ba6e93a182126781952a7895ec1e4b2) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
09:14:06.0755 7076 btwdins - ok
09:14:06.0802 7076 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
09:14:06.0817 7076 btwl2cap - ok
09:14:06.0848 7076 btwrchid (c9273b20dec8ce38dbce5d29de63c907) C:\Windows\system32\DRIVERS\btwrchid.sys
09:14:06.0848 7076 btwrchid - ok
09:14:06.0880 7076 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
09:14:06.0880 7076 cdfs - ok
09:14:06.0958 7076 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
09:14:06.0958 7076 cdrom - ok
09:14:07.0004 7076 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
09:14:07.0004 7076 CertPropSvc - ok
09:14:07.0051 7076 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
09:14:07.0051 7076 circlass - ok
09:14:07.0114 7076 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
09:14:07.0129 7076 CLFS - ok
09:14:07.0192 7076 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:14:07.0192 7076 clr_optimization_v2.0.50727_32 - ok
09:14:07.0238 7076 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:14:07.0238 7076 clr_optimization_v2.0.50727_64 - ok
09:14:07.0332 7076 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:14:07.0332 7076 clr_optimization_v4.0.30319_32 - ok
09:14:07.0379 7076 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:14:07.0379 7076 clr_optimization_v4.0.30319_64 - ok
09:14:07.0426 7076 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
09:14:07.0426 7076 CmBatt - ok
09:14:07.0472 7076 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
09:14:07.0472 7076 cmdide - ok
09:14:07.0550 7076 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
09:14:07.0566 7076 CNG - ok
09:14:07.0628 7076 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
09:14:07.0628 7076 Compbatt - ok
09:14:07.0675 7076 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
09:14:07.0675 7076 CompositeBus - ok
09:14:07.0691 7076 COMSysApp - ok
09:14:07.0706 7076 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
09:14:07.0722 7076 crcdisk - ok
09:14:07.0784 7076 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
09:14:07.0784 7076 CryptSvc - ok
09:14:07.0862 7076 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
09:14:07.0862 7076 DcomLaunch - ok
09:14:07.0909 7076 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
09:14:07.0909 7076 defragsvc - ok
09:14:07.0972 7076 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
09:14:07.0972 7076 DfsC - ok
09:14:08.0018 7076 dgderdrv - ok
09:14:08.0081 7076 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
09:14:08.0081 7076 Dhcp - ok
09:14:08.0112 7076 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
09:14:08.0112 7076 discache - ok
09:14:08.0159 7076 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
09:14:08.0174 7076 Disk - ok
09:14:08.0221 7076 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
09:14:08.0221 7076 Dnscache - ok
09:14:08.0284 7076 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
09:14:08.0299 7076 dot3svc - ok
09:14:08.0362 7076 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
09:14:08.0377 7076 DPS - ok
09:14:08.0408 7076 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
09:14:08.0408 7076 drmkaud - ok
09:14:08.0518 7076 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
09:14:08.0533 7076 DXGKrnl - ok
09:14:08.0564 7076 EagleX64 - ok
09:14:08.0627 7076 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
09:14:08.0627 7076 EapHost - ok
09:14:08.0908 7076 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
09:14:08.0923 7076 ebdrv - ok
09:14:09.0079 7076 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
09:14:09.0079 7076 EFS - ok
09:14:09.0204 7076 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
09:14:09.0220 7076 ehRecvr - ok
09:14:09.0251 7076 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
09:14:09.0251 7076 ehSched - ok
09:14:09.0344 7076 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
09:14:09.0360 7076 elxstor - ok
09:14:09.0407 7076 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
09:14:09.0407 7076 ErrDev - ok
09:14:09.0469 7076 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
09:14:09.0485 7076 EventSystem - ok
09:14:09.0532 7076 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
09:14:09.0532 7076 exfat - ok
09:14:09.0578 7076 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
09:14:09.0578 7076 fastfat - ok
09:14:09.0688 7076 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
09:14:09.0703 7076 Fax - ok
09:14:09.0734 7076 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
09:14:09.0734 7076 fdc - ok
09:14:09.0781 7076 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
09:14:09.0781 7076 fdPHost - ok
09:14:09.0797 7076 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
09:14:09.0797 7076 FDResPub - ok
09:14:09.0828 7076 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
09:14:09.0828 7076 FileInfo - ok
09:14:09.0844 7076 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
09:14:09.0859 7076 Filetrace - ok
09:14:10.0124 7076 FirebirdServerMAGIXInstance (167d24a045499ebef438f231976158df) C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe
09:14:10.0156 7076 FirebirdServerMAGIXInstance - ok
09:14:10.0265 7076 FLEXnet Licensing Service (abedfd48ac042c6aaad32452e77217a1) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:14:10.0280 7076 FLEXnet Licensing Service - ok
09:14:10.0421 7076 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
09:14:10.0421 7076 flpydisk - ok
09:14:10.0483 7076 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
09:14:10.0483 7076 FltMgr - ok
09:14:10.0624 7076 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
09:14:10.0655 7076 FontCache - ok
09:14:10.0748 7076 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:14:10.0748 7076 FontCache3.0.0.0 - ok
09:14:10.0795 7076 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
09:14:10.0811 7076 FsDepends - ok
09:14:10.0842 7076 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
09:14:10.0858 7076 Fs_Rec - ok
09:14:10.0920 7076 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
09:14:10.0920 7076 fvevol - ok
09:14:10.0967 7076 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
09:14:10.0967 7076 gagp30kx - ok
09:14:11.0060 7076 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
09:14:11.0076 7076 gpsvc - ok
09:14:11.0107 7076 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
09:14:11.0107 7076 hcw85cir - ok
09:14:11.0201 7076 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
09:14:11.0201 7076 HdAudAddService - ok
09:14:11.0263 7076 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
09:14:11.0279 7076 HDAudBus - ok
09:14:11.0310 7076 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\drivers\HECIx64.sys
09:14:11.0310 7076 HECIx64 - ok
09:14:11.0341 7076 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
09:14:11.0357 7076 HidBatt - ok
09:14:11.0388 7076 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
09:14:11.0404 7076 HidBth - ok
09:14:11.0419 7076 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
09:14:11.0419 7076 HidIr - ok
09:14:11.0466 7076 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
09:14:11.0466 7076 hidserv - ok
09:14:11.0513 7076 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
09:14:11.0513 7076 HidUsb - ok
09:14:11.0560 7076 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
09:14:11.0575 7076 hkmsvc - ok
09:14:11.0638 7076 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
09:14:11.0653 7076 HomeGroupListener - ok
09:14:11.0684 7076 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
09:14:11.0700 7076 HomeGroupProvider - ok
09:14:11.0747 7076 HPMo4DE3 (502433044773567f6ce942f8e0a621ca) C:\Windows\system32\DRIVERS\HPMo4DE3.sys
09:14:11.0747 7076 HPMo4DE3 - ok
09:14:11.0794 7076 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
09:14:11.0809 7076 HpSAMD - ok
09:14:11.0825 7076 HPub4DE3 (a635ddb3ed98953bb4d42079017b4e30) C:\Windows\system32\Drivers\HPub4DE3.sys
09:14:11.0825 7076 HPub4DE3 - ok
09:14:11.0934 7076 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
09:14:11.0934 7076 HTTP - ok
09:14:11.0965 7076 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
09:14:11.0981 7076 hwpolicy - ok
09:14:12.0043 7076 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
09:14:12.0043 7076 i8042prt - ok
09:14:12.0121 7076 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\drivers\iaStor.sys
09:14:12.0137 7076 iaStor - ok
09:14:12.0246 7076 IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
09:14:12.0246 7076 IAStorDataMgrSvc - ok
09:14:12.0293 7076 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
09:14:12.0308 7076 iaStorV - ok
09:14:12.0464 7076 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:14:12.0496 7076 idsvc - ok
09:14:13.0260 7076 igfx (2a22ab054f4630d2ef4bab2853f6d5f6) C:\Windows\system32\DRIVERS\igdkmd64.sys
09:14:13.0463 7076 igfx - ok
09:14:13.0634 7076 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
09:14:13.0634 7076 iirsp - ok
09:14:13.0744 7076 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
09:14:13.0759 7076 IKEEXT - ok
09:14:13.0837 7076 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
09:14:13.0837 7076 Impcd - ok
09:14:14.0118 7076 IntcAzAudAddService (26407a11d7e222afb7ce32700abbd9d1) C:\Windows\system32\drivers\RTKVHD64.sys
09:14:14.0180 7076 IntcAzAudAddService - ok
09:14:14.0383 7076 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
09:14:14.0383 7076 IntcDAud - ok
09:14:14.0414 7076 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
09:14:14.0414 7076 intelide - ok
09:14:14.0461 7076 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
09:14:14.0477 7076 intelppm - ok
09:14:14.0524 7076 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
09:14:14.0539 7076 IPBusEnum - ok
09:14:14.0586 7076 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:14:14.0586 7076 IpFilterDriver - ok
09:14:14.0633 7076 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
09:14:14.0633 7076 IPMIDRV - ok
09:14:14.0664 7076 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
09:14:14.0664 7076 IPNAT - ok
09:14:14.0711 7076 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
09:14:14.0711 7076 IRENUM - ok
09:14:14.0742 7076 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
09:14:14.0742 7076 isapnp - ok
09:14:14.0804 7076 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
09:14:14.0804 7076 iScsiPrt - ok
09:14:14.0836 7076 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
09:14:14.0851 7076 kbdclass - ok
09:14:14.0898 7076 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
09:14:14.0898 7076 kbdhid - ok
09:14:14.0945 7076 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:14:14.0945 7076 KeyIso - ok
09:14:14.0960 7076 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
09:14:14.0960 7076 KSecDD - ok
09:14:14.0992 7076 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
09:14:14.0992 7076 KSecPkg - ok
09:14:15.0038 7076 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
09:14:15.0054 7076 ksthunk - ok
09:14:15.0101 7076 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
09:14:15.0116 7076 KtmRm - ok
09:14:15.0179 7076 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
09:14:15.0179 7076 LanmanServer - ok
09:14:15.0241 7076 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
09:14:15.0257 7076 LanmanWorkstation - ok
09:14:15.0304 7076 lirsgt (156ab2e56dc3ca0b582e3362e07cded7) C:\Windows\system32\DRIVERS\lirsgt.sys
09:14:15.0319 7076 lirsgt - ok
09:14:15.0366 7076 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
09:14:15.0366 7076 lltdio - ok
09:14:15.0413 7076 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
09:14:15.0413 7076 lltdsvc - ok
09:14:15.0460 7076 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
09:14:15.0460 7076 lmhosts - ok
09:14:15.0569 7076 LMS (3d23191672d83e90d1cf63927ee98136) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
09:14:15.0569 7076 LMS - ok
09:14:15.0631 7076 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
09:14:15.0631 7076 LSI_FC - ok
09:14:15.0647 7076 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
09:14:15.0662 7076 LSI_SAS - ok
09:14:15.0694 7076 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
09:14:15.0694 7076 LSI_SAS2 - ok
09:14:15.0725 7076 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
09:14:15.0725 7076 LSI_SCSI - ok
09:14:15.0787 7076 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
09:14:15.0787 7076 luafv - ok
09:14:15.0850 7076 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
09:14:15.0850 7076 Mcx2Svc - ok
09:14:15.0881 7076 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
09:14:15.0881 7076 megasas - ok
09:14:15.0943 7076 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
09:14:15.0959 7076 MegaSR - ok
09:14:15.0990 7076 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:14:15.0990 7076 MMCSS - ok
09:14:16.0021 7076 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
09:14:16.0021 7076 Modem - ok
09:14:16.0052 7076 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
09:14:16.0052 7076 monitor - ok
09:14:16.0084 7076 motmodem - ok
09:14:16.0130 7076 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
09:14:16.0130 7076 mouclass - ok
09:14:16.0177 7076 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
09:14:16.0177 7076 mouhid - ok
09:14:16.0224 7076 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
09:14:16.0240 7076 mountmgr - ok
09:14:16.0318 7076 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:14:16.0333 7076 MozillaMaintenance - ok
09:14:16.0364 7076 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
09:14:16.0380 7076 mpio - ok
09:14:16.0427 7076 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
09:14:16.0442 7076 mpsdrv - ok
09:14:16.0489 7076 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
09:14:16.0489 7076 MRxDAV - ok
09:14:16.0536 7076 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:14:16.0552 7076 mrxsmb - ok
09:14:16.0598 7076 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:14:16.0614 7076 mrxsmb10 - ok
09:14:16.0661 7076 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:14:16.0661 7076 mrxsmb20 - ok
09:14:16.0708 7076 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
09:14:16.0708 7076 msahci - ok
09:14:16.0754 7076 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
09:14:16.0754 7076 msdsm - ok
09:14:16.0801 7076 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
09:14:16.0817 7076 MSDTC - ok
09:14:16.0864 7076 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
09:14:16.0864 7076 Msfs - ok
09:14:16.0895 7076 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
09:14:16.0895 7076 mshidkmdf - ok
09:14:16.0942 7076 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
09:14:16.0942 7076 msisadrv - ok
09:14:16.0973 7076 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
09:14:16.0973 7076 MSiSCSI - ok
09:14:16.0988 7076 msiserver - ok
09:14:17.0020 7076 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
09:14:17.0020 7076 MSKSSRV - ok
09:14:17.0035 7076 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
09:14:17.0035 7076 MSPCLOCK - ok
09:14:17.0051 7076 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
09:14:17.0051 7076 MSPQM - ok
09:14:17.0113 7076 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
09:14:17.0129 7076 MsRPC - ok
09:14:17.0160 7076 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
09:14:17.0160 7076 mssmbios - ok
09:14:17.0176 7076 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
09:14:17.0176 7076 MSTEE - ok
09:14:17.0207 7076 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
09:14:17.0207 7076 MTConfig - ok
09:14:17.0222 7076 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
09:14:17.0222 7076 Mup - ok
09:14:17.0300 7076 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
09:14:17.0300 7076 napagent - ok
09:14:17.0378 7076 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
09:14:17.0394 7076 NativeWifiP - ok
09:14:17.0519 7076 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
09:14:17.0534 7076 NDIS - ok
09:14:17.0566 7076 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
09:14:17.0566 7076 NdisCap - ok
09:14:17.0597 7076 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
09:14:17.0597 7076 NdisTapi - ok
09:14:17.0644 7076 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
09:14:17.0644 7076 Ndisuio - ok
09:14:17.0675 7076 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
09:14:17.0675 7076 NdisWan - ok
09:14:17.0722 7076 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
09:14:17.0722 7076 NDProxy - ok
09:14:17.0753 7076 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
09:14:17.0753 7076 NetBIOS - ok
09:14:17.0815 7076 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
09:14:17.0831 7076 NetBT - ok
09:14:17.0878 7076 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:14:17.0878 7076 Netlogon - ok
09:14:17.0940 7076 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
09:14:17.0940 7076 Netman - ok
09:14:18.0065 7076 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:14:18.0065 7076 NetMsmqActivator - ok
09:14:18.0065 7076 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:14:18.0080 7076 NetPipeActivator - ok
09:14:18.0143 7076 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
09:14:18.0158 7076 netprofm - ok
09:14:18.0190 7076 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:14:18.0190 7076 NetTcpActivator - ok
09:14:18.0190 7076 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:14:18.0190 7076 NetTcpPortSharing - ok
09:14:18.0268 7076 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
09:14:18.0268 7076 nfrd960 - ok
09:14:18.0346 7076 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
09:14:18.0361 7076 NlaSvc - ok
09:14:18.0517 7076 NMIndexingService (a328a46d87bb92ce4d8a4528e9d84787) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
09:14:18.0517 7076 NMIndexingService - ok
09:14:18.0548 7076 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
09:14:18.0564 7076 Npfs - ok
09:14:18.0595 7076 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
09:14:18.0595 7076 nsi - ok
09:14:18.0611 7076 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
09:14:18.0611 7076 nsiproxy - ok
09:14:18.0782 7076 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
09:14:18.0814 7076 Ntfs - ok
09:14:18.0954 7076 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
09:14:18.0954 7076 Null - ok
09:14:19.0001 7076 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
09:14:19.0016 7076 nvraid - ok
09:14:19.0063 7076 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
09:14:19.0063 7076 nvstor - ok
09:14:19.0094 7076 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
09:14:19.0110 7076 nv_agp - ok
09:14:19.0141 7076 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
09:14:19.0141 7076 ohci1394 - ok
09:14:19.0219 7076 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:14:19.0235 7076 ose - ok
09:14:19.0282 7076 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:14:19.0282 7076 p2pimsvc - ok
09:14:19.0344 7076 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
09:14:19.0360 7076 p2psvc - ok
09:14:19.0391 7076 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
09:14:19.0391 7076 Parport - ok
09:14:19.0438 7076 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
09:14:19.0438 7076 partmgr - ok
09:14:19.0484 7076 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
09:14:19.0500 7076 PcaSvc - ok
09:14:19.0547 7076 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
09:14:19.0547 7076 pci - ok
09:14:19.0609 7076 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
09:14:19.0609 7076 pciide - ok
09:14:19.0640 7076 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
09:14:19.0656 7076 pcmcia - ok
09:14:19.0687 7076 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
09:14:19.0703 7076 pcw - ok
09:14:19.0781 7076 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
09:14:19.0796 7076 PEAUTH - ok
09:14:19.0906 7076 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
09:14:19.0906 7076 PerfHost - ok
09:14:20.0140 7076 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
09:14:20.0171 7076 pla - ok
09:14:20.0249 7076 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
09:14:20.0264 7076 PlugPlay - ok
09:14:20.0405 7076 PMBDeviceInfoProvider (80e85394d8cd7f84340b1c6f4b9d698f) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
09:14:20.0405 7076 PMBDeviceInfoProvider - ok
09:14:20.0436 7076 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
09:14:20.0436 7076 PNRPAutoReg - ok
09:14:20.0467 7076 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:14:20.0467 7076 PNRPsvc - ok
09:14:20.0545 7076 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
09:14:20.0545 7076 PolicyAgent - ok
09:14:20.0608 7076 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
09:14:20.0623 7076 Power - ok
09:14:20.0686 7076 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
09:14:20.0701 7076 PptpMiniport - ok
09:14:20.0732 7076 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
09:14:20.0732 7076 Processor - ok
09:14:20.0795 7076 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
09:14:20.0795 7076 ProfSvc - ok
09:14:20.0842 7076 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:14:20.0857 7076 ProtectedStorage - ok
09:14:20.0904 7076 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
09:14:20.0904 7076 Psched - ok
09:14:20.0920 7076 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
09:14:20.0920 7076 PxHlpa64 - ok
09:14:21.0076 7076 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
09:14:21.0122 7076 ql2300 - ok
09:14:21.0278 7076 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
09:14:21.0294 7076 ql40xx - ok
09:14:21.0325 7076 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
09:14:21.0341 7076 QWAVE - ok
09:14:21.0372 7076 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
09:14:21.0372 7076 QWAVEdrv - ok
09:14:21.0388 7076 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
09:14:21.0388 7076 RasAcd - ok
09:14:21.0434 7076 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
09:14:21.0434 7076 RasAgileVpn - ok
09:14:21.0481 7076 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
09:14:21.0497 7076 RasAuto - ok
09:14:21.0544 7076 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:14:21.0544 7076 Rasl2tp - ok
09:14:21.0606 7076 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
09:14:21.0606 7076 RasMan - ok
09:14:21.0653 7076 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
09:14:21.0668 7076 RasPppoe - ok
09:14:21.0684 7076 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
09:14:21.0684 7076 RasSstp - ok
09:14:21.0746 7076 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
09:14:21.0762 7076 rdbss - ok
09:14:21.0778 7076 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
09:14:21.0778 7076 rdpbus - ok
09:14:21.0809 7076 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:14:21.0824 7076 RDPCDD - ok
09:14:21.0856 7076 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
09:14:21.0856 7076 RDPENCDD - ok
09:14:21.0871 7076 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
09:14:21.0871 7076 RDPREFMP - ok
09:14:21.0934 7076 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
09:14:21.0934 7076 RDPWD - ok
09:14:21.0996 7076 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
09:14:22.0012 7076 rdyboost - ok
09:14:22.0043 7076 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
09:14:22.0043 7076 RemoteAccess - ok
09:14:22.0090 7076 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
09:14:22.0105 7076 RemoteRegistry - ok
09:14:22.0136 7076 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
09:14:22.0152 7076 RFCOMM - ok
09:14:22.0199 7076 rimspci (fa6abc06b629da29634d31f1fe0347bd) C:\Windows\system32\drivers\rimssne64.sys
09:14:22.0214 7076 rimspci - ok
09:14:22.0261 7076 risdsnpe (8f8539a7f5c117d4407b2985995671f2) C:\Windows\system32\drivers\risdsne64.sys
09:14:22.0277 7076 risdsnpe - ok
09:14:22.0308 7076 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
09:14:22.0308 7076 RpcEptMapper - ok
09:14:22.0339 7076 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
09:14:22.0339 7076 RpcLocator - ok
09:14:22.0417 7076 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
09:14:22.0433 7076 RpcSs - ok
09:14:22.0464 7076 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
09:14:22.0480 7076 rspndr - ok
09:14:22.0542 7076 RTHDMIAzAudService (c20f64fcd5e2b40310a1774495877acd) C:\Windows\system32\drivers\RtHDMIVX.sys
09:14:22.0558 7076 RTHDMIAzAudService - ok
09:14:22.0667 7076 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:14:22.0667 7076 SamSs - ok
09:14:22.0698 7076 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
09:14:22.0714 7076 sbp2port - ok
09:14:22.0885 7076 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
09:14:22.0901 7076 SBSDWSCService - ok
09:14:22.0932 7076 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
09:14:22.0948 7076 SCardSvr - ok
09:14:23.0026 7076 SCDEmu (6ce6f98ea3d07a9c2ce3cd0a5a86352d) C:\Windows\system32\drivers\SCDEmu.sys
09:14:23.0026 7076 SCDEmu - ok
09:14:23.0072 7076 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
09:14:23.0072 7076 scfilter - ok
09:14:23.0197 7076 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
09:14:23.0213 7076 Schedule - ok
09:14:23.0260 7076 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
09:14:23.0260 7076 SCPolicySvc - ok
09:14:23.0338 7076 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
09:14:23.0338 7076 sdbus - ok
09:14:23.0384 7076 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
09:14:23.0400 7076 SDRSVC - ok
09:14:23.0447 7076 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
09:14:23.0447 7076 secdrv - ok
09:14:23.0462 7076 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
09:14:23.0462 7076 seclogon - ok
09:14:23.0509 7076 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
09:14:23.0509 7076 SENS - ok
09:14:23.0525 7076 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
09:14:23.0540 7076 SensrSvc - ok
09:14:23.0556 7076 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
09:14:23.0556 7076 Serenum - ok
09:14:23.0587 7076 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
09:14:23.0587 7076 Serial - ok
09:14:23.0634 7076 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
09:14:23.0650 7076 sermouse - ok
09:14:23.0696 7076 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
09:14:23.0712 7076 SessionEnv - ok
09:14:23.0743 7076 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
09:14:23.0743 7076 SFEP - ok
09:14:23.0774 7076 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
09:14:23.0790 7076 sffdisk - ok
09:14:23.0806 7076 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
09:14:23.0806 7076 sffp_mmc - ok
09:14:23.0806 7076 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
09:14:23.0821 7076 sffp_sd - ok
09:14:23.0852 7076 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
09:14:23.0852 7076 sfloppy - ok
09:14:23.0930 7076 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
09:14:23.0946 7076 SharedAccess - ok
09:14:24.0008 7076 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
09:14:24.0024 7076 ShellHWDetection - ok
09:14:24.0071 7076 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
09:14:24.0071 7076 SiSRaid2 - ok
09:14:24.0102 7076 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
09:14:24.0118 7076 SiSRaid4 - ok
09:14:24.0149 7076 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
09:14:24.0149 7076 Smb - ok
09:14:24.0196 7076 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
09:14:24.0196 7076 SNMPTRAP - ok
09:14:24.0289 7076 SOHCImp (c3e69db0a4e59564230e053232f39ac7) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
09:14:24.0305 7076 SOHCImp - ok
09:14:24.0367 7076 SOHDms (65cc4779a29c3e82b987bd4961790dff) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
09:14:24.0367 7076 SOHDms - ok
09:14:24.0383 7076 SOHDs (f47d75cee1844eef4a9ea6ee768828fb) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
09:14:24.0398 7076 SOHDs - ok
09:14:24.0523 7076 speedfan (5f9785e7535f8f602cb294a54962c9e7) C:\Windows\syswow64\speedfan.sys
09:14:24.0523 7076 speedfan - ok
09:14:24.0632 7076 SpfService (5449fc97476f52e027409e703791e6a9) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
09:14:24.0632 7076 SpfService - ok
09:14:24.0757 7076 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
09:14:24.0757 7076 spldr - ok
09:14:24.0851 7076 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
09:14:24.0866 7076 Spooler - ok
09:14:25.0178 7076 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
09:14:25.0225 7076 sppsvc - ok
09:14:25.0366 7076 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
09:14:25.0366 7076 sppuinotify - ok
09:14:25.0522 7076 sptd (34f974f8b3c86de03a30dcbe79091c97) C:\Windows\system32\Drivers\sptd.sys
09:14:25.0522 7076 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 34f974f8b3c86de03a30dcbe79091c97
09:14:25.0537 7076 sptd ( LockedFile.Multi.Generic ) - warning
09:14:25.0537 7076 sptd - detected LockedFile.Multi.Generic (1)
09:14:25.0615 7076 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
09:14:25.0631 7076 srv - ok
09:14:25.0693 7076 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
09:14:25.0693 7076 srv2 - ok
09:14:25.0740 7076 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
09:14:25.0740 7076 srvnet - ok
09:14:25.0787 7076 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
09:14:25.0802 7076 SSDPSRV - ok
09:14:25.0818 7076 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
09:14:25.0818 7076 SstpSvc - ok
09:14:26.0005 7076 StarWindServiceAE (e5c796b621f6fba8616511063d7f0ffe) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
09:14:26.0005 7076 StarWindServiceAE - ok
09:14:26.0021 7076 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
09:14:26.0021 7076 stexstor - ok
09:14:26.0114 7076 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
09:14:26.0114 7076 stisvc - ok
09:14:26.0161 7076 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
09:14:26.0161 7076 swenum - ok
09:14:26.0239 7076 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
09:14:26.0255 7076 swprv - ok
09:14:26.0270 7076 SysInfo - ok
09:14:26.0442 7076 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
09:14:26.0473 7076 SysMain - ok
09:14:26.0629 7076 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
09:14:26.0629 7076 TabletInputService - ok
09:14:26.0692 7076 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
09:14:26.0692 7076 TapiSrv - ok
09:14:26.0723 7076 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
09:14:26.0738 7076 TBS - ok
09:14:26.0941 7076 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
09:14:26.0988 7076 Tcpip - ok
09:14:27.0300 7076 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
09:14:27.0316 7076 TCPIP6 - ok
09:14:27.0487 7076 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
09:14:27.0503 7076 tcpipreg - ok
09:14:27.0565 7076 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
09:14:27.0565 7076 TDPIPE - ok
09:14:27.0612 7076 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
09:14:27.0612 7076 TDTCP - ok
09:14:27.0643 7076 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
09:14:27.0643 7076 tdx - ok
09:14:27.0690 7076 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
09:14:27.0690 7076 TermDD - ok
09:14:27.0784 7076 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
09:14:27.0784 7076 TermService - ok
09:14:27.0815 7076 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
09:14:27.0815 7076 Themes - ok
09:14:27.0862 7076 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:14:27.0862 7076 THREADORDER - ok
09:14:27.0877 7076 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
09:14:27.0877 7076 TrkWks - ok
09:14:27.0971 7076 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
09:14:27.0971 7076 TrustedInstaller - ok
09:14:28.0018 7076 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:14:28.0018 7076 tssecsrv - ok
09:14:28.0049 7076 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
09:14:28.0064 7076 TsUsbFlt - ok
09:14:28.0096 7076 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
09:14:28.0096 7076 tunnel - ok
09:14:28.0127 7076 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
09:14:28.0127 7076 uagp35 - ok
09:14:28.0220 7076 uCamMonitor (63f6d08c54d5b3c1b12a6172032055c7) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
09:14:28.0220 7076 uCamMonitor - ok
09:14:28.0283 7076 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
09:14:28.0298 7076 udfs - ok
09:14:28.0345 7076 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
09:14:28.0345 7076 UI0Detect - ok
09:14:28.0408 7076 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
09:14:28.0408 7076 uliagpkx - ok
09:14:28.0470 7076 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
09:14:28.0470 7076 umbus - ok
09:14:28.0501 7076 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
09:14:28.0517 7076 UmPass - ok
09:14:28.0798 7076 UNS (11a559e0f10cc5e788984023df400a6f) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
09:14:28.0844 7076 UNS - ok
09:14:29.0016 7076 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
09:14:29.0016 7076 upnphost - ok
09:14:29.0110 7076 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
09:14:29.0110 7076 usbccgp - ok
09:14:29.0172 7076 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
09:14:29.0188 7076 usbcir - ok
09:14:29.0203 7076 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
09:14:29.0219 7076 usbehci - ok
09:14:29.0266 7076 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
09:14:29.0281 7076 usbhub - ok
09:14:29.0312 7076 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
09:14:29.0312 7076 usbohci - ok
09:14:29.0344 7076 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
09:14:29.0344 7076 usbprint - ok
09:14:29.0406 7076 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
09:14:29.0406 7076 usbscan - ok
09:14:29.0453 7076 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
09:14:29.0453 7076 USBSTOR - ok
09:14:29.0468 7076 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
09:14:29.0468 7076 usbuhci - ok
09:14:29.0531 7076 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
09:14:29.0531 7076 usbvideo - ok
09:14:29.0562 7076 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
09:14:29.0562 7076 UxSms - ok
09:14:29.0671 7076 VAIO Event Service (a60605fc66552b421ee1f3d4ebb9a4e0) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
09:14:29.0671 7076 VAIO Event Service - ok
09:14:29.0796 7076 VAIO Power Management (d469be2723f79cf4b384680b1fdc577d) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
09:14:29.0812 7076 VAIO Power Management - ok
09:14:29.0858 7076 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:14:29.0858 7076 VaultSvc - ok
09:14:30.0014 7076 VCFw (6888526aeb8ddabde6f778fd40fc0693) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
09:14:30.0030 7076 VCFw - ok
09:14:30.0202 7076 VcmIAlzMgr (07f47a1df726537313c1023515175532) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
09:14:30.0202 7076 VcmIAlzMgr - ok
09:14:30.0280 7076 VcmINSMgr (cbb9f0d1017e0bed4cb5bbc0ebf26dc1) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
09:14:30.0280 7076 VcmINSMgr - ok
09:14:30.0373 7076 VcmXmlIfHelper (c8e3ba694cc5eacec4c01660ace40d56) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
09:14:30.0373 7076 VcmXmlIfHelper - ok
09:14:30.0482 7076 VCService (d347d3abe070aa09c22fc37121555d52) C:\Program Files\Sony\VAIO Care\VCService.exe
09:14:30.0482 7076 VCService - ok
09:14:30.0638 7076 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
09:14:30.0654 7076 vdrvroot - ok
09:14:30.0748 7076 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
09:14:30.0763 7076 vds - ok
09:14:30.0794 7076 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
09:14:30.0810 7076 vga - ok
09:14:30.0826 7076 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
09:14:30.0826 7076 VgaSave - ok
09:14:30.0872 7076 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
09:14:30.0872 7076 vhdmp - ok
09:14:30.0919 7076 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
09:14:30.0919 7076 viaide - ok
09:14:30.0935 7076 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
09:14:30.0935 7076 volmgr - ok
09:14:30.0997 7076 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
09:14:30.0997 7076 volmgrx - ok
09:14:31.0060 7076 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
09:14:31.0075 7076 volsnap - ok
09:14:31.0106 7076 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
09:14:31.0106 7076 vsmraid - ok
09:14:31.0309 7076 VSNService (a7eb62c664a03901165290a714bd48d0) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
09:14:31.0325 7076 VSNService - ok
09:14:31.0450 7076 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
09:14:31.0465 7076 VSS - ok
09:14:31.0730 7076 VUAgent (fb4a1695d2d74f9c92ca5e84795cdbe1) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
09:14:31.0762 7076 VUAgent - ok
09:14:31.0918 7076 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
09:14:31.0918 7076 vwifibus - ok
09:14:31.0964 7076 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
09:14:31.0964 7076 vwififlt - ok
09:14:32.0027 7076 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
09:14:32.0042 7076 W32Time - ok
09:14:32.0074 7076 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
09:14:32.0074 7076 WacomPen - ok
09:14:32.0136 7076 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
09:14:32.0136 7076 WANARP - ok
09:14:32.0136 7076 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
09:14:32.0136 7076 Wanarpv6 - ok
09:14:32.0292 7076 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
09:14:32.0339 7076 wbengine - ok
09:14:32.0510 7076 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
09:14:32.0526 7076 WbioSrvc - ok
09:14:32.0588 7076 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
09:14:32.0604 7076 wcncsvc - ok
09:14:32.0635 7076 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
09:14:32.0635 7076 WcsPlugInService - ok
09:14:32.0698 7076 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
09:14:32.0713 7076 Wd - ok
09:14:32.0791 7076 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
09:14:32.0822 7076 Wdf01000 - ok
09:14:32.0869 7076 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:14:32.0869 7076 WdiServiceHost - ok
09:14:32.0869 7076 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:14:32.0869 7076 WdiSystemHost - ok
09:14:32.0932 7076 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
09:14:32.0932 7076 WebClient - ok
09:14:32.0978 7076 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
09:14:32.0994 7076 Wecsvc - ok
09:14:33.0010 7076 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
09:14:33.0010 7076 wercplsupport - ok
09:14:33.0056 7076 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
09:14:33.0056 7076 WerSvc - ok
09:14:33.0134 7076 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
09:14:33.0134 7076 WfpLwf - ok
09:14:33.0166 7076 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
09:14:33.0166 7076 WIMMount - ok
09:14:33.0181 7076 WinHttpAutoProxySvc - ok
09:14:33.0275 7076 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
09:14:33.0275 7076 Winmgmt - ok
09:14:33.0478 7076 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
09:14:33.0509 7076 WinRM - ok
09:14:33.0743 7076 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
09:14:33.0758 7076 Wlansvc - ok
09:14:33.0836 7076 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
09:14:33.0852 7076 WmiAcpi - ok
09:14:33.0930 7076 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
09:14:33.0930 7076 wmiApSrv - ok
09:14:33.0992 7076 WMPNetworkSvc - ok
09:14:34.0039 7076 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
09:14:34.0039 7076 WPCSvc - ok
09:14:34.0070 7076 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
09:14:34.0086 7076 WPDBusEnum - ok
09:14:34.0102 7076 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
09:14:34.0102 7076 ws2ifsl - ok
09:14:34.0133 7076 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
09:14:34.0133 7076 wscsvc - ok
09:14:34.0133 7076 WSearch - ok
09:14:34.0351 7076 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
09:14:34.0398 7076 wuauserv - ok
09:14:34.0585 7076 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
09:14:34.0585 7076 WudfPf - ok
09:14:34.0632 7076 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
09:14:34.0632 7076 WUDFRd - ok
09:14:34.0648 7076 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
09:14:34.0648 7076 wudfsvc - ok
09:14:34.0710 7076 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
09:14:34.0726 7076 WwanSvc - ok
09:14:34.0804 7076 X6va007 - ok
09:14:34.0866 7076 yukonw7 (5250193ef8e173aa7491250f00eb367f) C:\Windows\system32\DRIVERS\yk62x64.sys
09:14:34.0882 7076 yukonw7 - ok
09:14:34.0913 7076 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
09:14:35.0537 7076 \Device\Harddisk0\DR0 - ok
09:14:35.0552 7076 Boot (0x1200) (166f3974c1b00ef8ad1c2a6bdfafab78) \Device\Harddisk0\DR0\Partition0
09:14:35.0552 7076 \Device\Harddisk0\DR0\Partition0 - ok
09:14:35.0552 7076 Boot (0x1200) (04b5292c98f9300b2cf612e6ae4a0609) \Device\Harddisk0\DR0\Partition1
09:14:35.0552 7076 \Device\Harddisk0\DR0\Partition1 - ok
09:14:35.0552 7076 ============================================================
09:14:35.0552 7076 Scan finished
09:14:35.0552 7076 ============================================================
09:14:35.0568 4412 Detected object count: 2
09:14:35.0568 4412 Actual detected object count: 2
09:14:55.0193 4412 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
09:14:55.0193 4412 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
09:14:55.0193 4412 sptd ( LockedFile.Multi.Generic ) - skipped by user
09:14:55.0193 4412 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
09:15:10.0528 2960 ============================================================
09:15:10.0528 2960 Scan started
09:15:10.0528 2960 Mode: Manual;
09:15:10.0528 2960 ============================================================
09:15:10.0762 2960 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
09:15:10.0762 2960 1394ohci - ok
09:15:10.0840 2960 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
09:15:10.0840 2960 ACDaemon - ok
09:15:10.0902 2960 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
09:15:10.0918 2960 ACPI - ok
09:15:10.0965 2960 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
09:15:10.0965 2960 AcpiPmi - ok
09:15:11.0027 2960 AdobeActiveFileMonitor8.0 (34400005de52842c4d6d4ee978b4d7ce) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
09:15:11.0027 2960 AdobeActiveFileMonitor8.0 - ok
09:15:11.0105 2960 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
09:15:11.0121 2960 adp94xx - ok
09:15:11.0183 2960 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
09:15:11.0183 2960 adpahci - ok
09:15:11.0230 2960 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
09:15:11.0230 2960 adpu320 - ok
09:15:11.0277 2960 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
09:15:11.0277 2960 AeLookupSvc - ok
09:15:11.0355 2960 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
09:15:11.0370 2960 AFD - ok
09:15:11.0417 2960 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
09:15:11.0417 2960 agp440 - ok
09:15:11.0776 2960 Akamai (c775d704feb2b600a5bf7b0b088546af) c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll
09:15:11.0776 2960 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll. md5: c775d704feb2b600a5bf7b0b088546af
09:15:11.0776 2960 Akamai ( HiddenFile.Multi.Generic ) - warning
09:15:11.0776 2960 Akamai - detected HiddenFile.Multi.Generic (1)
09:15:11.0932 2960 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
09:15:11.0932 2960 ALG - ok
09:15:11.0979 2960 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
09:15:11.0979 2960 aliide - ok
09:15:12.0041 2960 AMD External Events Utility (3f9b03b72577a6a7405bf30801cbd159) C:\Windows\system32\atiesrxx.exe
09:15:12.0041 2960 AMD External Events Utility - ok
09:15:12.0072 2960 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
09:15:12.0088 2960 amdide - ok
09:15:12.0119 2960 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
09:15:12.0135 2960 AmdK8 - ok
09:15:12.0665 2960 amdkmdag (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys
09:15:12.0712 2960 amdkmdag - ok
09:15:12.0868 2960 amdkmdap (dca6e341a4a7c31ea8a14c6166c9b249) C:\Windows\system32\DRIVERS\atikmpag.sys
09:15:12.0868 2960 amdkmdap - ok
09:15:12.0899 2960 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
09:15:12.0899 2960 AmdPPM - ok
09:15:12.0946 2960 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
09:15:12.0946 2960 amdsata - ok
09:15:12.0993 2960 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
09:15:13.0008 2960 amdsbs - ok
09:15:13.0039 2960 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
09:15:13.0039 2960 amdxata - ok
09:15:13.0117 2960 AntiVirSchedulerService (a122d68ea2541453f787f341877cb40b) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
09:15:13.0117 2960 AntiVirSchedulerService - ok
09:15:13.0149 2960 AntiVirService (2fe359edeb34efcf42574752f8aebd3f) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
09:15:13.0149 2960 AntiVirService - ok
09:15:13.0195 2960 ApfiltrService (2d45f2dfbc3d8f53df7ebeffa8c9bc38) C:\Windows\system32\drivers\Apfiltr.sys
09:15:13.0211 2960 ApfiltrService - ok
09:15:13.0242 2960 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
09:15:13.0258 2960 AppID - ok
09:15:13.0289 2960 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
09:15:13.0305 2960 AppIDSvc - ok
09:15:13.0320 2960 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
09:15:13.0320 2960 Appinfo - ok
09:15:13.0367 2960 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
09:15:13.0367 2960 arc - ok
09:15:13.0398 2960 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
09:15:13.0398 2960 arcsas - ok
09:15:13.0414 2960 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
09:15:13.0414 2960 ArcSoftKsUFilter - ok
09:15:13.0554 2960 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:15:13.0554 2960 aspnet_state - ok
09:15:13.0570 2960 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
09:15:13.0570 2960 AsyncMac - ok
09:15:13.0601 2960 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
09:15:13.0617 2960 atapi - ok
09:15:13.0773 2960 athr (cca705cdf038d5bc243203ce4416b345) C:\Windows\system32\DRIVERS\athrx.sys
09:15:13.0788 2960 athr - ok
09:15:14.0443 2960 atikmdag (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys
09:15:14.0475 2960 atikmdag - ok
09:15:14.0677 2960 atksgt (fc0e8778c000291caf60eb88c011e931) C:\Windows\system32\DRIVERS\atksgt.sys
09:15:14.0693 2960 atksgt - ok
09:15:14.0787 2960 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
09:15:14.0802 2960 AudioEndpointBuilder - ok
09:15:14.0818 2960 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
09:15:14.0818 2960 AudioSrv - ok
09:15:14.0849 2960 avgntflt (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
09:15:14.0849 2960 avgntflt - ok
09:15:14.0865 2960 avipbb (852e3c0a60d368c487949e55ad52a47f) C:\Windows\system32\DRIVERS\avipbb.sys
09:15:14.0880 2960 avipbb - ok
09:15:14.0896 2960 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
09:15:14.0896 2960 avkmgr - ok
09:15:14.0927 2960 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
09:15:14.0927 2960 AxInstSV - ok
09:15:14.0989 2960 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
09:15:15.0005 2960 b06bdrv - ok
09:15:15.0036 2960 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
09:15:15.0052 2960 b57nd60a - ok
09:15:15.0099 2960 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
09:15:15.0099 2960 BDESVC - ok
09:15:15.0114 2960 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
09:15:15.0114 2960 Beep - ok
09:15:15.0208 2960 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
09:15:15.0223 2960 BFE - ok
09:15:15.0317 2960 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
09:15:15.0333 2960 BITS - ok
09:15:15.0379 2960 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
09:15:15.0395 2960 blbdrive - ok
09:15:15.0442 2960 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
09:15:15.0442 2960 bowser - ok
09:15:15.0457 2960 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
09:15:15.0473 2960 BrFiltLo - ok
09:15:15.0489 2960 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
09:15:15.0489 2960 BrFiltUp - ok
09:15:15.0535 2960 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
09:15:15.0535 2960 Browser - ok
09:15:15.0598 2960 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
09:15:15.0598 2960 Brserid - ok
09:15:15.0629 2960 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
09:15:15.0629 2960 BrSerWdm - ok
09:15:15.0676 2960 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
09:15:15.0676 2960 BrUsbMdm - ok
09:15:15.0707 2960 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
09:15:15.0707 2960 BrUsbSer - ok
09:15:15.0754 2960 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
09:15:15.0754 2960 BthEnum - ok
09:15:15.0785 2960 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
09:15:15.0785 2960 BTHMODEM - ok
09:15:15.0801 2960 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
09:15:15.0801 2960 BthPan - ok
09:15:15.0863 2960 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
09:15:15.0879 2960 BTHPORT - ok
09:15:15.0910 2960 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
09:15:15.0910 2960 bthserv - ok
09:15:15.0941 2960 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
09:15:15.0941 2960 BTHUSB - ok
09:15:15.0988 2960 btwampfl (59e3510784548c6939c1b3b985c232e3) C:\Windows\system32\drivers\btwampfl.sys
09:15:16.0003 2960 btwampfl - ok
09:15:16.0035 2960 btwaudio (1872074ed0a3fb22e3f1e3197b984bfa) C:\Windows\system32\drivers\btwaudio.sys
09:15:16.0035 2960 btwaudio - ok
09:15:16.0066 2960 btwavdt (691cf076c33ab1c3a5b2fd5450300733) C:\Windows\system32\drivers\btwavdt.sys
09:15:16.0081 2960 btwavdt - ok
09:15:16.0222 2960 btwdins (8ba6e93a182126781952a7895ec1e4b2) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
09:15:16.0253 2960 btwdins - ok
09:15:16.0284 2960 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
09:15:16.0284 2960 btwl2cap - ok
09:15:16.0315 2960 btwrchid (c9273b20dec8ce38dbce5d29de63c907) C:\Windows\system32\DRIVERS\btwrchid.sys
09:15:16.0331 2960 btwrchid - ok
09:15:16.0362 2960 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
09:15:16.0378 2960 cdfs - ok
09:15:16.0409 2960 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
09:15:16.0425 2960 cdrom - ok
09:15:16.0456 2960 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
09:15:16.0471 2960 CertPropSvc - ok
09:15:16.0503 2960 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
09:15:16.0503 2960 circlass - ok
09:15:16.0549 2960 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
09:15:16.0565 2960 CLFS - ok
09:15:16.0612 2960 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:15:16.0627 2960 clr_optimization_v2.0.50727_32 - ok
09:15:16.0659 2960 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:15:16.0659 2960 clr_optimization_v2.0.50727_64 - ok
09:15:16.0737 2960 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:15:16.0737 2960 clr_optimization_v4.0.30319_32 - ok
09:15:16.0783 2960 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:15:16.0799 2960 clr_optimization_v4.0.30319_64 - ok
09:15:16.0830 2960 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
09:15:16.0846 2960 CmBatt - ok
09:15:16.0893 2960 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
09:15:16.0893 2960 cmdide - ok
09:15:16.0971 2960 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
09:15:16.0986 2960 CNG - ok
09:15:17.0017 2960 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
09:15:17.0017 2960 Compbatt - ok
09:15:17.0064 2960 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
09:15:17.0064 2960 CompositeBus - ok
09:15:17.0064 2960 COMSysApp - ok
09:15:17.0095 2960 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
09:15:17.0095 2960 crcdisk - ok
09:15:17.0158 2960 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
09:15:17.0158 2960 CryptSvc - ok
09:15:17.0236 2960 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
09:15:17.0251 2960 DcomLaunch - ok
09:15:17.0298 2960 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
09:15:17.0314 2960 defragsvc - ok
09:15:17.0361 2960 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
09:15:17.0361 2960 DfsC - ok
09:15:17.0361 2960 dgderdrv - ok
09:15:17.0407 2960 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
09:15:17.0407 2960 Dhcp - ok
09:15:17.0439 2960 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
09:15:17.0439 2960 discache - ok
09:15:17.0485 2960 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
09:15:17.0485 2960 Disk - ok
09:15:17.0532 2960 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
09:15:17.0532 2960 Dnscache - ok
09:15:17.0595 2960 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
09:15:17.0610 2960 dot3svc - ok
09:15:17.0657 2960 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
09:15:17.0657 2960 DPS - ok
09:15:17.0688 2960 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
09:15:17.0688 2960 drmkaud - ok
09:15:17.0813 2960 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
09:15:17.0829 2960 DXGKrnl - ok
09:15:17.0844 2960 EagleX64 - ok
09:15:17.0891 2960 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
09:15:17.0891 2960 EapHost - ok
09:15:18.0172 2960 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
09:15:18.0219 2960 ebdrv - ok
09:15:18.0375 2960 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
09:15:18.0375 2960 EFS - ok
09:15:18.0468 2960 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
09:15:18.0484 2960 ehRecvr - ok
09:15:18.0531 2960 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
09:15:18.0531 2960 ehSched - ok
09:15:18.0624 2960 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
09:15:18.0624 2960 elxstor - ok
09:15:18.0671 2960 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
09:15:18.0687 2960 ErrDev - ok
09:15:18.0733 2960 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
09:15:18.0749 2960 EventSystem - ok
09:15:18.0780 2960 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
09:15:18.0796 2960 exfat - ok
09:15:18.0843 2960 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
09:15:18.0843 2960 fastfat - ok
09:15:18.0936 2960 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
09:15:18.0952 2960 Fax - ok
09:15:18.0983 2960 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
09:15:18.0983 2960 fdc - ok
09:15:19.0014 2960 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
09:15:19.0030 2960 fdPHost - ok
09:15:19.0030 2960 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
09:15:19.0045 2960 FDResPub - ok
09:15:19.0061 2960 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
09:15:19.0061 2960 FileInfo - ok
09:15:19.0077 2960 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
09:15:19.0092 2960 Filetrace - ok
09:15:19.0326 2960 FirebirdServerMAGIXInstance (167d24a045499ebef438f231976158df) C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe
09:15:19.0357 2960 FirebirdServerMAGIXInstance - ok
09:15:19.0482 2960 FLEXnet Licensing Service (abedfd48ac042c6aaad32452e77217a1) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:15:19.0498 2960 FLEXnet Licensing Service - ok
09:15:19.0638 2960 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
09:15:19.0638 2960 flpydisk - ok
09:15:19.0701 2960 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
09:15:19.0716 2960 FltMgr - ok
09:15:19.0841 2960 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
09:15:19.0857 2960 FontCache - ok
09:15:19.0950 2960 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:15:19.0950 2960 FontCache3.0.0.0 - ok
09:15:19.0997 2960 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
09:15:20.0013 2960 FsDepends - ok
09:15:20.0044 2960 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
09:15:20.0044 2960 Fs_Rec - ok
09:15:20.0091 2960 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
09:15:20.0106 2960 fvevol - ok
09:15:20.0122 2960 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
09:15:20.0122 2960 gagp30kx - ok
09:15:20.0215 2960 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
09:15:20.0231 2960 gpsvc - ok
09:15:20.0262 2960 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
09:15:20.0262 2960 hcw85cir - ok
09:15:20.0325 2960 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
09:15:20.0340 2960 HdAudAddService - ok
09:15:20.0387 2960 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
09:15:20.0387 2960 HDAudBus - ok
09:15:20.0418 2960 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\drivers\HECIx64.sys
09:15:20.0434 2960 HECIx64 - ok
09:15:20.0465 2960 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
09:15:20.0465 2960 HidBatt - ok
09:15:20.0496 2960 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
09:15:20.0512 2960 HidBth - ok
09:15:20.0527 2960 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
09:15:20.0527 2960 HidIr - ok
09:15:20.0559 2960 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
09:15:20.0559 2960 hidserv - ok
09:15:20.0605 2960 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
09:15:20.0605 2960 HidUsb - ok
09:15:20.0637 2960 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
09:15:20.0652 2960 hkmsvc - ok
09:15:20.0699 2960 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
09:15:20.0715 2960 HomeGroupListener - ok
09:15:20.0761 2960 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
09:15:20.0761 2960 HomeGroupProvider - ok
09:15:20.0793 2960 HPMo4DE3 (502433044773567f6ce942f8e0a621ca) C:\Windows\system32\DRIVERS\HPMo4DE3.sys
09:15:20.0808 2960 HPMo4DE3 - ok
09:15:20.0839 2960 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
09:15:20.0855 2960 HpSAMD - ok
09:15:20.0871 2960 HPub4DE3 (a635ddb3ed98953bb4d42079017b4e30) C:\Windows\system32\Drivers\HPub4DE3.sys
09:15:20.0871 2960 HPub4DE3 - ok
09:15:20.0980 2960 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
09:15:20.0995 2960 HTTP - ok
09:15:21.0027 2960 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
09:15:21.0027 2960 hwpolicy - ok
09:15:21.0073 2960 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
09:15:21.0073 2960 i8042prt - ok
09:15:21.0151 2960 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\drivers\iaStor.sys
09:15:21.0167 2960 iaStor - ok
09:15:21.0245 2960 IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
09:15:21.0245 2960 IAStorDataMgrSvc - ok
09:15:21.0307 2960 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
09:15:21.0323 2960 iaStorV - ok
09:15:21.0495 2960 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:15:21.0510 2960 idsvc - ok
09:15:22.0321 2960 igfx (2a22ab054f4630d2ef4bab2853f6d5f6) C:\Windows\system32\DRIVERS\igdkmd64.sys
09:15:22.0524 2960 igfx - ok
09:15:22.0680 2960 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
09:15:22.0680 2960 iirsp - ok
09:15:22.0789 2960 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
09:15:22.0805 2960 IKEEXT - ok
09:15:22.0852 2960 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
09:15:22.0852 2960 Impcd - ok
09:15:23.0117 2960 IntcAzAudAddService (26407a11d7e222afb7ce32700abbd9d1) C:\Windows\system32\drivers\RTKVHD64.sys
09:15:23.0164 2960 IntcAzAudAddService - ok
09:15:23.0335 2960 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
09:15:23.0335 2960 IntcDAud - ok
09:15:23.0367 2960 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
09:15:23.0382 2960 intelide - ok
09:15:23.0413 2960 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
09:15:23.0413 2960 intelppm - ok
09:15:23.0460 2960 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
09:15:23.0476 2960 IPBusEnum - ok
09:15:23.0507 2960 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:15:23.0523 2960 IpFilterDriver - ok
09:15:23.0569 2960 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
09:15:23.0569 2960 IPMIDRV - ok
09:15:23.0616 2960 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
09:15:23.0616 2960 IPNAT - ok
09:15:23.0632 2960 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
09:15:23.0632 2960 IRENUM - ok
09:15:23.0663 2960 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
09:15:23.0679 2960 isapnp - ok
09:15:23.0741 2960 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
09:15:23.0757 2960 iScsiPrt - ok
09:15:23.0772 2960 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
09:15:23.0788 2960 kbdclass - ok
09:15:23.0819 2960 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
09:15:23.0819 2960 kbdhid - ok
09:15:23.0866 2960 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:15:23.0866 2960 KeyIso - ok
09:15:23.0881 2960 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
09:15:23.0881 2960 KSecDD - ok
09:15:23.0913 2960 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
09:15:23.0913 2960 KSecPkg - ok
09:15:23.0959 2960 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
09:15:23.0959 2960 ksthunk - ok
09:15:24.0006 2960 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
09:15:24.0022 2960 KtmRm - ok
09:15:24.0084 2960 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
09:15:24.0084 2960 LanmanServer - ok
09:15:24.0131 2960 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
09:15:24.0147 2960 LanmanWorkstation - ok
09:15:24.0178 2960 lirsgt (156ab2e56dc3ca0b582e3362e07cded7) C:\Windows\system32\DRIVERS\lirsgt.sys
09:15:24.0178 2960 lirsgt - ok
09:15:24.0209 2960 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
09:15:24.0209 2960 lltdio - ok
09:15:24.0256 2960 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
09:15:24.0271 2960 lltdsvc - ok
09:15:24.0287 2960 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
09:15:24.0287 2960 lmhosts - ok
09:15:24.0396 2960 LMS (3d23191672d83e90d1cf63927ee98136) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
09:15:24.0396 2960 LMS - ok
09:15:24.0443 2960 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
09:15:24.0443 2960 LSI_FC - ok
09:15:24.0459 2960 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
09:15:24.0474 2960 LSI_SAS - ok
09:15:24.0521 2960 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
09:15:24.0521 2960 LSI_SAS2 - ok
09:15:24.0537 2960 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
09:15:24.0537 2960 LSI_SCSI - ok
09:15:24.0583 2960 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
09:15:24.0583 2960 luafv - ok
09:15:24.0615 2960 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
09:15:24.0630 2960 Mcx2Svc - ok
09:15:24.0661 2960 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
09:15:24.0661 2960 megasas - ok
09:15:24.0724 2960 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
09:15:24.0724 2960 MegaSR - ok
09:15:24.0755 2960 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:15:24.0771 2960 MMCSS - ok
09:15:24.0786 2960 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
09:15:24.0786 2960 Modem - ok
09:15:24.0802 2960 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
09:15:24.0802 2960 monitor - ok
09:15:24.0817 2960 motmodem - ok
09:15:24.0849 2960 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
09:15:24.0849 2960 mouclass - ok
09:15:24.0895 2960 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
09:15:24.0895 2960 mouhid - ok
09:15:24.0927 2960 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
09:15:24.0927 2960 mountmgr - ok
09:15:24.0989 2960 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:15:24.0989 2960 MozillaMaintenance - ok
09:15:25.0036 2960 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
09:15:25.0051 2960 mpio - ok
09:15:25.0083 2960 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
09:15:25.0083 2960 mpsdrv - ok
09:15:25.0129 2960 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
09:15:25.0145 2960 MRxDAV - ok
09:15:25.0176 2960 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:15:25.0176 2960 mrxsmb - ok
09:15:25.0223 2960 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:15:25.0239 2960 mrxsmb10 - ok
09:15:25.0270 2960 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:15:25.0270 2960 mrxsmb20 - ok
09:15:25.0301 2960 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
09:15:25.0317 2960 msahci - ok
09:15:25.0363 2960 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
09:15:25.0363 2960 msdsm - ok
09:15:25.0410 2960 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
09:15:25.0426 2960 MSDTC - ok
09:15:25.0457 2960 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
09:15:25.0473 2960 Msfs - ok
09:15:25.0488 2960 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
09:15:25.0488 2960 mshidkmdf - ok
09:15:25.0519 2960 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
09:15:25.0519 2960 msisadrv - ok
09:15:25.0566 2960 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
09:15:25.0566 2960 MSiSCSI - ok
09:15:25.0566 2960 msiserver - ok
09:15:25.0597 2960 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
09:15:25.0597 2960 MSKSSRV - ok
09:15:25.0629 2960 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
09:15:25.0629 2960 MSPCLOCK - ok
09:15:25.0660 2960 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
09:15:25.0660 2960 MSPQM - ok
09:15:25.0722 2960 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
09:15:25.0722 2960 MsRPC - ok
09:15:25.0753 2960 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
09:15:25.0753 2960 mssmbios - ok
09:15:25.0769 2960 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
09:15:25.0785 2960 MSTEE - ok
09:15:25.0800 2960 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
09:15:25.0800 2960 MTConfig - ok
09:15:25.0831 2960 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
09:15:25.0831 2960 Mup - ok
09:15:25.0894 2960 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
09:15:25.0909 2960 napagent - ok
09:15:25.0956 2960 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
09:15:25.0972 2960 NativeWifiP - ok
09:15:26.0081 2960 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
09:15:26.0097 2960 NDIS - ok
09:15:26.0128 2960 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
09:15:26.0128 2960 NdisCap - ok
09:15:26.0159 2960 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
09:15:26.0159 2960 NdisTapi - ok
09:15:26.0206 2960 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
09:15:26.0206 2960 Ndisuio - ok
09:15:26.0221 2960 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
09:15:26.0237 2960 NdisWan - ok
09:15:26.0268 2960 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
09:15:26.0268 2960 NDProxy - ok
09:15:26.0299 2960 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
09:15:26.0299 2960 NetBIOS - ok
09:15:26.0362 2960 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
09:15:26.0377 2960 NetBT - ok
09:15:26.0409 2960 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:15:26.0409 2960 Netlogon - ok
09:15:26.0455 2960 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
09:15:26.0455 2960 Netman - ok
09:15:26.0596 2960 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:15:26.0596 2960 NetMsmqActivator - ok
09:15:26.0611 2960 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:15:26.0611 2960 NetPipeActivator - ok
09:15:26.0674 2960 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
09:15:26.0689 2960 netprofm - ok
09:15:26.0689 2960 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:15:26.0689 2960 NetTcpActivator - ok
09:15:26.0689 2960 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:15:26.0689 2960 NetTcpPortSharing - ok
09:15:26.0767 2960 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
09:15:26.0767 2960 nfrd960 - ok
09:15:26.0830 2960 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
09:15:26.0830 2960 NlaSvc - ok
09:15:26.0955 2960 NMIndexingService (a328a46d87bb92ce4d8a4528e9d84787) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
09:15:26.0970 2960 NMIndexingService - ok
09:15:27.0001 2960 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
09:15:27.0001 2960 Npfs - ok
09:15:27.0033 2960 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
09:15:27.0033 2960 nsi - ok
09:15:27.0048 2960 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
09:15:27.0048 2960 nsiproxy - ok
09:15:27.0235 2960 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
09:15:27.0251 2960 Ntfs - ok
09:15:27.0391 2960 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
09:15:27.0407 2960 Null - ok
09:15:27.0438 2960 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
09:15:27.0438 2960 nvraid - ok
09:15:27.0469 2960 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
09:15:27.0469 2960 nvstor - ok
09:15:27.0516 2960 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
09:15:27.0516 2960 nv_agp - ok
09:15:27.0563 2960 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
09:15:27.0563 2960 ohci1394 - ok
09:15:27.0641 2960 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:15:27.0657 2960 ose - ok
09:15:27.0688 2960 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:15:27.0703 2960 p2pimsvc - ok
09:15:27.0750 2960 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
09:15:27.0766 2960 p2psvc - ok
09:15:27.0813 2960 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
09:15:27.0813 2960 Parport - ok
09:15:27.0859 2960 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
09:15:27.0859 2960 partmgr - ok
09:15:27.0922 2960 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
09:15:27.0922 2960 PcaSvc - ok
09:15:27.0984 2960 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
09:15:27.0984 2960 pci - ok
09:15:28.0031 2960 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
09:15:28.0031 2960 pciide - ok
09:15:28.0078 2960 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
09:15:28.0078 2960 pcmcia - ok
09:15:28.0125 2960 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
09:15:28.0125 2960 pcw - ok
09:15:28.0203 2960 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
09:15:28.0234 2960 PEAUTH - ok
09:15:28.0327 2960 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
09:15:28.0327 2960 PerfHost - ok
09:15:28.0561 2960 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
09:15:28.0593 2960 pla - ok
09:15:28.0655 2960 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
09:15:28.0671 2960 PlugPlay - ok
09:15:28.0795 2960 PMBDeviceInfoProvider (80e85394d8cd7f84340b1c6f4b9d698f) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
09:15:28.0811 2960 PMBDeviceInfoProvider - ok
09:15:28.0827 2960 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
09:15:28.0842 2960 PNRPAutoReg - ok
09:15:28.0873 2960 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:15:28.0873 2960 PNRPsvc - ok
09:15:28.0951 2960 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
09:15:28.0951 2960 PolicyAgent - ok
09:15:29.0014 2960 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
09:15:29.0014 2960 Power - ok
09:15:29.0076 2960 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
09:15:29.0092 2960 PptpMiniport - ok
09:15:29.0123 2960 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
09:15:29.0123 2960 Processor - ok
09:15:29.0170 2960 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
09:15:29.0185 2960 ProfSvc - ok
09:15:29.0232 2960 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:15:29.0232 2960 ProtectedStorage - ok
09:15:29.0279 2960 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
09:15:29.0279 2960 Psched - ok
09:15:29.0310 2960 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
09:15:29.0310 2960 PxHlpa64 - ok
09:15:29.0466 2960 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
09:15:29.0482 2960 ql2300 - ok
09:15:29.0653 2960 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
09:15:29.0653 2960 ql40xx - ok
09:15:29.0700 2960 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
09:15:29.0700 2960 QWAVE - ok
09:15:29.0731 2960 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
09:15:29.0731 2960 QWAVEdrv - ok
09:15:29.0763 2960 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
09:15:29.0763 2960 RasAcd - ok
09:15:29.0794 2960 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
09:15:29.0794 2960 RasAgileVpn - ok
09:15:29.0809 2960 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
09:15:29.0825 2960 RasAuto - ok
09:15:29.0856 2960 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:15:29.0872 2960 Rasl2tp - ok
09:15:29.0903 2960 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
09:15:29.0919 2960 RasMan - ok
09:15:29.0950 2960 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
09:15:29.0950 2960 RasPppoe - ok
09:15:29.0965 2960 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
09:15:29.0981 2960 RasSstp - ok
09:15:30.0028 2960 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
09:15:30.0043 2960 rdbss - ok
09:15:30.0075 2960 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
09:15:30.0075 2960 rdpbus - ok
09:15:30.0090 2960 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:15:30.0090 2960 RDPCDD - ok
09:15:30.0106 2960 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
09:15:30.0106 2960 RDPENCDD - ok
09:15:30.0121 2960 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
09:15:30.0137 2960 RDPREFMP - ok
09:15:30.0184 2960 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
09:15:30.0184 2960 RDPWD - ok
09:15:30.0246 2960 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
09:15:30.0246 2960 rdyboost - ok
09:15:30.0277 2960 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
09:15:30.0277 2960 RemoteAccess - ok
09:15:30.0324 2960 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
09:15:30.0324 2960 RemoteRegistry - ok
09:15:30.0371 2960 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
09:15:30.0371 2960 RFCOMM - ok
09:15:30.0402 2960 rimspci (fa6abc06b629da29634d31f1fe0347bd) C:\Windows\system32\drivers\rimssne64.sys
09:15:30.0418 2960 rimspci - ok
09:15:30.0433 2960 risdsnpe (8f8539a7f5c117d4407b2985995671f2) C:\Windows\system32\drivers\risdsne64.sys
09:15:30.0433 2960 risdsnpe - ok
09:15:30.0449 2960 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
09:15:30.0465 2960 RpcEptMapper - ok
09:15:30.0496 2960 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
09:15:30.0496 2960 RpcLocator - ok
09:15:30.0574 2960 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
09:15:30.0574 2960 RpcSs - ok
09:15:30.0605 2960 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
09:15:30.0621 2960 rspndr - ok
09:15:30.0667 2960 RTHDMIAzAudService (c20f64fcd5e2b40310a1774495877acd) C:\Windows\system32\drivers\RtHDMIVX.sys
09:15:30.0667 2960 RTHDMIAzAudService - ok
09:15:30.0714 2960 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:15:30.0714 2960 SamSs - ok
09:15:30.0745 2960 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
09:15:30.0761 2960 sbp2port - ok
09:15:30.0917 2960 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
09:15:30.0933 2960 SBSDWSCService - ok
09:15:30.0979 2960 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
09:15:30.0995 2960 SCardSvr - ok
09:15:31.0042 2960 SCDEmu (6ce6f98ea3d07a9c2ce3cd0a5a86352d) C:\Windows\system32\drivers\SCDEmu.sys
09:15:31.0057 2960 SCDEmu - ok
09:15:31.0089 2960 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
09:15:31.0089 2960 scfilter - ok
09:15:31.0213 2960 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
09:15:31.0229 2960 Schedule - ok
09:15:31.0307 2960 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
09:15:31.0307 2960 SCPolicySvc - ok
09:15:31.0354 2960 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
09:15:31.0369 2960 sdbus - ok
09:15:31.0416 2960 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
09:15:31.0432 2960 SDRSVC - ok
09:15:31.0463 2960 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
09:15:31.0463 2960 secdrv - ok
09:15:31.0494 2960 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
09:15:31.0494 2960 seclogon - ok
09:15:31.0525 2960 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
09:15:31.0525 2960 SENS - ok
09:15:31.0557 2960 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
09:15:31.0557 2960 SensrSvc - ok
09:15:31.0572 2960 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
09:15:31.0588 2960 Serenum - ok
09:15:31.0619 2960 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
09:15:31.0619 2960 Serial - ok
09:15:31.0666 2960 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
09:15:31.0666 2960 sermouse - ok
09:15:31.0728 2960 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
09:15:31.0728 2960 SessionEnv - ok
09:15:31.0744 2960 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
09:15:31.0759 2960 SFEP - ok
09:15:31.0806 2960 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
09:15:31.0822 2960 sffdisk - ok
09:15:31.0837 2960 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
09:15:31.0853 2960 sffp_mmc - ok
09:15:31.0884 2960 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
09:15:31.0884 2960 sffp_sd - ok
09:15:31.0931 2960 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
09:15:31.0931 2960 sfloppy - ok
09:15:31.0993 2960 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
09:15:32.0009 2960 SharedAccess - ok
09:15:32.0071 2960 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
09:15:32.0087 2960 ShellHWDetection - ok
09:15:32.0118 2960 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
09:15:32.0134 2960 SiSRaid2 - ok
09:15:32.0165 2960 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
09:15:32.0165 2960 SiSRaid4 - ok
09:15:32.0196 2960 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
09:15:32.0196 2960 Smb - ok
09:15:32.0227 2960 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
09:15:32.0227 2960 SNMPTRAP - ok
09:15:32.0337 2960 SOHCImp (c3e69db0a4e59564230e053232f39ac7) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
09:15:32.0337 2960 SOHCImp - ok
09:15:32.0399 2960 SOHDms (65cc4779a29c3e82b987bd4961790dff) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
09:15:32.0415 2960 SOHDms - ok
09:15:32.0430 2960 SOHDs (f47d75cee1844eef4a9ea6ee768828fb) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
09:15:32.0430 2960 SOHDs - ok
09:15:32.0539 2960 speedfan (5f9785e7535f8f602cb294a54962c9e7) C:\Windows\syswow64\speedfan.sys
09:15:32.0539 2960 speedfan - ok
09:15:32.0633 2960 SpfService (5449fc97476f52e027409e703791e6a9) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
09:15:32.0649 2960 SpfService - ok
09:15:32.0773 2960 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
09:15:32.0773 2960 spldr - ok
09:15:32.0867 2960 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
09:15:32.0867 2960 Spooler - ok
09:15:33.0179 2960 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
09:15:33.0226 2960 sppsvc - ok
09:15:33.0366 2960 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
09:15:33.0366 2960 sppuinotify - ok
09:15:33.0460 2960 sptd (34f974f8b3c86de03a30dcbe79091c97) C:\Windows\system32\Drivers\sptd.sys
09:15:33.0460 2960 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 34f974f8b3c86de03a30dcbe79091c97
09:15:33.0460 2960 sptd ( LockedFile.Multi.Generic ) - warning
09:15:33.0460 2960 sptd - detected LockedFile.Multi.Generic (1)
09:15:33.0538 2960 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
09:15:33.0538 2960 srv - ok
09:15:33.0585 2960 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
09:15:33.0600 2960 srv2 - ok
09:15:33.0647 2960 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
09:15:33.0647 2960 srvnet - ok
09:15:33.0694 2960 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
09:15:33.0709 2960 SSDPSRV - ok
09:15:33.0725 2960 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
09:15:33.0725 2960 SstpSvc - ok
09:15:33.0865 2960 StarWindServiceAE (e5c796b621f6fba8616511063d7f0ffe) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
09:15:33.0881 2960 StarWindServiceAE - ok
09:15:33.0897 2960 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
09:15:33.0912 2960 stexstor - ok
09:15:33.0975 2960 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
09:15:33.0990 2960 stisvc - ok
09:15:34.0037 2960 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
09:15:34.0037 2960 swenum - ok
09:15:34.0115 2960 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
09:15:34.0131 2960 swprv - ok
09:15:34.0131 2960 SysInfo - ok
09:15:34.0318 2960 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
09:15:34.0349 2960 SysMain - ok
09:15:34.0521 2960 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
09:15:34.0536 2960 TabletInputService - ok
09:15:34.0599 2960 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
09:15:34.0614 2960 TapiSrv - ok
09:15:34.0645 2960 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
09:15:34.0645 2960 TBS - ok
09:15:34.0864 2960 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
09:15:34.0895 2960 Tcpip - ok
09:15:35.0207 2960 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
09:15:35.0238 2960 TCPIP6 - ok
09:15:35.0410 2960 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
09:15:35.0410 2960 tcpipreg - ok
09:15:35.0441 2960 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
09:15:35.0441 2960 TDPIPE - ok
09:15:35.0472 2960 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
09:15:35.0472 2960 TDTCP - ok
09:15:35.0519 2960 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
09:15:35.0519 2960 tdx - ok
09:15:35.0566 2960 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
09:15:35.0566 2960 TermDD - ok
09:15:35.0659 2960 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
09:15:35.0675 2960 TermService - ok
09:15:35.0706 2960 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
09:15:35.0706 2960 Themes - ok
09:15:35.0753 2960 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:15:35.0753 2960 THREADORDER - ok
09:15:35.0769 2960 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
09:15:35.0769 2960 TrkWks - ok
09:15:35.0847 2960 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
09:15:35.0847 2960 TrustedInstaller - ok
09:15:35.0909 2960 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:15:35.0909 2960 tssecsrv - ok
09:15:35.0925 2960 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
09:15:35.0940 2960 TsUsbFlt - ok
09:15:35.0956 2960 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
09:15:35.0971 2960 tunnel - ok
09:15:36.0003 2960 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
09:15:36.0003 2960 uagp35 - ok
09:15:36.0081 2960 uCamMonitor (63f6d08c54d5b3c1b12a6172032055c7) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
09:15:36.0081 2960 uCamMonitor - ok
09:15:36.0174 2960 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
09:15:36.0190 2960 udfs - ok
09:15:36.0237 2960 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
09:15:36.0237 2960 UI0Detect - ok
09:15:36.0283 2960 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
09:15:36.0299 2960 uliagpkx - ok
09:15:36.0346 2960 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
09:15:36.0346 2960 umbus - ok
09:15:36.0377 2960 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
09:15:36.0393 2960 UmPass - ok
09:15:36.0658 2960 UNS (11a559e0f10cc5e788984023df400a6f) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
09:15:36.0705 2960 UNS - ok
09:15:36.0876 2960 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
09:15:36.0876 2960 upnphost - ok
09:15:36.0970 2960 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
09:15:36.0985 2960 usbccgp - ok
09:15:37.0032 2960 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
09:15:37.0032 2960 usbcir - ok
09:15:37.0063 2960 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
09:15:37.0063 2960 usbehci - ok
09:15:37.0110 2960 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
09:15:37.0126 2960 usbhub - ok
09:15:37.0157 2960 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
09:15:37.0157 2960 usbohci - ok
09:15:37.0188 2960 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
09:15:37.0188 2960 usbprint - ok
09:15:37.0219 2960 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
09:15:37.0219 2960 usbscan - ok
09:15:37.0266 2960 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
09:15:37.0266 2960 USBSTOR - ok
09:15:37.0282 2960 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
09:15:37.0282 2960 usbuhci - ok
09:15:37.0344 2960 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
09:15:37.0344 2960 usbvideo - ok
09:15:37.0375 2960 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
09:15:37.0391 2960 UxSms - ok
09:15:37.0485 2960 VAIO Event Service (a60605fc66552b421ee1f3d4ebb9a4e0) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
09:15:37.0485 2960 VAIO Event Service - ok
09:15:37.0609 2960 VAIO Power Management (d469be2723f79cf4b384680b1fdc577d) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
09:15:37.0625 2960 VAIO Power Management - ok
09:15:37.0672 2960 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:15:37.0672 2960 VaultSvc - ok
09:15:37.0812 2960 VCFw (6888526aeb8ddabde6f778fd40fc0693) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
09:15:37.0828 2960 VCFw - ok
09:15:38.0015 2960 VcmIAlzMgr (07f47a1df726537313c1023515175532) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
09:15:38.0031 2960 VcmIAlzMgr - ok
09:15:38.0124 2960 VcmINSMgr (cbb9f0d1017e0bed4cb5bbc0ebf26dc1) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
09:15:38.0124 2960 VcmINSMgr - ok
09:15:38.0202 2960 VcmXmlIfHelper (c8e3ba694cc5eacec4c01660ace40d56) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
09:15:38.0202 2960 VcmXmlIfHelper - ok
09:15:38.0296 2960 VCService (d347d3abe070aa09c22fc37121555d52) C:\Program Files\Sony\VAIO Care\VCService.exe
09:15:38.0296 2960 VCService - ok
09:15:38.0436 2960 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
09:15:38.0452 2960 vdrvroot - ok
09:15:38.0530 2960 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
09:15:38.0561 2960 vds - ok
09:15:38.0592 2960 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
09:15:38.0592 2960 vga - ok
09:15:38.0608 2960 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
09:15:38.0623 2960 VgaSave - ok
09:15:38.0655 2960 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
09:15:38.0670 2960 vhdmp - ok
09:15:38.0701 2960 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
09:15:38.0701 2960 viaide - ok
09:15:38.0733 2960 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
09:15:38.0733 2960 volmgr - ok
09:15:38.0795 2960 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
09:15:38.0811 2960 volmgrx - ok
09:15:38.0873 2960 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
09:15:38.0889 2960 volsnap - ok
09:15:38.0920 2960 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
09:15:38.0920 2960 vsmraid - ok
09:15:39.0123 2960 VSNService (a7eb62c664a03901165290a714bd48d0) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
09:15:39.0138 2960 VSNService - ok
09:15:39.0279 2960 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
09:15:39.0325 2960 VSS - ok
09:15:39.0513 2960 VUAgent (fb4a1695d2d74f9c92ca5e84795cdbe1) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
09:15:39.0544 2960 VUAgent - ok
09:15:39.0684 2960 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
09:15:39.0684 2960 vwifibus - ok
09:15:39.0715 2960 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
09:15:39.0715 2960 vwififlt - ok
09:15:39.0778 2960 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
09:15:39.0809 2960 W32Time - ok
09:15:39.0840 2960 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
09:15:39.0856 2960 WacomPen - ok
09:15:39.0903 2960 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
09:15:39.0903 2960 WANARP - ok
09:15:39.0903 2960 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
09:15:39.0918 2960 Wanarpv6 - ok
09:15:40.0059 2960 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
09:15:40.0074 2960 wbengine - ok
09:15:40.0246 2960 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
09:15:40.0261 2960 WbioSrvc - ok
09:15:40.0324 2960 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
09:15:40.0339 2960 wcncsvc - ok
09:15:40.0371 2960 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
09:15:40.0386 2960 WcsPlugInService - ok
09:15:40.0449 2960 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
09:15:40.0449 2960 Wd - ok
09:15:40.0542 2960 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
09:15:40.0558 2960 Wdf01000 - ok
09:15:40.0589 2960 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:15:40.0605 2960 WdiServiceHost - ok
09:15:40.0605 2960 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:15:40.0605 2960 WdiSystemHost - ok
09:15:40.0667 2960 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
09:15:40.0667 2960 WebClient - ok
09:15:40.0698 2960 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
09:15:40.0714 2960 Wecsvc - ok
09:15:40.0729 2960 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
09:15:40.0729 2960 wercplsupport - ok
09:15:40.0761 2960 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
09:15:40.0776 2960 WerSvc - ok
09:15:40.0823 2960 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
09:15:40.0823 2960 WfpLwf - ok
09:15:40.0839 2960 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
09:15:40.0839 2960 WIMMount - ok
09:15:40.0854 2960 WinHttpAutoProxySvc - ok
09:15:40.0932 2960 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
09:15:40.0948 2960 Winmgmt - ok
09:15:41.0135 2960 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
09:15:41.0151 2960 WinRM - ok
09:15:41.0369 2960 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
09:15:41.0400 2960 Wlansvc - ok
09:15:41.0463 2960 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
09:15:41.0463 2960 WmiAcpi - ok
09:15:41.0556 2960 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
09:15:41.0556 2960 wmiApSrv - ok
09:15:41.0619 2960 WMPNetworkSvc - ok
09:15:41.0665 2960 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
09:15:41.0665 2960 WPCSvc - ok
09:15:41.0712 2960 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
09:15:41.0712 2960 WPDBusEnum - ok
09:15:41.0743 2960 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
09:15:41.0743 2960 ws2ifsl - ok
09:15:41.0759 2960 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
09:15:41.0775 2960 wscsvc - ok
09:15:41.0775 2960 WSearch - ok
09:15:41.0977 2960 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
09:15:42.0024 2960 wuauserv - ok
09:15:42.0180 2960 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
09:15:42.0180 2960 WudfPf - ok
09:15:42.0211 2960 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
09:15:42.0211 2960 WUDFRd - ok
09:15:42.0243 2960 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
09:15:42.0243 2960 wudfsvc - ok
09:15:42.0274 2960 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
09:15:42.0289 2960 WwanSvc - ok
09:15:42.0367 2960 X6va007 - ok
09:15:42.0430 2960 yukonw7 (5250193ef8e173aa7491250f00eb367f) C:\Windows\system32\DRIVERS\yk62x64.sys
09:15:42.0445 2960 yukonw7 - ok
09:15:42.0461 2960 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
09:15:43.0116 2960 \Device\Harddisk0\DR0 - ok
09:15:43.0116 2960 Boot (0x1200) (166f3974c1b00ef8ad1c2a6bdfafab78) \Device\Harddisk0\DR0\Partition0
09:15:43.0116 2960 \Device\Harddisk0\DR0\Partition0 - ok
09:15:43.0132 2960 Boot (0x1200) (04b5292c98f9300b2cf612e6ae4a0609) \Device\Harddisk0\DR0\Partition1
09:15:43.0132 2960 \Device\Harddisk0\DR0\Partition1 - ok
09:15:43.0132 2960 ============================================================
09:15:43.0132 2960 Scan finished
09:15:43.0132 2960 ============================================================
09:15:43.0147 6812 Detected object count: 2
09:15:43.0147 6812 Actual detected object count: 2
09:16:05.0327 6812 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
09:16:05.0327 6812 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
09:16:05.0327 6812 sptd ( LockedFile.Multi.Generic ) - skipped by user
09:16:05.0327 6812 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
|
|
18.06.2012, 09:15
| #5 |
| | tr/atraps.gen2 gefunden und Registryänderungen festgestellt Hi, was ist das für eine DHCP-Adresse (172.16.16.19)? Defogger Downloade Dir bitte defogger von jpshortstuff auf Deinem Desktop.
Fix für OTL:
 Code:
ATTFilter
:OTL
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
[2012.06.18 02:49:16 | 000,022,016 | ---- | C] () -- C:\Windows\Installer\{f9365b67-4dbf-fa77-e471-0b88407f90f7}\U\800000cb.@
[2012.06.18 01:19:40 | 000,016,896 | ---- | C] () -- C:\Windows\Installer\{f9365b67-4dbf-fa77-e471-0b88407f90f7}\U\80000000.@
[2012.06.18 01:19:40 | 000,001,648 | ---- | C] () -- C:\Windows\Installer\{f9365b67-4dbf-fa77-e471-0b88407f90f7}\U\00000001.@
[2012.06.18 01:19:40 | 000,001,648 | ---- | C] () -- C:\Windows\Installer\{f9365b67-4dbf-fa77-e471-0b88407f90f7}\U
[2012.01.11 10:54:40 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{f9365b67-4dbf-fa77-e471-0b88407f90f7}\@
[2012.01.11 10:54:40 | 000,002,048 | -HS- | C] () -- C:\Users\Nadja\AppData\Local\{f9365b67-4dbf-fa77-e471-0b88407f90f7}\@
@Alternate Data Stream - 24 bytes -> C:\Windows:AFF2E49F2F588B4A
:Commands
[emptytemp]
[Reboot]
Bitte folgende Files prüfen: Dateien Online überprüfen lassen:
Code:
ATTFilter C:\ProgramData\B63FEA3E66.sys
C:\Windows\SysWow64\TAKDSDecoder.dll
Combofix Lade Combo Fix von http://download.bleepingcomputer.com/sUBs/ComboFix.exe und speichert es auf den Desktop. Achtung: In einigen wenigen Fällen kann es vorkommen, das der Rechner nicht mehr booten kann und Neuaufgesetzt werden muß! Alle Fenster schliessen und combofix.exe starten und bestätige die folgende Abfrage mit 1 und drücke Enter. Der Scan mit Combofix kann einige Zeit in Anspruch nehmen, also habe etwas Geduld. Während des Scans bitte nichts am Rechner unternehmen Es kann möglich sein, dass der Rechner zwischendurch neu gestartet wird. Nach Scanende wird ein Report (ComboFix.txt) angezeigt, den bitte kopieren und in deinem Thread einfuegen. Das Log solltest Du unter C:\ComboFix.txt finden... Falls CF hängen bleibt, in den abgesicherten Modus booten (F8 beim booten) und dann laufen lassen! chris
__________________  Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden  ) Geändert von Chris4You (18.06.2012 um 09:22 Uhr) |
|
18.06.2012, 09:26
| #6 |
| | tr/atraps.gen2 gefunden und Registryänderungen festgestellt Uff moment! Leider scheint meine Frage untergegangen zu sein, was ich mit den Funden von Malwarebytes machen soll! Löschen oder in Quarantäne lassen? Wäre vielleicht ganz gut zu wissen bevor ich an dieser Stelle weitermache. Die DHCP-Adresse sagt mir irgendwie so überhaupt nichts, was aber auch daran liegen könnte, dass ich mich mit Interneteinstellungen eher weniger auskenne... Tut mir leid! :,-( Geändert von Sabishii (18.06.2012 um 09:31 Uhr) |
|
18.06.2012, 09:32
| #7 |
| | tr/atraps.gen2 gefunden und Registryänderungen festgestellt Hi, bzgl. der Frag zu MAM: in Quarantäne lassen... Dann sollten wir sie noch von OTL korrigieren lassen (die DHCP-Adressse). Folgende Zeile in das OLT-Script aufnehmen: Code:
ATTFilter O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC863AAA-54E2-4F05-A57B-5B003D0368DB}: DhcpNameServer = 172.16.16.19
chris
__________________ Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
|
18.06.2012, 09:36
| #8 |
| | tr/atraps.gen2 gefunden und Registryänderungen festgestellt Danke, ich werd mich dann mal eben da mal durchkämpfen. Ich hab die Log-File zweimal gepostet? ... Verdammt. Tut mir leid, ich bin wirklich durch den Wind... Das hier ist die Extra-File: Code:
ATTFilter OTL Extras logfile created on: 18.06.2012 09:01:14 - Run 1
OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\Nadja\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,86 Gb Total Physical Memory | 2,17 Gb Available Physical Memory | 56,28% Memory free
11,58 Gb Paging File | 9,55 Gb Available in Paging File | 82,49% Paging File free
Paging file location(s): c:\pagefile.sys 7905 7905 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452,34 Gb Total Space | 368,02 Gb Free Space | 81,36% Space Free | Partition Type: NTFS
Computer Name: NADJA-NOTEBOOK | User Name: Nadja | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe ()
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.reg [@ = regfile] -- C:\Windows\regedit.exe ()
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1" ()
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1" ()
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\River Past\Wave@MP3\WaveAtMp3.exe" = C:\Program Files\River Past\Wave@MP3\WaveAtMp3.exe:*:Enabled:River Past Wave@MP3
"C:\Program Files\River Past\Audio Converter\AudioConverter.exe" = C:\Program Files\River Past\Audio Converter\AudioConverter.exe:*:Enabled:River Past Audio Converter
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data over 1000 bytes]
"C:\Program Files\River Past\Wave@MP3\WaveAtMp3.exe" = C:\Program Files\River Past\Wave@MP3\WaveAtMp3.exe:*:Enabled:River Past Wave@MP3
"C:\Program Files\River Past\Audio Converter\AudioConverter.exe" = C:\Program Files\River Past\Audio Converter\AudioConverter.exe:*:Enabled:River Past Audio Converter
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data over 1000 bytes]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{10E14C74-0638-4996-ABAD-BBF7A6CF1FAA}" = PMB VAIO Edition plug-in (Click to Disc)
"{115B60D5-BBDB-490E-AF2E-064D37A3CE01}" = Media Gallery
"{11D25EF7-85FC-4B58-8278-485939C8637F}" = VAIO Update Merge Module x64
"{1E37FC84-799E-481B-9462-3489861E36C9}" = PMB VAIO Edition plug-in (Click to Disc)
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{259FD439-13B0-0136-D0A0-FA89BB05831D}" = ccc-utility64
"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java(TM) 6 Update 20 (64-bit)
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{46261E1C-5E0D-484E-8CCC-7F770375FBA2}" = VU5x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5AFD1F5C-8FDA-413C-AF38-F1E7BD10D72F}" = VAIO Media plus
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7C3AC18F-F19B-4082-8D13-7D603848E06C}" = VAIO Update Merge Module x64
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{997C6239-B940-E150-B478-CD505F27879F}" = ATI Catalyst Install Manager
"{9B481FA4-F9BC-4E81-A9C5-CAEF3DD3130E}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A2422B02-0D41-43F5-B62E-C7A5E55FCBA8}" = Vegas Pro 9.0 (64-bit)
"{A3D964A6-411A-4817-9D58-5CB8808F494E}" = VAIO Media plus
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E743BA71-5955-420B-AA52-67508054AD66}" = VAIO Update Merge Module x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F8851548-5D13-E66E-6607-E6D795F7B28B}" = ccc-utility64
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"TeamSpeak 3 Client" = TeamSpeak 3 Client
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00659A90-8645-C0C1-FA31-2AA63016E48A}" = CCC Help Chinese Standard
"{00B03993-F5A1-47B1-9C54-EC8FBDDDE17E}" = VAIO Care
"{07B7598E-1FB8-1A95-7A30-F534A55726B4}" = CCC Help Czech
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{0ABA6238-1A62-FFC6-9ACC-4DB9FEFB6A6E}" = CCC Help Spanish
"{0E33EC53-22CE-426C-A88B-2AAC231BAC85}" = Catalyst Control Center - Branding
"{159E5135-4BEA-52B7-8CDC-823F1ED6D8A5}" = CCC Help Spanish
"{15EB20D6-5F13-41D0-BEF9-C9C44D6AC620}" = SDFormatter
"{177AF091-7854-4615-8327-AC7518F62782}" = VAIO Media plus
"{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}" = Adobe Photoshop Elements 8.0
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{25E6D9E3-3CA4-D2CF-6F18-9A08C4FF2885}" = CCC Help English
"{265F0D95-A883-7162-0458-B78085B6B693}" = Catalyst Control Center Graphics Light
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 25
"{2F9D63BE-A891-4E39-AFB3-7402D486800C}" = VAIO Hardware Diagnostics
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = PMB VAIO Edition Guide
"{35111E7A-03B9-25EC-F434-A1CD976907FC}" = CCC Help Chinese Traditional
"{36C36970-394C-40C4-E11B-7CF635AFB989}" = CCC Help Hungarian
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{37AB6736-3C58-B2AD-9232-BBCF074F9A9C}" = Catalyst Control Center
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3FAF398F-CCD0-AC9F-2345-A473D1AE077B}" = CCC Help Chinese Traditional
"{427E8AD0-A4B1-D225-836E-CCB6068B490A}" = CCC Help French
"{44D25B45-5C0E-2187-6739-E2FA0E8AFE1D}" = CCC Help Portuguese
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B9DA746-5AE1-4BA0-9087-BDB162242890}" = VAIO Media plus
"{4CEBF3CF-1119-3902-4D37-A9274DDB54E1}" = CCC Help Danish
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"{4E6DF745-C99E-909F-BCF0-B7C24A51E56E}" = CCC Help Japanese
"{4F3A978C-35D6-8FDF-4D00-50F5D659D3BB}" = CCC Help German
"{4FD59143-0B17-CCC6-CEFD-C745955A70C7}" = CCC Help Korean
"{5078F3C0-4920-49BB-8FF8-F4794D5BEA95}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"{528EE462-2993-51F9-9F68-7C9F9BD7DCC3}" = CCC Help Italian
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{52F9CDDA-26F6-4499-90E0-6DDDE6D2259C}" = VAIO Media plus
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}" = VAIO Sample Contents
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5736590B-36C7-4881-5EBE-F9B390F00774}" = Catalyst Control Center Core Implementation
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data
"{5A92468F-3ED8-4F96-A9E1-4F176C80EC29}" = VAIO Quick Web Access
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60C5FF36-67E1-6B1D-781F-579C30BE41AA}" = CCC Help French
"{61F569A3-1647-B6F4-08C8-40A011831827}" = CCC Help English
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69C302CE-8972-1637-6857-F73A08052054}" = CCC Help Polish
"{6A3F204B-323C-7E32-F890-A7308768728D}" = CCC Help Russian
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{7002773F-2A53-E9F2-E161-DB3DDA0F05BE}" = CCC Help Hungarian
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72F77561-7DD8-4D01-6698-16DFDCCBCED6}" = CCC Help Czech
"{73E80655-FB3C-46F4-BE00-62D248BC490A}" = Visual C++ 2008 Runtime (x64)
"{760B29F2-8663-419B-A025-5A55066E130B}" = Ulead Photo Express 6
"{76DECE17-BCF5-9640-2854-3CA049834A40}" = CCC Help Chinese Standard
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A63F0C4-6B2B-694C-ED72-D0670612BC29}" = CCC Help Swedish
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" =
"{8211C280-5B02-4E7E-B55F-845A207249BA}" = VAIO Data Restore Tool
"{82225685-1513-4975-B624-155C10F3EE16}" = The Whispered World
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" =
"{83BCDD54-0B5A-8C86-4E7E-A16F3CE60B81}" = Catalyst Control Center Localization All
"{84123D75-4CD1-8E59-3B05-4928F122FCC2}" = CCC Help Russian
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" =
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{88001121-87E2-2104-F9F5-ECC15DFCA1E0}" = Catalyst Control Center Graphics Full Existing
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AF3E926-ED59-11D4-A44B-0000E86D2305}" = Ulead GIF Animator 5 ESD
"{8D261060-84D3-FCF3-177D-969A30DB7FAA}" = Catalyst Control Center InstallProxy
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8EB34C0B-AF54-F265-844C-3E6FA9AE2FCD}" = CCC Help German
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C73041C-AB71-995D-EEC7-B4E940F93F36}" = CCC Help Finnish
"{9CCA7C1A-6308-4F12-AEDD-D230CAAF847E}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"{A0E583D1-23F7-4C35-9620-B169D7715E4B}" = Adobe Premiere Elements 8.0
"{A20548C1-4B08-C41D-A3A8-FE8C933C2A00}" = Catalyst Control Center InstallProxy
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}" = Brother MFL-Pro Suite DCP-135C
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" =
"{A8D53A4E-77A1-E23E-A396-6D9C86A2F273}" = Catalyst Control Center Graphics Full New
"{ABE130EB-EC1A-0500-B607-D1AA01082308}" = CCC Help Thai
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.7 - Deutsch
"{ACBA6D88-0035-E98C-A678-BF60D063ECA1}" = CCC Help Dutch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B2DB5CE2-5A7B-B321-3C29-F54D235C811F}" = CCC Help Norwegian
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = SUPER © v2012.build.50 (February 21st, 2012) Version v2012.buil
"{B941F34C-F36A-4A6F-A97C-50B5948E451F}" = VAIO Media plus
"{BA12FD6D-169A-11D7-A6A9-00C026281E5A}" = Twin USB Vibration Gamepad
"{BFF37C6E-D735-4487-390C-271E030AA62C}" = CCC Help Italian
"{C2E171F6-9B58-4CE1-7B8B-B69FA04EBAB8}" = Catalyst Control Center Graphics Previews Vista
"{C42AA487-8DB6-EEDF-0DA5-27B2B710671E}" = Catalyst Control Center Graphics Previews Common
"{C459D829-0FF0-C210-B2BF-83DB63FC1D61}" = CCC Help Korean
"{C5529BC1-C2BF-44E8-B62A-01913D70081C}" = Catalyst Control Center - Branding
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO-Handbuch
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" =
"{C83B7CBB-C736-BF46-9832-7A9D07E9D94C}" = CCC Help Polish
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CD99FD27-BC00-07F3-91A3-E130C4CE78F5}" = CCC Help Turkish
"{CDF450C8-4B6E-1ED1-6F2D-E68597E154FE}" = CCC Help Finnish
"{CF097717-F174-4144-954A-FBC4BF301031}" = Nero 7 Premium
"{CFB66DB0-00AC-4CBC-B99D-99EFEB03743C}" = PMB VAIO Edition plug-in (Click to Disc)
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D49989B0-7BC2-F7F1-8017-3257F617347A}" = Catalyst Control Center Graphics Previews Common
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{D6DEC295-88A0-5CFA-0B29-C8FDF091FFD3}" = CCC Help Dutch
"{D9670A80-DED7-44FE-9B8C-94CEA3F7E035}" = VAIO - Media Gallery
"{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3
"{DF693121-40C0-3020-D655-612E51616423}" = CCC Help Danish
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5A8A937-0D7F-9E53-820B-F28FD400026D}" = CCC Help Swedish
"{EBDDC3CC-343A-C0DD-79BA-8A12D0A2CA10}" = CCC Help Turkish
"{ECF0D151-BCA0-8E6D-62DB-5D44DB4A3836}" = CCC Help Thai
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1B95046-E9DA-CFEC-42A8-C8224646AA32}" = ccc-core-static
"{F30FE437-0E45-D409-F629-5D86960A6591}" = CCC Help Norwegian
"{F59AC46C-10C3-4023-882C-4212A92283B3}_is1" = Lagarith Lossless Codec (1.3.25)
"{F5CC9A13-6C57-4948-75A8-3A2C92A3183B}" = Catalyst Control Center Localization All
"{F67C14C0-D73E-C55B-E132-B1904A1A709C}" = CCC Help Greek
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote
"{F84E8B79-E754-81D8-BBD6-BC8C622AE382}" = CCC Help Portuguese
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FAED5381-DDC7-7002-07A8-CC45828D84DA}" = CCC Help Greek
"{FB04F74B-20AF-D902-250F-EBC2F7C6D5D4}" = CCC Help Japanese
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 8.0" = Adobe Photoshop Elements 8.0
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v1.80
"Akamai" = Akamai NetSession Interface
"Avira AntiVir Desktop" = Avira Free Antivirus
"DivX Setup.divx.com" = DivX-Setup
"EdenEternal-DE" = EdenEternal-DE
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition
"Free Audio Converter_is1" = Free Audio Converter version 5.0.11.504
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 5.0.6.221
"Game Booster_is1" = Game Booster 3
"GoldWave v5.58" = GoldWave v5.58
"InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = VAIO - PMB VAIO Edition Guide
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = VAIO - PMB VAIO Edition plug-in (Click to Disc)
"InstallShield_{5078F3C0-4920-49BB-8FF8-F4794D5BEA95}" = VAIO - PMB VAIO Edition plug-in (VAIO Movie Story)
"InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"InstallShield_{9CCA7C1A-6308-4F12-AEDD-D230CAAF847E}" = VAIO - PMB VAIO Edition plug-in (VAIO Image Optimizer)
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.0.0 (Full)
"Macro Express 3" = Macro Express 3
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"MausII" = MausII
"Messenger Plus! Live" = Messenger Plus! Live
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OpenSource Flash Video Splitter" = OpenSource Flash Video Splitter (remove only)
"Opera 11.64.1403" = Opera 11.64
"PowerISO" = PowerISO
"PremElem80" = Adobe Premiere Elements 8.0
"SpeedFan" = SpeedFan (remove only)
"splashtop" = VAIO Quick Web Access
"Ulead Photo Express 2.0" = Ulead Photo Express 2.0
"VAIO Help and Support" =
"VAIO screensaver" = VAIO screensaver
"VLC media player" = VLC media player 1.1.5
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"I-Doser v4" = I-Doser v4
"MyFreeCodec" = MyFreeCodec
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 17.06.2012 20:58:48 | Computer Name = Nadja-Notebook | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/06/18 02:58:48.150]: [00003612]: lperrcode->api
= 1 , lperrcode->code = 2
Error - 17.06.2012 20:58:49 | Computer Name = Nadja-Notebook | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/06/18 02:58:49.695]: [00003612]: lperrcode->api
= 1 , lperrcode->code = 2
Error - 17.06.2012 20:58:51 | Computer Name = Nadja-Notebook | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/06/18 02:58:51.239]: [00003612]: lperrcode->api
= 1 , lperrcode->code = 2
Error - 17.06.2012 20:58:52 | Computer Name = Nadja-Notebook | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/06/18 02:58:52.783]: [00003612]: lperrcode->api
= 1 , lperrcode->code = 2
Error - 17.06.2012 20:58:54 | Computer Name = Nadja-Notebook | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/06/18 02:58:54.328]: [00003612]: lperrcode->api
= 1 , lperrcode->code = 2
Error - 17.06.2012 20:58:55 | Computer Name = Nadja-Notebook | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/06/18 02:58:55.872]: [00003612]: lperrcode->api
= 1 , lperrcode->code = 2
Error - 17.06.2012 20:58:57 | Computer Name = Nadja-Notebook | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/06/18 02:58:57.417]: [00003612]: lperrcode->api
= 1 , lperrcode->code = 2
Error - 17.06.2012 20:58:58 | Computer Name = Nadja-Notebook | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/06/18 02:58:58.961]: [00003612]: lperrcode->api
= 1 , lperrcode->code = 2
Error - 17.06.2012 20:59:00 | Computer Name = Nadja-Notebook | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/06/18 02:59:00.505]: [00003612]: lperrcode->api
= 1 , lperrcode->code = 2
Error - 17.06.2012 20:59:02 | Computer Name = Nadja-Notebook | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/06/18 02:59:02.050]: [00003612]: lperrcode->api
= 1 , lperrcode->code = 2
[ System Events ]
Error - 14.06.2012 04:41:32 | Computer Name = Nadja-Notebook | Source = bowser | ID = 8003
Description =
Error - 14.06.2012 08:56:53 | Computer Name = Nadja-Notebook | Source = bowser | ID = 8003
Description =
Error - 14.06.2012 11:33:06 | Computer Name = Nadja-Notebook | Source = bowser | ID = 8003
Description =
Error - 14.06.2012 16:33:30 | Computer Name = Nadja-Notebook | Source = bowser | ID = 8003
Description =
Error - 15.06.2012 05:10:43 | Computer Name = Nadja-Notebook | Source = bowser | ID = 8003
Description =
Error - 16.06.2012 07:28:02 | Computer Name = Nadja-Notebook | Source = bowser | ID = 8003
Description =
Error - 16.06.2012 16:13:43 | Computer Name = Nadja-Notebook | Source = bowser | ID = 8003
Description =
Error - 16.06.2012 17:10:48 | Computer Name = Nadja-Notebook | Source = bowser | ID = 8003
Description =
Error - 17.06.2012 04:54:02 | Computer Name = Nadja-Notebook | Source = bowser | ID = 8003
Description =
Error - 18.06.2012 02:38:12 | Computer Name = Nadja-Notebook | Source = VDS Basic Provider | ID = 33554433
Description =
< End of report >
EDIT: Na super.. Nachdem ich gerade Defogger benutzt habe und dieses einen Neustart machen wollte, hab ich beim erneuten Hochfahren des Systems nen Bluescreen bekommen. Jetzt setzt sich der Laptop auf nen Wiederherstellungspunkt zurück, in der Hoffnung das er dann wieder gescheit hochfährt. Genau das richtige für eine nervöse Person wie mich. *durchdreh* Ähm.. Okay.. Das ist jetzt merkwürdig. Nachdem der Laptop sich auf ein Wiederherstellungsdatum von weiß-Gott-wann zurückgesetzt hat, sind alle Schädlinge spurlos verschwunden. Weder Malwarebyte, noch Spybot oder Antivir finden noch etwas.  Natürlich mag ich dem Frieden noch nicht so ganz trauen, daher eine Frage: Was jetzt? Erneuter Scan mit OTL? Geändert von Sabishii (18.06.2012 um 09:51 Uhr) |
|
| Themen zu tr/atraps.gen2 gefunden und Registryänderungen festgestellt |
| avira, destroy, festgestellt, folge, folgendes, heute, laptop, meldung, microsoft, neu, problem, rückgängig, sache, schlägt, search, security, sobald, spybot, starte, starten, tr/atraps.gen, troja, trojaner, versuche, wenig, öfters |
Linear-Darstellung
