| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Österreichischer Polizei Virus nach Movie2k FilmWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
07.10.2012, 09:42
| #1 |
| |  Österreichischer Polizei Virus nach Movie2k Film Hallo Zusammen, Gestern nach einem Film ist mir dieser Virus auf mein Screan gekommen, Polizei hat mein Computer gesperrt wegen illegalen Filmen. Ich habe mit meinem Firmenlaptop nachgegoogelt und festgestellt, dass es ein Virus ist. Ich habe im abgesicherten Modus eine frühere Version hochgefahren und es ging wieder, danach habe ich Malware OTL Scans durchgeführt wie schon in anderen Threads angegeben. Hier dies sind die Ergebnisse von Malware: Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.65.0.1400 www.malwarebytes.org Datenbank Version: v2012.10.06.05 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 8.0.6001.18928 Gülcem :: GÜLCEM-PC [Administrator] Schutz: Aktiviert 07.10.2012 00:55:56 mbam-log-2012-10-07 (00-55-56).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 421526 Laufzeit: 2 Stunde(n), 1 Minute(n), 41 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 6 HKCR\CLSID\{975670D0-7EFB-4fa8-90FA-3AE575B9FB77} (Trojan.Banker) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{975670D0-7EFB-4FA8-90FA-3AE575B9FB77} (Trojan.Banker) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\MediaHoldings (Malware.Trace) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Mirar (Adware.Mirar) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\PlayMP3 (Adware.PLayMP3z) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Userinit (Trojan.Agent) -> Daten: C:\Users\Gülcem\AppData\Roaming\appconf32.exe -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\ProgramData\Sony\MyClubVAIO\startreg.exe (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter OTL logfile created on: 07.10.2012 09:49:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gülcem\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,09 Gb Available Physical Memory | 54,77% Memory free
4,22 Gb Paging File | 3,16 Gb Available in Paging File | 74,73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 139,74 Gb Total Space | 4,83 Gb Free Space | 3,46% Space Free | Partition Type: NTFS
Computer Name: GÜLCEM-PC | User Name: Gülcem | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.10.07 09:43:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Gülcem\Desktop\OTL.com
PRC - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.09.07 17:04:44 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.09.02 00:01:53 | 000,874,896 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2012.06.08 13:02:10 | 000,021,432 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012.06.08 13:02:02 | 003,521,464 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011.02.08 19:21:52 | 001,114,040 | ---- | M] (MusicLab, LLC) -- C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngrUI.exe
PRC - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.04.04 19:10:26 | 000,030,152 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2008.01.19 09:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008.01.19 09:33:05 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
PRC - [2007.06.15 13:45:20 | 000,469,112 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
PRC - [2007.06.15 12:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) -- C:\Windows\System32\bgsvcgen.exe
PRC - [2007.01.04 23:38:18 | 000,112,336 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2006.11.25 09:29:44 | 002,134,016 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2006.11.24 18:58:38 | 000,919,672 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
PRC - [2006.11.24 11:36:54 | 000,182,392 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
PRC - [2006.11.24 11:36:54 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2006.11.14 18:02:28 | 002,146,304 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
PRC - [2006.11.02 11:45:59 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe
PRC - [2006.10.31 23:40:16 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2006.10.27 21:13:48 | 000,270,336 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
PRC - [2006.09.28 22:08:46 | 000,270,336 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
PRC - [2006.09.26 15:48:36 | 000,172,032 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2006.09.26 15:46:58 | 000,135,168 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
PRC - [2006.09.13 16:29:46 | 000,274,432 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2006.09.11 09:23:22 | 000,118,784 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2006.09.08 08:06:08 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apntex.exe
PRC - [2006.09.08 07:54:30 | 000,042,544 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApMsgFwd.exe
PRC - [2006.08.23 14:11:38 | 000,069,632 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtBty.exe
PRC - [2006.08.23 13:43:08 | 000,274,432 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2006.02.07 00:00:20 | 000,311,296 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
PRC - [2006.01.24 00:14:10 | 000,069,632 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
========== Modules (No Company Name) ==========
MOD - [2012.07.02 01:51:05 | 000,115,137 | ---- | M] () -- C:\Users\Gülcem\AppData\Local\Temp\26b4a1dd-e07b-48af-be4e-9642b273284b\CliSecureRT.dll
MOD - [2012.06.08 13:02:10 | 000,021,432 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2012.01.21 22:07:26 | 017,632,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\c5076f9a8ecf90a4c86ac5cfcb9e5528\PresentationFramework.ni.dll
MOD - [2012.01.21 22:06:54 | 000,450,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\fdfe786e6ddaf7ed2472918e408d96a0\PresentationFramework.Aero.ni.dll
MOD - [2010.06.26 09:16:41 | 001,159,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\848c4005079e434e04096d683fab1ded\System.Management.ni.dll
MOD - [2010.06.26 08:54:23 | 000,758,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\b095af4c06f82361e8be3ec0e6347cc3\System.Runtime.Remoting.ni.dll
MOD - [2010.06.26 08:54:13 | 001,776,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d85a3d6ed5bb77f5603e098cccf60bfa\System.Xaml.ni.dll
MOD - [2010.06.26 08:34:49 | 011,057,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\7a1eeb425f9318f432afead4b2da965a\PresentationCore.ni.dll
MOD - [2010.06.26 08:34:20 | 003,779,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\f1f3a74eb37b27b7d05b8ffa941f8473\WindowsBase.ni.dll
MOD - [2010.06.26 08:34:12 | 005,571,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\2d7c29ad77c15abfa6a8fe6d24840a91\System.Xml.ni.dll
MOD - [2010.06.26 08:34:03 | 013,006,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f3cdd09fc0acc85c7febbd2e2ef9c4e5\System.Windows.Forms.ni.dll
MOD - [2010.06.26 08:34:02 | 000,973,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ac2cd19f2159d48684e17cbdecfaa3b7\System.Configuration.ni.dll
MOD - [2010.06.26 08:33:54 | 007,025,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\85693dfd9ba4905b0fd947fdb51446d5\System.Core.ni.dll
MOD - [2010.06.26 08:33:39 | 001,651,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\2fe09cc54a8390b20e380239db34228f\System.Drawing.ni.dll
MOD - [2010.06.26 08:33:36 | 009,000,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\161c6f80ad93b0505054d244f1c6243c\System.ni.dll
MOD - [2010.06.26 08:33:19 | 014,415,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\4ff1f12a08d455f195ba996fe77497c6\mscorlib.ni.dll
MOD - [2007.05.22 10:59:22 | 000,128,512 | ---- | M] () -- C:\Program Files\WinRAR\rarext.dll
MOD - [2005.07.22 22:30:20 | 000,065,536 | ---- | M] () -- C:\Windows\System32\TosCommAPI.dll
MOD - [2004.10.14 11:18:24 | 000,040,960 | ---- | M] () -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtAfh.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon -- (CLTNetCnService)
SRV - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.01.18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011.12.16 16:26:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto | Stopped] -- C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe -- (SamsungAllShareV2.0)
SRV - [2011.12.16 16:26:22 | 000,027,584 | ---- | M] (Samsung Electronics Co., Ltd.) [On_Demand | Stopped] -- C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer)
SRV - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009.12.17 17:37:52 | 000,067,360 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - [2008.04.04 19:10:26 | 000,030,152 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Service)
SRV - [2008.01.19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2008.01.19 09:36:49 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008.01.19 09:36:15 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007.06.15 12:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) [Auto | Running] -- C:\Windows\System32\bgsvcgen.exe -- (bgsvcgen)
SRV - [2007.03.16 01:07:45 | 000,077,944 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2007.01.16 15:05:00 | 002,523,136 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2007.01.16 15:05:00 | 001,089,536 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-UCLS-UPnP)
SRV - [2007.01.16 15:05:00 | 001,089,536 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP)
SRV - [2007.01.12 12:03:16 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2007.01.10 17:51:06 | 000,745,472 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe -- (VAIOMediaPlatform-UCLS-AppServer)
SRV - [2007.01.08 18:06:40 | 000,397,312 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-UCLS-HTTP)
SRV - [2007.01.08 18:06:40 | 000,397,312 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP)
SRV - [2007.01.08 18:01:34 | 000,491,520 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2006.11.24 11:36:54 | 000,182,392 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2006.11.13 18:31:22 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe -- (SSScsiSV)
SRV - [2006.10.31 23:40:16 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2006.09.26 15:48:36 | 000,172,032 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2006.09.26 15:46:58 | 000,135,168 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2006.08.23 13:43:08 | 000,274,432 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | Boot | Stopped] -- System32\Drivers\sptd.sys -- (sptd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\easytthr.sys -- (easytether)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012.10.07 00:55:02 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012.09.07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.05.21 04:09:00 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012.05.21 04:09:00 | 000,080,824 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2011.12.08 06:22:36 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2011.12.08 06:22:36 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2011.12.08 06:22:36 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2011.12.08 06:22:26 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011.12.08 06:22:26 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2011.12.08 06:22:26 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2011.12.08 06:22:26 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2011.12.08 06:22:26 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2010.11.17 23:38:49 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri)
DRV - [2010.11.17 23:37:42 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010.11.17 23:37:42 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2009.05.11 10:12:20 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.04.11 06:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2008.11.04 03:45:46 | 000,109,736 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic)
DRV - [2008.11.04 03:45:46 | 000,108,200 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt)
DRV - [2008.11.04 03:45:46 | 000,104,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2008.11.04 03:45:44 | 000,114,472 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2008.11.04 03:45:44 | 000,086,696 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus)
DRV - [2008.11.04 03:45:44 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5)
DRV - [2008.11.04 03:45:44 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2008.03.17 11:05:30 | 000,101,632 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2007.04.24 12:33:46 | 000,100,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s125mgmt.sys -- (s125mgmt)
DRV - [2007.04.24 12:33:46 | 000,098,696 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s125obex.sys -- (s125obex)
DRV - [2007.04.24 12:33:44 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s125mdm.sys -- (s125mdm)
DRV - [2007.04.24 12:33:42 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s125mdfl.sys -- (s125mdfl)
DRV - [2007.04.24 12:33:34 | 000,083,336 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s125bus.sys -- (s125bus)
DRV - [2007.02.06 13:36:48 | 000,650,240 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2006.12.07 13:25:00 | 004,456,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2006.11.21 14:57:36 | 000,113,792 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2006.11.20 18:55:16 | 000,036,480 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2006.11.06 15:56:03 | 000,227,328 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2006.11.02 18:41:00 | 000,053,504 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2006.11.02 09:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2006.11.01 06:31:46 | 000,017,328 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SiWinAcc.sys -- (SiFilter)
DRV - [2006.11.01 06:31:14 | 000,012,464 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SiRemFil.sys -- (SiRemFil)
DRV - [2006.11.01 06:30:34 | 000,074,672 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SI3132.sys -- (SI3132)
DRV - [2006.10.30 02:42:28 | 001,786,880 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)
DRV - [2006.10.28 01:29:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfusb.sys -- (tosrfusb)
DRV - [2006.10.27 15:08:36 | 000,072,704 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FLx86.sys -- (R5U870FLx86)
DRV - [2006.10.27 15:08:32 | 000,043,904 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FUx86.sys -- (R5U870FUx86)
DRV - [2006.10.18 12:56:30 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2006.10.13 13:34:22 | 000,027,520 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SonyNC.sys -- (SNC)
DRV - [2006.10.10 20:33:22 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2006.10.05 17:07:46 | 000,073,600 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\TosRfhid.sys -- (Tosrfhid)
DRV - [2006.09.06 11:44:52 | 000,030,976 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SonyImgF.sys -- (SonyImgF)
DRV - [2006.08.30 02:35:58 | 000,140,800 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2006.08.04 10:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006.02.20 19:17:40 | 000,033,408 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdrbsdrv.sys -- (cdrbsdrv)
DRV - [2005.08.01 17:45:08 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2005.07.11 19:58:56 | 000,003,712 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Toshidpt.sys -- (toshidpt)
DRV - [2005.02.23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)
DRV - [2005.01.06 14:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}
IE - HKLM\..\SearchScopes\{950892BA-F179-46C2-AEFE-D5283BB31E2E}: "URL" = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = hxxp://search.bearshare.com/web?src=ieb&systemid=2&q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://g.msn.at/0SEDEAT/SAOS01?FORM=TOOLBR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://g.msn.at/0SEDEAT/SAOS01?FORM=TOOLBR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {FC31146E-4EAA-4726-8938-92CD26323130}
IE - HKCU\..\SearchScopes\{950892BA-F179-46C2-AEFE-D5283BB31E2E}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLR
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = hxxp://search.bearshare.com/web?src=ieb&systemid=2&q={searchTerms}
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = hxxp://www.daemon-search.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKCU\..\SearchScopes\{D0AB851F-C17B-478B-B5CD-5B590CEAFDFA}: "URL" = hxxp://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
IE - HKCU\..\SearchScopes\{FC31146E-4EAA-4726-8938-92CD26323130}: "URL" = hxxp://at.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.50524.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2105: C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll (Viewpoint Corporation)
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\Users\Gülcem\AppData\Roaming\01015 [2012.03.18 21:27:52 | 000,000,000 | ---D | M]
[2012.04.08 18:26:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gülcem\AppData\Roaming\mozilla\Extensions
[2012.09.01 16:04:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gülcem\AppData\Roaming\mozilla\Firefox\extensions
[2012.09.01 16:04:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gülcem\AppData\Roaming\mozilla\Firefox\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}
[2012.04.08 18:26:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2011.02.12 18:06:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.04.11 23:40:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.07.31 22:09:26 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.09.14 14:48:25 | 000,002,506 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\BearShareWebSearch.xml
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC)
O2 - BHO: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [AllShareAgent] C:\Program Files\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [DATAMNGR] C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE (MusicLab, LLC)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s File not found
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [Sony PC Companion] C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Gülcem\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: RSS-Support-Site zu VAIO Information FLOW hinzufügen - C:\Program Files\Sony\VAIO Information FLOW\aiesc.html ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {00000161-9980-0010-8000-00AA00389B71} hxxp://codecs.microsoft.com/codecs/i386/msaud.cab (Reg Error: Key error.)
O16 - DPF: {00000163-9980-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/0/B/B/0BB06A5C-8611-4840-86B3-54DDDD0344B9/wma9dmo.cab (Reg Error: Key error.)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-24-0.cab (EPUImageControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_07-windows-i586.cab (Java Plug-in 1.5.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.186.211.21 195.34.133.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{06B176C6-2B29-4202-92E4-F0328FA04F7E}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2C98592C-4BC6-4BC8-9200-6E860A6E52E9}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9478F81C-05FD-4DA1-ABCA-FA97A965FCE1}: DhcpNameServer = 212.186.211.21 195.34.133.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F84D06FE-1970-4C3F-B838-AC326F1B04CE}: DhcpNameServer = 192.168.42.129
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\datamngr.dll) - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\datamngr.dll (MusicLab, LLC)
O20 - AppInit_DLLs: (C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll) - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\Gülcem\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Gülcem\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{2b0427b6-d320-11de-9e7d-0016fef38034}\Shell - "" = AutoRun
O33 - MountPoints2\{2b0427b6-d320-11de-9e7d-0016fef38034}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{480d7265-45f8-11de-84df-0016fef38034}\Shell - "" = AutoRun
O33 - MountPoints2\{480d7265-45f8-11de-84df-0016fef38034}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{8297d3b8-446f-11de-80e7-0016fef38034}\Shell - "" = AutoRun
O33 - MountPoints2\{8297d3b8-446f-11de-80e7-0016fef38034}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{8297d3e6-446f-11de-80e7-0016fef38034}\Shell - "" = AutoRun
O33 - MountPoints2\{8297d3e6-446f-11de-80e7-0016fef38034}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{d046c9dd-fb64-11dd-80fd-0016fef38034}\Shell\AutoRun\command - "" = H:\setupSNK.exe
O33 - MountPoints2\{ed6be1c4-5ef7-11de-9e6e-0016fef38034}\Shell - "" = AutoRun
O33 - MountPoints2\{ed6be1c4-5ef7-11de-9e6e-0016fef38034}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{f9b3b49d-c20f-11dd-8001-0016fef38034}\Shell\AutoOpen\command - "" = G:\.\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe
O33 - MountPoints2\{f9b3b49d-c20f-11dd-8001-0016fef38034}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\.\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe
O33 - MountPoints2\I\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012.10.07 09:43:20 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Gülcem\Desktop\OTL.com
[2012.10.07 00:52:51 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012.10.07 00:52:51 | 000,000,000 | ---D | C] -- C:\Users\Gülcem\AppData\Roaming\Malwarebytes
[2012.10.07 00:52:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.07 00:52:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.10.07 00:52:44 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.10.07 00:52:44 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.10.06 14:15:08 | 000,000,000 | ---D | C] -- C:\ProgramData\kyjhaxhxhvotndx
[2012.09.22 02:08:35 | 000,000,000 | ---D | C] -- C:\Users\Gülcem\Desktop\lin
[2007.06.28 15:06:24 | 000,957,112 | ---- | C] (Microsoft Corporation) -- C:\Users\Gülcem\SaveAsPDFandXPS.exe
[1 C:\Users\Gülcem\AppData\Roaming\*.tmp files -> C:\Users\Gülcem\AppData\Roaming\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.10.07 09:48:09 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{15A120CC-DE56-4CA8-A7F1-B6A324B7FAC3}.job
[2012.10.07 09:43:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Gülcem\Desktop\OTL.com
[2012.10.07 09:33:48 | 000,013,448 | ---- | M] () -- C:\Users\Gülcem\AppData\Roaming\nvModes.001
[2012.10.07 09:32:35 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.07 09:32:35 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.07 09:32:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.07 09:32:15 | 2145,574,912 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.07 00:55:02 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012.10.07 00:52:46 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.10.06 14:15:08 | 000,074,135 | ---- | M] () -- C:\ProgramData\rqjkpozizijmgip
[2012.09.25 18:40:03 | 003,008,734 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.09.25 18:40:03 | 000,920,714 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.09.25 18:40:03 | 000,672,712 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.09.25 18:40:03 | 000,134,884 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.09.20 23:30:29 | 000,003,256 | ---- | M] () -- C:\Users\Gülcem\Documents\download-_-magwien_-WADL_-apps_-var_-tmp_-ebz__bezahlen_-download_-advcgi__3130c02cb21ef5ff318d2965478e0e22284294607.pdf
[2012.09.20 23:23:21 | 000,003,253 | ---- | M] () -- C:\Users\Gülcem\Documents\download-_-magwien_-WADL_-apps_-var_-tmp_-ebz__bezahlen_-download_-advcgi__3130c02cb21ef5ff318d2965478e0e2226875747.pdf
[2012.09.07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[1 C:\Users\Gülcem\AppData\Roaming\*.tmp files -> C:\Users\Gülcem\AppData\Roaming\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.10.07 00:52:46 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.10.07 00:29:42 | 2145,574,912 | -HS- | C] () -- C:\hiberfil.sys
[2012.10.06 14:15:02 | 000,074,135 | ---- | C] () -- C:\ProgramData\rqjkpozizijmgip
[2012.09.20 23:30:29 | 000,003,256 | ---- | C] () -- C:\Users\Gülcem\Documents\download-_-magwien_-WADL_-apps_-var_-tmp_-ebz__bezahlen_-download_-advcgi__3130c02cb21ef5ff318d2965478e0e22284294607.pdf
[2012.09.20 23:23:21 | 000,003,253 | ---- | C] () -- C:\Users\Gülcem\Documents\download-_-magwien_-WADL_-apps_-var_-tmp_-ebz__bezahlen_-download_-advcgi__3130c02cb21ef5ff318d2965478e0e2226875747.pdf
[2012.07.10 00:51:20 | 020,154,675 | ---- | C] () -- C:\Users\Gülcem\QRacing_V3.2.2_installer.zip
[2012.03.05 18:34:47 | 000,000,432 | ---- | C] () -- C:\Users\Gülcem\AppData\Roaming\wklnhst.dat
[2011.12.23 21:58:28 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.12.23 21:58:24 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.12.23 21:58:24 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.12.23 21:58:24 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.12.23 21:58:24 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011.09.15 00:31:53 | 000,004,096 | -H-- | C] () -- C:\Users\Gülcem\AppData\Local\keyfile3.drm
[2010.01.01 05:59:47 | 000,013,448 | ---- | C] () -- C:\Users\Gülcem\AppData\Roaming\nvModes.001
[2009.12.31 13:37:19 | 000,013,448 | ---- | C] () -- C:\Users\Gülcem\AppData\Roaming\nvModes.dat
[2007.06.24 00:28:28 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html
[2007.03.21 23:27:17 | 000,000,094 | ---- | C] () -- C:\Users\Gülcem\AppData\Local\fusioncache.dat
[2007.03.05 19:50:17 | 000,242,688 | ---- | C] () -- C:\Users\Gülcem\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.03.02 23:48:06 | 000,000,680 | ---- | C] () -- C:\Users\Gülcem\AppData\Local\d3d9caps.dat
========== ZeroAccess Check ==========
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010.07.26 17:51:48 | 011,584,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012.03.18 21:27:52 | 000,000,000 | ---D | M] -- C:\Users\Gülcem\AppData\Roaming\01015
[2007.03.22 10:49:49 | 000,000,000 | ---D | M] -- C:\Users\Gülcem\AppData\Roaming\Autodesk
[2009.12.01 20:21:47 | 000,000,000 | ---D | M] -- C:\Users\Gülcem\AppData\Roaming\BlueBullPoker
[2011.05.15 09:49:38 | 000,000,000 | ---D | M] -- C:\Users\Gülcem\AppData\Roaming\Canneverbe Limited
[2010.01.01 17:10:50 | 000,000,000 | ---D | M] -- C:\Users\Gülcem\AppData\Roaming\DAEMON Tools Lite
[2012.04.07 17:17:23 | 000,000,000 | ---D | M] -- C:\Users\Gülcem\AppData\Roaming\DVDVideoSoft
[2010.12.24 00:39:33 | 000,000,000 | ---D | M] -- C:\Users\Gülcem\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.09.01 16:04:05 | 000,000,000 | ---D | M] -- C:\Users\Gülcem\AppData\Roaming\eBayDesktopShortcut
[2012.09.11 11:48:43 | 000,000,000 | ---D | M] -- C:\Users\Gülcem\AppData\Roaming\Image Zone Express
[2007.03.09 02:32:29 | 000,000,000 | ---D | M] -- C:\Users\Gülcem\AppData\Roaming\InterVideo
[2012.03.18 20:32:37 | 000,000,000 | ---D | M] -- C:\Users\Gülcem\AppData\Roaming\kock
[2011.06.21 22:34:21 | 000,000,000 | ---D | M] -- C:\Users\Gülcem\AppData\Roaming\LimeWire
[2012.09.03 00:42:25 | 000,000,000 | ---D | M] -- C:\Users\Gülcem\AppData\Roaming\MusicNet
[2011.09.03 00:38:44 | 000,000,000 | ---D | M] -- C:\Users\Gülcem\AppData\Roaming\Opera
[2009.08.15 13:15:53 | 000,000,000 | ---D | M] -- C:\Users\Gülcem\AppData\Roaming\Panasonic
[2011.08.16 21:06:46 | 000,000,000 | ---D | M] -- C:\Users\Gülcem\AppData\Roaming\PDF Software
[2008.04.12 17:41:15 | 000,000,000 | ---D | M] -- C:\Users\Gülcem\AppData\Roaming\Printer Info Cache
[2010.10.29 23:26:09 | 000,000,000 | ---D | M] -- C:\Users\Gülcem\AppData\Roaming\RaceChrono
[2012.01.21 23:14:03 | 000,000,000 | ---D | M] -- C:\Users\Gülcem\AppData\Roaming\Samsung
[2010.10.21 23:16:47 | 000,000,000 | ---D | M] -- C:\Users\Gülcem\AppData\Roaming\Sony
[2012.09.03 01:33:28 | 000,000,000 | ---D | M] -- C:\Users\Gülcem\AppData\Roaming\Teleca
[2012.04.16 22:11:20 | 000,000,000 | ---D | M] -- C:\Users\Gülcem\AppData\Roaming\Temp
[2012.03.05 18:34:50 | 000,000,000 | ---D | M] -- C:\Users\Gülcem\AppData\Roaming\Template
[2010.01.29 22:00:22 | 000,000,000 | ---D | M] -- C:\Users\Gülcem\AppData\Roaming\TuneUp Software
[2012.04.10 11:53:55 | 000,000,000 | ---D | M] -- C:\Users\Gülcem\AppData\Roaming\UAs
[2012.04.10 11:53:56 | 000,000,000 | ---D | M] -- C:\Users\Gülcem\AppData\Roaming\xmldm
========== Purity Check ==========
< End of report >
Code:
ATTFilter OTL Extras logfile created on: 07.10.2012 09:49:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gülcem\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,09 Gb Available Physical Memory | 54,77% Memory free
4,22 Gb Paging File | 3,16 Gb Available in Paging File | 74,73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 139,74 Gb Total Space | 4,83 Gb Free Space | 3,46% Space Free | Partition Type: NTFS
Computer Name: GÜLCEM-PC | User Name: Gülcem | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [BIPA FotoShop] -- "C:\Program Files\BIPA\BIPA FotoShop\BIPA FotoShop.exe" "%1" ()
Directory [CEWE FOTOSCHAU] -- "C:\Program Files\BIPA\BIPA FotoShop\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01FBDAAA-2673-41C9-9242-A60810CEF2A1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{11C86D80-8C38-40C1-A570-3C1594A01D7A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{23D1AD7F-623B-476E-AD89-F5D14DD99139}" = lport=2869 | protocol=6 | dir=in | app=system |
"{44031E40-2489-4512-9B6E-42824D57038D}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{5CADD695-7BFD-4744-AC98-DF374887FE0E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5CFE43E5-7B97-4F08-9E1F-D5C5AD4FAB9C}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{73E91672-0019-4A4C-97A3-F3217AFCB0D5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8335A3AD-3F21-4A4F-9DDC-01BC8C4A3CE0}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{8B118E25-52DD-4803-A58C-31E63388AA99}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CF24AB03-D289-43C2-B5F2-640308E74E59}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{EB991B2E-8D3B-4F9D-932C-26BF5B970DD8}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{F1624BB8-1D27-4806-854E-A02CF4DE4C2D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{F212B4A8-40F5-4A04-BDF7-FDAD36746A3C}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00F2480B-88EE-4042-A20B-9EF3833803AD}" = protocol=6 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe |
"{090BBDCD-794E-4910-9718-8F9569D3AE2B}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{12357617-479F-4447-BD51-215B0B0DDB10}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{15EA587D-85F5-41C7-959C-63573F8E7334}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |
"{1961C05C-F484-48DC-B302-EE2D73C2CE11}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{1DABFC9E-493D-432F-9946-92FA8539DABA}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{1E82DB71-3F28-4982-8E0C-654997DCB599}" = protocol=17 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{20873A1E-CD3E-4647-BD91-CEF498C288A7}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{392DC4D0-DEF7-42D1-AFA5-ACA6210D9C4B}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{3FF2F56E-0ACE-477B-958D-752F30232097}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{433C4077-1D81-407D-9EA1-084DCCB8B93B}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{4392BA08-600E-4CB3-86B7-B816444C35AA}" = protocol=17 | dir=in | app=c:\program files\stat-ease\dx8trial\dx8trial.exe |
"{47C6E083-4657-4703-AA61-0C3F3CA9948F}" = protocol=17 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe |
"{5E43397E-5C7D-4641-9EED-467704ABE9B4}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{74B77C1F-303D-4124-980B-2E6978B095CC}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{7860A1CB-23FE-4283-8910-F1ED8518E3AB}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{793FA844-409F-442F-BA30-515B3C862A97}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |
"{7BD731DC-FA48-4C35-A3B3-A303569D402C}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{8C70EBC2-DA63-42EA-84AC-93DB882CBE49}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{A7B0B326-F787-4391-8185-C7065F257DE4}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |
"{AA9ACF76-5986-40BB-B984-D43E64E28B33}" = protocol=17 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe |
"{ACCB5FF5-178E-434A-82AC-35E5425168F5}" = protocol=6 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{B63187D3-6EC0-4EEA-8D4A-BEAD8AB79937}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{B8E5013B-0098-4614-99E0-0B10BB0272CF}" = dir=in | app=c:\program files\samsung\allshare\allshare.exe |
"{BE1C8F80-5DF4-44B0-BFA5-D6B14E9F5940}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |
"{D062CF63-0E3A-47DE-BDC2-5C2328F7BC4C}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{D36F342A-C3E3-4DA3-A3F0-663100CEC073}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{E4BCCD39-101D-4759-B505-0677E3F528BA}" = protocol=6 | dir=in | app=c:\program files\stat-ease\dx8trial\dx8trial.exe |
"{E4DBB417-2B59-4D3A-9E71-1B16ACA1D298}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{E52FB282-C2C6-4F67-B97E-C6E7717E0618}" = dir=in | app=c:\program files\samsung\allshare\allsharedms\allsharedms.exe |
"{EA290449-5166-4159-9033-F125260E84FB}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{EAFEB6A2-1AFF-46A8-9D3B-11AD56D53EB5}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{EF93BA34-B0FB-4AE3-893A-57A278DAAE52}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{F481F75E-0782-4382-8284-C7EA5FE7C407}" = protocol=6 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe |
"{F49DCDFF-0250-4EDC-8DEA-8F7196741075}" = dir=in | app=c:\program files\samsung\allshare\allshareagent.exe |
"{FBE5DD8B-1679-4627-AD0C-4CE94C796326}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{FDC45DF6-2FBA-4684-8BA3-341DD354F03A}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"TCP Query User{3E4C7040-CE80-4BB8-96B8-256C978A44F9}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{60ACF760-9318-4400-8117-3A6DDF558FBE}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{6FC7A302-8480-42B2-A474-55B3F1E1A1F3}C:\program files\imesh applications\imesh\imesh.exe" = protocol=6 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe |
"TCP Query User{C978ADCB-ECDC-46D8-A578-A27E76BE0265}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{D4DB3F83-0C69-4A36-A66D-51E9CA4F97AF}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{00B55852-1B2C-42FD-A193-883EE31C9B34}C:\program files\imesh applications\imesh\imesh.exe" = protocol=17 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe |
"UDP Query User{2E3B29B7-6540-4EEB-BF0C-0769712F36C9}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{37017903-04B3-4C3F-A553-9C716A3100EC}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{6AFE7653-1419-4A11-B473-D21D7F4DC0ED}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{D7B6BBBF-07B4-49BF-994C-08E1E1A18611}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (VAIO_VEDB)
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{0F022A2E-7022-497D-90A5-0F46746D8275}" = Macromedia Extension Manager
"{13702021-43FB-480C-912F-D9B74A538288}" = OpenProj
"{1417F599-1DBD-4499-9375-B2813E9F890C}" = VAIO Camera Utility
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{17C7703E-0B2A-4593-9CB7-E2FE14B6F8EA}" = Sony Snymsico for Vista
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24960AC2-C413-4A86-B1C1-E4CCADCA44D3}" = VAIO Information FLOW
"{25569723-DC5A-4467-A639-79535BF01B71}" = Adobe Help Center 2.1
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 26
"{282E5AB2-8E47-4571-B6FA-6B512555B557}" = HP Photosmart.All-In-One Driver Software 8.0 .A
"{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}" = Wireless Switch Setting Utility
"{2A2FF7F5-6F0E-4A5D-A881-39365E718BD6}" = VAIO Cozy Orange Wallpaper
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{3248F0A8-6813-11D6-A77B-00B0D0150070}" = J2SE Runtime Environment 5.0 Update 7
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{44025BD7-AD10-4769-99AE-6378FD0303D6}" = Macromedia Dreamweaver 8
"{44F5A980-8A6B-4aca-8D85-EFCE5D67D379}" = AIO_CDA_ProductContext
"{497A1721-088F-41EF-8876-B43C9DA5528B}" = ArcSoft Software Suite
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{500162A0-4DD5-460A-BAFD-895AAE48C532}" = VAIO Media Content Collection 6.0
"{55B781F0-060E-11D4-99D7-00C04FCCB775}" =
"{560F6B2E-F0DF-44E5-8190-A4A161F0E205}" = VAIO Media 6.0
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}" = VAIO Media Redistribution 6.0
"{59452470-A902-477F-9338-9B88101681BD}" = Setting Utility Series
"{5958CAC6-373E-402F-84FE-0A699AA920B9}" = LAN Setting Utility
"{5E343EF6-D27C-4CFC-9FAE-9AAFB541BCEE}" = VAIO Photo 2007
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{6332AFF1-9D9A-429C-AA03-F82749FA4F49}" = SonicStage Mastering Studio
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D2576EC-A0E9-418A-A09A-409933A3B6F4}" = VAIO Camera Capture Utility
"{6EF75643-E1C3-4954-AC7D-FCEE1656D800}" = Microsoft WSE 2.0 Runtime
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{785EB1D4-ECEC-4195-99B4-73C47E187721}" = VAIO Media Integrated Server 6.0
"{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7FB12670-0F93-4E1E-B2F5-4F339199A03A}" = Microsoft SQL Server Native Client
"{8355F970-601D-442D-A79B-1D7DB4F24CAD}" = Apple Mobile Device Support
"{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}" = VAIO Update 4
"{849A32C3-E75A-4791-9B11-E568BA3525A4}" = Microsoft SQL Server VSS Writer
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8CD0B297-122D-4718-9CE1-B72E796F7B21}" = Sony Ericsson Media Manager 1.2
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROPLUS_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROPLUS_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00B2-0407-0000-0000000FF1CE}" = Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme
"{934A3213-1CB6-4264-84A2-EE080C017BCA}" = VAIO Tender Green Wallpaper
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{97260AE9-A1EE-492E-8DCC-FD0AFF785720}" =
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{97BCD719-6ECB-458F-97D6-F38D2E07375E}" = VAIO Aqua Breeze Wallpaper
"{994223F3-A99B-4DDD-9E1D-0190A17C6860}" = Windows Live Family Safety
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A9DBEBC-C800-4776-A970-D76D6AA405B1}" = PHOTOfunSTUDIO HD Edition
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}" = SonicStage Mastering Studio Plug-Ins
"{9C97C74E-4FA8-4995-86EE-55B0DFF498F7}" = RaceChrono
"{9E319E96-ED8E-4B01-9775-C521A1869A25}" = VAIO Power Management
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 4.2
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A947C2B3-7445-42C4-9063-EE704CACCB22}" = VAIO Hardware Diagnostics
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1031-7B44-A80000000002}" = Adobe Reader 8 - Deutsch
"{AF1C9345-B53D-4110-BFBF-A0DD83AEAB83}" = AIO_CDA_Software
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 6.0
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C183A21C-395A-490F-99D4-CCAB35E32859}" =
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DBCD7A88-D79E-4CC5-98A3-3B7330AF6B63}" = OpenOffice.org 2.1
"{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}" = SonicStage Mastering Studio Audio Filter
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (INVENTORCONTENT)
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E2B38044-AEF2-40AF-BDD8-FEDE799A8633}" =
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E809063C-51A3-4269-8984-D1EB742F2151}" = Click to DVD 2.6.00
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{EC37A846-53AC-4DA7-98FA-76A4E74AA900}" = Benutzerdefinierte Voreinstellungen für SonicStage Mastering Studio Audio Filter
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.094
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FC37C108-821D-4EDE-8F40-D5B497586805}" = VAIO Control Center
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"BearShare 2 MediaBar" = MediaBar
"BIPA FotoShop" = BIPA FotoShop
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"Design-Expert 8.0.6 Trial " = Design-Expert 8.0.6 Trial
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.17.319
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mobile Partner" = Mobile Partner
"NVIDIA Drivers" = NVIDIA Drivers
"Opera 12.02.1578" = Opera 12.02
"PROPLUS" = Microsoft Office Professional Plus 2007
"PROSet" = Intel(R) PRO Network Connections Drivers
"QRacing" = QRacing V3.2.2
"SLABCOMM&10C4&EA60" = Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)
"Uninstall_is1" = Uninstall 1.0.0.1
"Update Engine" = Sony Ericsson Update Engine
"Update Service" = Sony Ericsson Update Service
"Viewpoint Manager" = Viewpoint Manager (Remove Only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"WBS Chart Pro" = WBS Chart Pro
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 18.09.2012 05:50:14 | Computer Name = Gülcem-PC | Source = LoadPerf | ID = 3012
Description =
Error - 19.09.2012 01:40:10 | Computer Name = Gülcem-PC | Source = LoadPerf | ID = 3012
Description =
Error - 20.09.2012 16:42:08 | Computer Name = Gülcem-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.18928, Zeitstempel
0x4bdfa327, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000,
Ausnahmecode 0xc0000005, Fehleroffset 0x057300c4, Prozess-ID 0x458, Anwendungsstartzeit
01cd977064062cb0.
Error - 23.09.2012 06:31:41 | Computer Name = Gülcem-PC | Source = LoadPerf | ID = 3012
Description =
Error - 25.09.2012 12:40:03 | Computer Name = Gülcem-PC | Source = LoadPerf | ID = 3012
Description =
Error - 06.10.2012 05:11:28 | Computer Name = Gülcem-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6002.18005, Zeitstempel
0x49e01da5, fehlerhaftes Modul SHELL32.dll, Version 6.0.6002.18287, Zeitstempel
0x4c4daf14, Ausnahmecode 0xc0000005, Fehleroffset 0x002d2ecf, Prozess-ID 0xb8c,
Anwendungsstartzeit 01cd9b3b5c517cbc.
Error - 06.10.2012 05:14:02 | Computer Name = Gülcem-PC | Source = LoadPerf | ID = 3012
Description =
Error - 06.10.2012 18:17:06 | Computer Name = Gülcem-PC | Source = EventSystem | ID = 4609
Description =
Error - 06.10.2012 18:31:21 | Computer Name = Gülcem-PC | Source = ESENT | ID = 455
Description = Catalog Database (1472) Catalog Database: Fehler -1811 beim Öffnen
von Protokolldatei C:\Windows\system32\CatRoot2\edb00173.log.
Error - 06.10.2012 18:31:22 | Computer Name = Gülcem-PC | Source = Microsoft-Windows-CAPI2 | ID = 131329
Description =
[ Media Center Events ]
Error - 16.04.2008 03:01:11 | Computer Name = Gülcem-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: Download von Paket MCESpotlight
gescheitert.
Error - 18.04.2008 08:34:17 | Computer Name = Gülcem-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: Download von Paket MCESpotlight
gescheitert.
[ OSession Events ]
Error - 05.04.2011 17:53:52 | Computer Name = Gülcem-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 212
seconds with 180 seconds of active time. This session ended with a crash.
Error - 08.05.2011 17:37:19 | Computer Name = Gülcem-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 207
seconds with 60 seconds of active time. This session ended with a crash.
Error - 27.11.2011 16:26:19 | Computer Name = Gülcem-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 3381
seconds with 1920 seconds of active time. This session ended with a crash.
Error - 13.12.2011 04:11:37 | Computer Name = Gülcem-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 752
seconds with 720 seconds of active time. This session ended with a crash.
Error - 27.03.2012 17:26:18 | Computer Name = Gülcem-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 74
seconds with 60 seconds of active time. This session ended with a crash.
Error - 28.03.2012 14:01:45 | Computer Name = Gülcem-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 247
seconds with 180 seconds of active time. This session ended with a crash.
Error - 29.03.2012 15:23:59 | Computer Name = Gülcem-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 68
seconds with 60 seconds of active time. This session ended with a crash.
Error - 08.04.2012 19:08:19 | Computer Name = Gülcem-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 8077
seconds with 60 seconds of active time. This session ended with a crash.
Error - 10.04.2012 05:50:54 | Computer Name = Gülcem-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 40758
seconds with 0 seconds of active time. This session ended with a crash.
Error - 04.05.2012 15:26:48 | Computer Name = Gülcem-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 45296
seconds with 1260 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 06.10.2012 18:38:26 | Computer Name = Gülcem-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 06.10.2012 18:39:34 | Computer Name = Gülcem-PC | Source = WinDefend | ID = 2004
Description = Beim Laden der Signaturen wurde von %%827 ein Fehler festgestellt.
Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen. Versuchte
Signaturen: %%824 Fehlercode: 0x8050a001 Fehlerbeschreibung: Das Programm kann keine
Definitionsdateien finden, die dazu dienen, unerwünschte Software zu erkennen.
Überprüfen Sie, ob aktualisierte Definitionsdateien vorhanden sind, und versuchen
Sie es dann erneut. Weitere Informationen zum Installieren von Updates finden Sie
unter "Hilfe und Support". Ladende Signaturen: %%825 Ladene Signaturversion: 1.137.876.0
Ladende
Modulversion: 1.1.8800.0
Error - 06.10.2012 18:45:58 | Computer Name = Gülcem-PC | Source = WinDefend | ID = 2004
Description = Beim Laden der Signaturen wurde von %%827 ein Fehler festgestellt.
Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen. Versuchte
Signaturen: %%824 Fehlercode: 0x8050a001 Fehlerbeschreibung: Das Programm kann keine
Definitionsdateien finden, die dazu dienen, unerwünschte Software zu erkennen.
Überprüfen Sie, ob aktualisierte Definitionsdateien vorhanden sind, und versuchen
Sie es dann erneut. Weitere Informationen zum Installieren von Updates finden Sie
unter "Hilfe und Support". Ladende Signaturen: %%825 Ladene Signaturversion: 1.137.876.0
Ladende
Modulversion: 1.1.8800.0
Error - 06.10.2012 18:46:33 | Computer Name = Gülcem-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 06.10.2012 18:46:56 | Computer Name = Gülcem-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 07.10.2012 03:34:00 | Computer Name = Gülcem-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 07.10.2012 03:34:00 | Computer Name = Gülcem-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 07.10.2012 03:35:49 | Computer Name = Gülcem-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 07.10.2012 03:36:54 | Computer Name = Gülcem-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 07.10.2012 03:36:54 | Computer Name = Gülcem-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
Wie bekomme ich die Viren weg? Vielen Dank im voraus! MFG Özi |
|
07.10.2012, 12:14
| #2 | |
| /// TB-Ausbilder   | Österreichischer Polizei Virus nach Movie2k Film Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Zitat:
Du bist u. a. mit einem Trojaner infiziert, der Online Banking und andere Onlinegeschäfte beobachtet und Daten ausspioniert. Halte dich in Zukunft von illegalen Seiten (wie z. B. die von dir genannte) fern, dann bekommst du auch keine derartigen Probleme.  Schritt 1
Schritt 2 Downloade dir bitte Avira RegistryCleaner auf den Desktop.
Schritt 3 Ich sehe in den Logfiles keine laufende Anti Viren Software. Das ist gefährlich. Manchmal bemerkt man Malware durch PopUps oder Google-Umleitungen etc, aber meisten läuft diese unbemerkt im Hintergrund. Ein AVP kann Dir helfen, Malware zu finden. Bitte downloade und Installiere Dir eines der folgenden AVPs. Schritt 4
Schritt 5 Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen. Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
Geändert von M-K-D-B (07.10.2012 um 12:31 Uhr) |
|
08.10.2012, 22:07
| #3 |
| | Österreichischer Polizei Virus nach Movie2k Film Hallo Matthias,
__________________ich habe alle deine schritte gefolgt. es gab keine probleme bis auf den avast, dann habe ich mir aber den microsoft security essentials geholt. hier der report von tdsskiller: Code:
ATTFilter 23:05:22.0747 3668 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
23:05:22.0857 3668 ============================================================
23:05:22.0857 3668 Current date / time: 2012/10/08 23:05:22.0857
23:05:22.0857 3668 SystemInfo:
23:05:22.0857 3668
23:05:22.0857 3668 OS Version: 6.0.6002 ServicePack: 2.0
23:05:22.0857 3668 Product type: Workstation
23:05:22.0857 3668 ComputerName: GÜLCEM-PC
23:05:22.0857 3668 UserName: Gülcem
23:05:22.0857 3668 Windows directory: C:\Windows
23:05:22.0857 3668 System windows directory: C:\Windows
23:05:22.0857 3668 Processor architecture: Intel x86
23:05:22.0857 3668 Number of processors: 2
23:05:22.0857 3668 Page size: 0x1000
23:05:22.0857 3668 Boot type: Normal boot
23:05:22.0857 3668 ============================================================
23:05:32.0669 3668 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:05:32.0731 3668 ============================================================
23:05:32.0731 3668 \Device\Harddisk0\DR0:
23:05:32.0778 3668 MBR partitions:
23:05:32.0778 3668 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x12A0800, BlocksNum 0x11778800
23:05:32.0778 3668 ============================================================
23:05:33.0199 3668 C: <-> \Device\Harddisk0\DR0\Partition1
23:05:33.0199 3668 ============================================================
23:05:33.0199 3668 Initialize success
23:05:33.0199 3668 ============================================================
23:05:40.0240 4144 ============================================================
23:05:40.0240 4144 Scan started
23:05:40.0240 4144 Mode: Manual;
23:05:40.0240 4144 ============================================================
23:05:52.0736 4144 ================ Scan system memory ========================
23:05:52.0736 4144 System memory - ok
23:05:52.0736 4144 ================ Scan services =============================
23:05:53.0750 4144 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
23:05:53.0765 4144 ACDaemon - ok
23:05:59.0350 4144 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
23:05:59.0366 4144 ACPI - ok
23:05:59.0943 4144 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
23:06:00.0380 4144 adp94xx - ok
23:06:00.0442 4144 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
23:06:00.0504 4144 adpahci - ok
23:06:00.0598 4144 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
23:06:00.0801 4144 adpu160m - ok
23:06:00.0848 4144 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
23:06:01.0050 4144 adpu320 - ok
23:06:01.0269 4144 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:06:01.0331 4144 AeLookupSvc - ok
23:06:01.0799 4144 [ A7B8A3A79D35215D798A300DF49ED23F ] Afc C:\Windows\system32\drivers\Afc.sys
23:06:01.0940 4144 Afc - ok
23:06:02.0267 4144 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
23:06:02.0532 4144 AFD - ok
23:06:02.0938 4144 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
23:06:02.0985 4144 agp440 - ok
23:06:03.0375 4144 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
23:06:03.0484 4144 aic78xx - ok
23:06:03.0640 4144 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
23:06:03.0671 4144 ALG - ok
23:06:03.0905 4144 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
23:06:04.0061 4144 aliide - ok
23:06:04.0326 4144 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
23:06:04.0373 4144 amdagp - ok
23:06:04.0467 4144 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
23:06:04.0576 4144 amdide - ok
23:06:04.0654 4144 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
23:06:04.0685 4144 AmdK7 - ok
23:06:04.0950 4144 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
23:06:05.0216 4144 AmdK8 - ok
23:06:05.0403 4144 [ DD8D9C597AF7CD2F6B70A3D6A4A1ACEA ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
23:06:05.0434 4144 androidusb - ok
23:06:05.0684 4144 [ 7C2F57BCE81FA74933F0E1C84A97C9DB ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
23:06:05.0793 4144 ApfiltrService - ok
23:06:06.0214 4144 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
23:06:06.0323 4144 Appinfo - ok
23:06:07.0041 4144 [ 7E94E567C1AA5ABE6174032B3DAB6C23 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
23:06:07.0337 4144 Apple Mobile Device - ok
23:06:07.0431 4144 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
23:06:07.0431 4144 arc - ok
23:06:07.0665 4144 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
23:06:07.0743 4144 arcsas - ok
23:06:08.0117 4144 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:06:08.0133 4144 AsyncMac - ok
23:06:08.0195 4144 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
23:06:08.0195 4144 atapi - ok
23:06:08.0897 4144 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:06:09.0272 4144 AudioEndpointBuilder - ok
23:06:10.0005 4144 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
23:06:10.0020 4144 Audiosrv - ok
23:06:11.0721 4144 [ 7CC8CD6F86054C563E47E7F063CE7A61 ] Autodesk Licensing Service C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
23:06:12.0485 4144 Autodesk Licensing Service - ok
23:06:13.0406 4144 [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
23:06:13.0593 4144 BBSvc - ok
23:06:14.0529 4144 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files\Microsoft\BingBar\SeaPort.EXE
23:06:15.0168 4144 BBUpdate - ok
23:06:15.0543 4144 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
23:06:15.0652 4144 Beep - ok
23:06:16.0323 4144 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
23:06:16.0853 4144 BFE - ok
23:06:17.0072 4144 [ ACC9C8C560C567FAD6F79C977AB2EA09 ] bgsvcgen C:\Windows\System32\bgsvcgen.exe
23:06:17.0571 4144 bgsvcgen - ok
23:06:17.0914 4144 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
23:06:18.0320 4144 BITS - ok
23:06:18.0335 4144 blbdrive - ok
23:06:18.0382 4144 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:06:18.0460 4144 bowser - ok
23:06:18.0522 4144 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
23:06:18.0663 4144 BrFiltLo - ok
23:06:18.0710 4144 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
23:06:18.0725 4144 BrFiltUp - ok
23:06:19.0053 4144 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
23:06:19.0599 4144 Browser - ok
23:06:19.0692 4144 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
23:06:19.0739 4144 Brserid - ok
23:06:19.0942 4144 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
23:06:20.0082 4144 BrSerWdm - ok
23:06:20.0223 4144 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
23:06:20.0332 4144 BrUsbMdm - ok
23:06:20.0379 4144 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
23:06:20.0457 4144 BrUsbSer - ok
23:06:20.0550 4144 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
23:06:20.0566 4144 BTHMODEM - ok
23:06:20.0691 4144 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:06:20.0972 4144 cdfs - ok
23:06:21.0237 4144 [ E0042BD5BEF17A6A3EF1DF576BDE24D1 ] cdrbsdrv C:\Windows\system32\drivers\cdrbsdrv.sys
23:06:21.0455 4144 cdrbsdrv - ok
23:06:21.0658 4144 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:06:21.0689 4144 cdrom - ok
23:06:22.0048 4144 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
23:06:22.0110 4144 CertPropSvc - ok
23:06:22.0266 4144 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
23:06:22.0329 4144 circlass - ok
23:06:22.0812 4144 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
23:06:22.0968 4144 CLFS - ok
23:06:23.0811 4144 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:06:23.0826 4144 clr_optimization_v2.0.50727_32 - ok
23:06:26.0198 4144 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:06:26.0307 4144 clr_optimization_v4.0.30319_32 - ok
23:06:26.0525 4144 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:06:26.0634 4144 CmBatt - ok
23:06:26.0775 4144 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:06:26.0837 4144 cmdide - ok
23:06:27.0102 4144 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:06:27.0180 4144 Compbatt - ok
23:06:27.0196 4144 COMSysApp - ok
23:06:27.0368 4144 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
23:06:27.0414 4144 crcdisk - ok
23:06:27.0555 4144 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
23:06:27.0602 4144 Crusoe - ok
23:06:28.0319 4144 [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:06:28.0928 4144 CryptSvc - ok
23:06:29.0458 4144 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:06:29.0848 4144 DcomLaunch - ok
23:06:30.0020 4144 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:06:30.0098 4144 DfsC - ok
23:06:30.0846 4144 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
23:06:32.0063 4144 DFSR - ok
23:06:32.0188 4144 [ F9F31A9F2A8C0DD0CEB6E380BF0985D4 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
23:06:32.0328 4144 dg_ssudbus - ok
23:06:32.0874 4144 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
23:06:32.0999 4144 Dhcp - ok
23:06:33.0280 4144 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
23:06:33.0296 4144 disk - ok
23:06:33.0545 4144 [ F206E28ED74C491FD5D7C0A1119CE37F ] DMICall C:\Windows\system32\DRIVERS\DMICall.sys
23:06:33.0545 4144 DMICall - ok
23:06:33.0670 4144 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:06:33.0701 4144 Dnscache - ok
23:06:33.0904 4144 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
23:06:34.0107 4144 dot3svc - ok
23:06:34.0450 4144 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
23:06:34.0746 4144 Dot4 - ok
23:06:35.0027 4144 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
23:06:35.0043 4144 Dot4Print - ok
23:06:35.0121 4144 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
23:06:35.0261 4144 dot4usb - ok
23:06:35.0495 4144 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
23:06:35.0526 4144 DPS - ok
23:06:35.0620 4144 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:06:35.0636 4144 drmkaud - ok
23:06:36.0010 4144 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:06:36.0244 4144 DXGKrnl - ok
23:06:36.0572 4144 [ 5C940A174DFB2C42B9F6BA6EDC2BAA0B ] E100B C:\Windows\system32\DRIVERS\e100b325.sys
23:06:37.0086 4144 E100B - ok
23:06:37.0523 4144 [ 7505290504C8E2D172FA378CC0497BCC ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
23:06:37.0804 4144 e1express - ok
23:06:37.0835 4144 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
23:06:37.0944 4144 E1G60 - ok
23:06:38.0178 4144 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
23:06:38.0397 4144 EapHost - ok
23:06:38.0553 4144 easytether - ok
23:06:38.0912 4144 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
23:06:38.0943 4144 Ecache - ok
23:06:39.0286 4144 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:06:39.0442 4144 ehRecvr - ok
23:06:39.0551 4144 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
23:06:39.0551 4144 ehSched - ok
23:06:39.0614 4144 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
23:06:39.0629 4144 ehstart - ok
23:06:39.0863 4144 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
23:06:40.0066 4144 elxstor - ok
23:06:40.0394 4144 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
23:06:40.0752 4144 EMDMgmt - ok
23:06:41.0018 4144 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
23:06:41.0018 4144 EventSystem - ok
23:06:41.0392 4144 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
23:06:41.0595 4144 exfat - ok
23:06:41.0844 4144 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:06:42.0016 4144 fastfat - ok
23:06:42.0110 4144 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:06:42.0203 4144 fdc - ok
23:06:42.0562 4144 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
23:06:42.0624 4144 fdPHost - ok
23:06:42.0702 4144 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
23:06:42.0765 4144 FDResPub - ok
23:06:42.0858 4144 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:06:42.0874 4144 FileInfo - ok
23:06:42.0936 4144 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:06:43.0046 4144 Filetrace - ok
23:06:43.0139 4144 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:06:43.0217 4144 flpydisk - ok
23:06:43.0311 4144 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:06:43.0389 4144 FltMgr - ok
23:06:44.0309 4144 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
23:06:45.0604 4144 FontCache - ok
23:06:45.0744 4144 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:06:45.0760 4144 FontCache3.0.0.0 - ok
23:06:45.0869 4144 [ B74B0578FD1D3F897E95F2A2B69EA051 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
23:06:45.0932 4144 fssfltr - ok
23:06:46.0368 4144 [ 206AD9A89BF05DFA1621F1FC7B82592D ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
23:06:46.0883 4144 fsssvc - ok
23:06:47.0133 4144 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:06:47.0164 4144 Fs_Rec - ok
23:06:47.0273 4144 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
23:06:47.0304 4144 gagp30kx - ok
23:06:47.0398 4144 GEARAspiWDM - ok
23:06:47.0757 4144 [ 9599A713E1776B8F69300FC9008F33C1 ] getPlusHelper C:\Program Files\NOS\bin\getPlus_Helper.dll
23:06:47.0882 4144 getPlusHelper - ok
23:06:48.0194 4144 [ 007AEA2E06E7CEF7372E40C277163959 ] ggflt C:\Windows\system32\DRIVERS\ggflt.sys
23:06:48.0225 4144 ggflt - ok
23:06:48.0287 4144 [ C73DE35960CA75C5AB4AE636B127C64E ] ggsemc C:\Windows\system32\DRIVERS\ggsemc.sys
23:06:48.0350 4144 ggsemc - ok
23:06:48.0833 4144 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
23:06:49.0598 4144 gpsvc - ok
23:06:49.0832 4144 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:06:50.0003 4144 HdAudAddService - ok
23:06:50.0268 4144 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:06:50.0658 4144 HDAudBus - ok
23:06:50.0721 4144 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
23:06:50.0752 4144 HidBth - ok
23:06:50.0830 4144 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
23:06:50.0908 4144 HidIr - ok
23:06:51.0126 4144 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
23:06:51.0158 4144 hidserv - ok
23:06:51.0204 4144 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:06:51.0251 4144 HidUsb - ok
23:06:51.0392 4144 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:06:51.0423 4144 hkmsvc - ok
23:06:51.0641 4144 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
23:06:51.0704 4144 HpCISSs - ok
23:06:53.0123 4144 [ 682358F730B84B63E09C6B4EDC1DE7AE ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
23:06:53.0232 4144 hpqcxs08 - ok
23:06:53.0357 4144 [ 2E7BEE4AA776CF1C37836B26D1D29403 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
23:06:53.0591 4144 hpqddsvc - ok
23:06:54.0122 4144 [ 53229DCF431D76434816CD29251168A0 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
23:06:55.0260 4144 HSF_DPV - ok
23:06:55.0307 4144 [ 31F949D452201F2F0AF0C88D7DB512CD ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
23:06:55.0619 4144 HSXHWAZL - ok
23:06:55.0791 4144 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:06:55.0900 4144 HTTP - ok
23:06:56.0228 4144 [ 19E6885A061011D8DABE8F64498423FA ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
23:06:56.0243 4144 hwdatacard - ok
23:06:56.0462 4144 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
23:06:56.0727 4144 i2omp - ok
23:06:57.0101 4144 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
23:06:57.0210 4144 i8042prt - ok
23:06:57.0460 4144 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
23:06:57.0616 4144 iaStorV - ok
23:06:57.0990 4144 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
23:06:58.0131 4144 IDriverT - ok
23:06:58.0490 4144 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:06:58.0958 4144 idsvc - ok
23:06:59.0020 4144 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
23:06:59.0082 4144 iirsp - ok
23:06:59.0301 4144 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
23:06:59.0535 4144 IKEEXT - ok
23:06:59.0582 4144 [ 97469037714070E45194ED318D636401 ] intelide C:\Windows\system32\drivers\intelide.sys
23:06:59.0644 4144 intelide - ok
23:06:59.0800 4144 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:06:59.0831 4144 intelppm - ok
23:06:59.0909 4144 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:06:59.0956 4144 IPBusEnum - ok
23:07:00.0096 4144 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:07:00.0159 4144 IpFilterDriver - ok
23:07:00.0377 4144 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:07:00.0549 4144 iphlpsvc - ok
23:07:00.0549 4144 IpInIp - ok
23:07:00.0611 4144 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
23:07:00.0752 4144 IPMIDRV - ok
23:07:00.0845 4144 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
23:07:01.0188 4144 IPNAT - ok
23:07:01.0344 4144 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:07:01.0485 4144 IRENUM - ok
23:07:01.0578 4144 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:07:01.0672 4144 isapnp - ok
23:07:01.0859 4144 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
23:07:02.0062 4144 iScsiPrt - ok
23:07:02.0124 4144 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
23:07:02.0156 4144 iteatapi - ok
23:07:02.0405 4144 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
23:07:02.0483 4144 iteraid - ok
23:07:02.0577 4144 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:07:02.0639 4144 kbdclass - ok
23:07:03.0092 4144 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:07:03.0107 4144 kbdhid - ok
23:07:03.0294 4144 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
23:07:03.0357 4144 KeyIso - ok
23:07:03.0528 4144 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:07:03.0965 4144 KSecDD - ok
23:07:04.0340 4144 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
23:07:04.0433 4144 KtmRm - ok
23:07:04.0714 4144 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
23:07:04.0808 4144 LanmanServer - ok
23:07:05.0026 4144 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:07:05.0104 4144 LanmanWorkstation - ok
23:07:05.0229 4144 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:07:05.0244 4144 lltdio - ok
23:07:05.0416 4144 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:07:05.0432 4144 lltdsvc - ok
23:07:05.0478 4144 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:07:05.0525 4144 lmhosts - ok
23:07:05.0588 4144 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
23:07:05.0728 4144 LSI_FC - ok
23:07:05.0822 4144 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
23:07:05.0837 4144 LSI_SAS - ok
23:07:05.0946 4144 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
23:07:06.0102 4144 LSI_SCSI - ok
23:07:06.0227 4144 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
23:07:06.0287 4144 luafv - ok
23:07:06.0487 4144 [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
23:07:06.0607 4144 MBAMProtector - ok
23:07:07.0297 4144 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
23:07:07.0447 4144 MBAMScheduler - ok
23:07:07.0847 4144 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
23:07:08.0017 4144 MBAMService - ok
23:07:08.0117 4144 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\Windows\system32\drivers\mbamswissarmy.sys
23:07:08.0137 4144 MBAMSwissArmy - ok
23:07:08.0197 4144 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:07:08.0308 4144 Mcx2Svc - ok
23:07:08.0340 4144 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
23:07:08.0355 4144 mdmxsdk - ok
23:07:08.0418 4144 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
23:07:08.0480 4144 megasas - ok
23:07:08.0511 4144 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
23:07:08.0605 4144 MMCSS - ok
23:07:08.0683 4144 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
23:07:08.0714 4144 Modem - ok
23:07:08.0808 4144 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:07:08.0808 4144 monitor - ok
23:07:08.0901 4144 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:07:08.0917 4144 mouclass - ok
23:07:08.0995 4144 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:07:08.0995 4144 mouhid - ok
23:07:09.0057 4144 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
23:07:09.0057 4144 MountMgr - ok
23:07:09.0322 4144 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
23:07:09.0338 4144 MpFilter - ok
23:07:09.0385 4144 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
23:07:09.0416 4144 mpio - ok
23:07:09.0541 4144 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:07:09.0588 4144 mpsdrv - ok
23:07:09.0712 4144 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
23:07:09.0822 4144 MpsSvc - ok
23:07:09.0868 4144 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
23:07:09.0884 4144 Mraid35x - ok
23:07:09.0962 4144 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:07:10.0009 4144 MRxDAV - ok
23:07:10.0212 4144 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:07:10.0227 4144 mrxsmb - ok
23:07:10.0368 4144 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:07:10.0383 4144 mrxsmb10 - ok
23:07:10.0492 4144 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:07:10.0555 4144 mrxsmb20 - ok
23:07:10.0602 4144 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
23:07:10.0602 4144 msahci - ok
23:07:10.0695 4144 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:07:10.0758 4144 msdsm - ok
23:07:10.0929 4144 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
23:07:10.0976 4144 MSDTC - ok
23:07:11.0148 4144 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:07:11.0148 4144 Msfs - ok
23:07:11.0241 4144 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:07:11.0257 4144 msisadrv - ok
23:07:11.0304 4144 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:07:11.0382 4144 MSiSCSI - ok
23:07:11.0382 4144 msiserver - ok
23:07:11.0475 4144 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:07:11.0491 4144 MSKSSRV - ok
23:07:11.0584 4144 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
23:07:11.0584 4144 MsMpSvc - ok
23:07:11.0631 4144 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:07:11.0662 4144 MSPCLOCK - ok
23:07:11.0694 4144 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:07:11.0756 4144 MSPQM - ok
23:07:11.0865 4144 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:07:11.0881 4144 MsRPC - ok
23:07:12.0006 4144 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
23:07:12.0037 4144 mssmbios - ok
23:07:12.0224 4144 MSSQL$INVENTORCONTENT - ok
23:07:12.0349 4144 MSSQL$VAIO_VEDB - ok
23:07:12.0411 4144 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
23:07:12.0411 4144 MSSQLServerADHelper - ok
23:07:12.0474 4144 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:07:12.0474 4144 MSTEE - ok
23:07:12.0520 4144 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
23:07:12.0552 4144 Mup - ok
23:07:12.0770 4144 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
23:07:12.0786 4144 napagent - ok
23:07:12.0895 4144 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:07:12.0910 4144 NativeWifiP - ok
23:07:13.0082 4144 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:07:13.0160 4144 NDIS - ok
23:07:13.0347 4144 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:07:13.0394 4144 NdisTapi - ok
23:07:13.0472 4144 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:07:13.0472 4144 Ndisuio - ok
23:07:13.0566 4144 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:07:13.0581 4144 NdisWan - ok
23:07:13.0659 4144 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:07:13.0659 4144 NDProxy - ok
23:07:13.0722 4144 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
23:07:13.0722 4144 Net Driver HPZ12 - ok
23:07:13.0753 4144 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:07:13.0753 4144 NetBIOS - ok
23:07:13.0800 4144 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
23:07:13.0893 4144 netbt - ok
23:07:13.0940 4144 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
23:07:13.0940 4144 Netlogon - ok
23:07:14.0065 4144 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
23:07:14.0096 4144 Netman - ok
23:07:14.0174 4144 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
23:07:14.0174 4144 netprofm - ok
23:07:14.0221 4144 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:07:14.0221 4144 NetTcpPortSharing - ok
23:07:14.0408 4144 [ ACC6170D80C69E50145B370023B64ED3 ] NETw3v32 C:\Windows\system32\DRIVERS\NETw3v32.sys
23:07:14.0782 4144 NETw3v32 - ok
23:07:14.0798 4144 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
23:07:14.0798 4144 nfrd960 - ok
23:07:14.0860 4144 [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
23:07:14.0892 4144 NisDrv - ok
23:07:14.0938 4144 [ 3B846434055F80D9E89D0742F3ADAD34 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
23:07:14.0938 4144 NisSrv - ok
23:07:15.0001 4144 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:07:15.0032 4144 NlaSvc - ok
23:07:15.0157 4144 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:07:15.0157 4144 Npfs - ok
23:07:15.0235 4144 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
23:07:15.0250 4144 nsi - ok
23:07:15.0282 4144 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:07:15.0406 4144 nsiproxy - ok
23:07:15.0812 4144 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:07:16.0514 4144 Ntfs - ok
23:07:16.0608 4144 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
23:07:16.0670 4144 ntrigdigi - ok
23:07:16.0826 4144 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
23:07:16.0842 4144 Null - ok
23:07:18.0246 4144 [ B02587FA997723297384C95F424E78FA ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:07:20.0383 4144 nvlddmkm - ok
23:07:20.0430 4144 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:07:20.0461 4144 nvraid - ok
23:07:20.0539 4144 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:07:20.0554 4144 nvstor - ok
23:07:20.0601 4144 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:07:20.0601 4144 nv_agp - ok
23:07:20.0617 4144 NwlnkFlt - ok
23:07:20.0617 4144 NwlnkFwd - ok
23:07:21.0256 4144 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:07:21.0506 4144 odserv - ok
23:07:21.0662 4144 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
23:07:21.0709 4144 ohci1394 - ok
23:07:22.0224 4144 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:07:22.0348 4144 ose - ok
23:07:22.0738 4144 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
23:07:22.0832 4144 p2pimsvc - ok
23:07:22.0863 4144 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
23:07:22.0863 4144 p2psvc - ok
23:07:22.0941 4144 [ 8A79FDF04A73428597E2CAF9D0D67850 ] Parport C:\Windows\system32\DRIVERS\parport.sys
23:07:22.0941 4144 Parport - ok
23:07:23.0004 4144 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:07:23.0004 4144 partmgr - ok
23:07:23.0050 4144 [ 6C580025C81CAF3AE9E3617C22CAD00E ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
23:07:23.0066 4144 Parvdm - ok
23:07:23.0128 4144 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
23:07:23.0128 4144 PcaSvc - ok
23:07:23.0238 4144 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
23:07:23.0253 4144 pci - ok
23:07:23.0284 4144 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\DRIVERS\pciide.sys
23:07:23.0300 4144 pciide - ok
23:07:23.0378 4144 [ 3BB2244F343B610C29C98035504C9B75 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
23:07:23.0378 4144 pcmcia - ok
23:07:23.0612 4144 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:07:23.0643 4144 PEAUTH - ok
23:07:23.0908 4144 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
23:07:24.0018 4144 pla - ok
23:07:24.0064 4144 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:07:24.0064 4144 PlugPlay - ok
23:07:24.0127 4144 [ 79834AA2FBF9FE81EEBB229024F6F7FC ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
23:07:24.0142 4144 Pml Driver HPZ12 - ok
23:07:24.0220 4144 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
23:07:24.0236 4144 PNRPAutoReg - ok
23:07:24.0252 4144 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
23:07:24.0252 4144 PNRPsvc - ok
23:07:24.0361 4144 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:07:24.0813 4144 PolicyAgent - ok
23:07:25.0000 4144 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:07:25.0032 4144 PptpMiniport - ok
23:07:25.0172 4144 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
23:07:25.0328 4144 Processor - ok
23:07:25.0624 4144 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
23:07:25.0812 4144 ProfSvc - ok
23:07:25.0905 4144 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
23:07:25.0905 4144 ProtectedStorage - ok
23:07:26.0077 4144 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
23:07:26.0108 4144 PSched - ok
23:07:26.0311 4144 [ 1962166E0CEB740704F30FA55AD3D509 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
23:07:26.0326 4144 PxHelp20 - ok
23:07:26.0857 4144 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
23:07:27.0309 4144 ql2300 - ok
23:07:27.0403 4144 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
23:07:27.0528 4144 ql40xx - ok
23:07:27.0715 4144 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
23:07:27.0949 4144 QWAVE - ok
23:07:28.0042 4144 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:07:28.0042 4144 QWAVEdrv - ok
23:07:28.0136 4144 [ F2B3E0E54817BECDEDBC095B25DAA248 ] R5U870FLx86 C:\Windows\system32\Drivers\R5U870FLx86.sys
23:07:28.0167 4144 R5U870FLx86 - ok
23:07:28.0198 4144 [ 5F598E844E7A465932507314444BD97A ] R5U870FUx86 C:\Windows\system32\Drivers\R5U870FUx86.sys
23:07:28.0198 4144 R5U870FUx86 - ok
23:07:28.0323 4144 [ 70DBDAB246C18B78E2200D6401D038BE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
23:07:28.0370 4144 RapiMgr - ok
23:07:28.0573 4144 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:07:28.0588 4144 RasAcd - ok
23:07:28.0698 4144 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
23:07:28.0698 4144 RasAuto - ok
23:07:28.0760 4144 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:07:28.0776 4144 Rasl2tp - ok
23:07:28.0885 4144 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
23:07:28.0978 4144 RasMan - ok
23:07:29.0041 4144 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:07:29.0072 4144 RasPppoe - ok
23:07:29.0212 4144 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:07:29.0259 4144 RasSstp - ok
23:07:29.0368 4144 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:07:29.0384 4144 rdbss - ok
23:07:29.0431 4144 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:07:29.0431 4144 RDPCDD - ok
23:07:29.0509 4144 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
23:07:29.0587 4144 rdpdr - ok
23:07:29.0634 4144 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:07:29.0634 4144 RDPENCDD - ok
23:07:29.0696 4144 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:07:29.0805 4144 RDPWD - ok
23:07:29.0914 4144 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:07:29.0946 4144 RemoteAccess - ok
23:07:29.0992 4144 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:07:30.0039 4144 RemoteRegistry - ok
23:07:30.0117 4144 [ 75E8A6BFA7374ABA833AE92BF41AE4E6 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
23:07:30.0117 4144 ROOTMODEM - ok
23:07:30.0148 4144 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
23:07:30.0148 4144 RpcLocator - ok
23:07:30.0304 4144 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
23:07:30.0320 4144 RpcSs - ok
23:07:30.0429 4144 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:07:30.0570 4144 rspndr - ok
23:07:30.0679 4144 [ A4925151F1372A45DD491DA2A43C27B8 ] s1018bus C:\Windows\system32\DRIVERS\s1018bus.sys
23:07:30.0772 4144 s1018bus - ok
23:07:30.0804 4144 [ DD17284BEB4301AABC6181FD2C78907F ] s1018mdfl C:\Windows\system32\DRIVERS\s1018mdfl.sys
23:07:30.0835 4144 s1018mdfl - ok
23:07:30.0850 4144 [ AEE74BFE0903C672C2968DFE22DF09B8 ] s1018mdm C:\Windows\system32\DRIVERS\s1018mdm.sys
23:07:30.0850 4144 s1018mdm - ok
23:07:30.0882 4144 [ FE8F006BB157F1F1B6627C39B640F62D ] s1018mgmt C:\Windows\system32\DRIVERS\s1018mgmt.sys
23:07:30.0897 4144 s1018mgmt - ok
23:07:30.0944 4144 [ BC12A5DA59D947FC564A72EF6021AAEC ] s1018nd5 C:\Windows\system32\DRIVERS\s1018nd5.sys
23:07:30.0944 4144 s1018nd5 - ok
23:07:31.0116 4144 [ 80F0597A1CEB93AAF5DB779068DD702C ] s1018obex C:\Windows\system32\DRIVERS\s1018obex.sys
23:07:31.0131 4144 s1018obex - ok
23:07:31.0209 4144 [ 2BA5F7A26FCB975574B0142B5052685E ] s1018unic C:\Windows\system32\DRIVERS\s1018unic.sys
23:07:31.0209 4144 s1018unic - ok
23:07:31.0272 4144 [ 06847AA6F3A9BF7C44134D00A2E578C0 ] s125bus C:\Windows\system32\DRIVERS\s125bus.sys
23:07:31.0303 4144 s125bus - ok
23:07:31.0396 4144 [ F83F88E1B125308FB5015EA0349502B0 ] s125mdfl C:\Windows\system32\DRIVERS\s125mdfl.sys
23:07:31.0443 4144 s125mdfl - ok
23:07:31.0521 4144 [ 402A97756C14940AD6AE5169C2FB105E ] s125mdm C:\Windows\system32\DRIVERS\s125mdm.sys
23:07:31.0537 4144 s125mdm - ok
23:07:31.0630 4144 [ 82B14C51DE76825EC769A6374E4C57D6 ] s125mgmt C:\Windows\system32\DRIVERS\s125mgmt.sys
23:07:31.0693 4144 s125mgmt - ok
23:07:31.0740 4144 [ BEDFC5707C356FD073BF1A4AFE442D91 ] s125obex C:\Windows\system32\DRIVERS\s125obex.sys
23:07:31.0786 4144 s125obex - ok
23:07:31.0818 4144 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
23:07:31.0818 4144 SamSs - ok
23:07:32.0254 4144 [ 8325093BDAE38247A8482AB0A1BC37CE ] SamsungAllShareV2.0 C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
23:07:32.0254 4144 SamsungAllShareV2.0 - ok
23:07:32.0426 4144 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:07:32.0504 4144 sbp2port - ok
23:07:32.0566 4144 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:07:32.0582 4144 SCardSvr - ok
23:07:32.0707 4144 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
23:07:32.0738 4144 Schedule - ok
23:07:32.0785 4144 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
23:07:32.0785 4144 SCPolicySvc - ok
23:07:32.0894 4144 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:07:32.0956 4144 SDRSVC - ok
23:07:33.0097 4144 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:07:33.0112 4144 secdrv - ok
23:07:33.0159 4144 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
23:07:33.0190 4144 seclogon - ok
23:07:33.0284 4144 [ E5B56569A9F79B70314FEDE6C953641E ] seehcri C:\Windows\system32\DRIVERS\seehcri.sys
23:07:33.0284 4144 seehcri - ok
23:07:33.0300 4144 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
23:07:33.0300 4144 SENS - ok
23:07:33.0331 4144 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
23:07:33.0346 4144 Serenum - ok
23:07:33.0378 4144 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
23:07:33.0378 4144 Serial - ok
23:07:33.0409 4144 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
23:07:33.0409 4144 sermouse - ok
23:07:33.0456 4144 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
23:07:33.0487 4144 SessionEnv - ok
23:07:33.0518 4144 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:07:33.0518 4144 sffdisk - ok
23:07:33.0534 4144 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:07:33.0534 4144 sffp_mmc - ok
23:07:33.0549 4144 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:07:33.0549 4144 sffp_sd - ok
23:07:33.0565 4144 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
23:07:33.0596 4144 sfloppy - ok
23:07:33.0768 4144 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:07:33.0892 4144 SharedAccess - ok
23:07:34.0002 4144 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:07:34.0048 4144 ShellHWDetection - ok
23:07:34.0220 4144 [ 4CDAF939DF995B0EEFD91E069BFDA30D ] SI3132 C:\Windows\system32\DRIVERS\SI3132.sys
23:07:34.0251 4144 SI3132 - ok
23:07:34.0360 4144 [ E2BC0802646A08A443EE17A43DCBB68A ] SiFilter C:\Windows\system32\drivers\siwinacc.sys
23:07:34.0423 4144 SiFilter - ok
23:07:34.0657 4144 [ 002EFE99E9117D8C9FEB17CE9CC6AF82 ] SimpleSlideShowServer C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe
23:07:34.0688 4144 SimpleSlideShowServer - ok
23:07:34.0750 4144 [ 85F5613EBFE1C51A72D03BDAA1F7B912 ] SiRemFil C:\Windows\system32\drivers\siremfil.sys
23:07:34.0844 4144 SiRemFil - ok
23:07:34.0875 4144 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
23:07:34.0891 4144 sisagp - ok
23:07:34.0922 4144 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
23:07:34.0922 4144 SiSRaid2 - ok
23:07:34.0984 4144 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
23:07:35.0016 4144 SiSRaid4 - ok
23:07:35.0577 4144 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
23:07:36.0201 4144 slsvc - ok
23:07:36.0248 4144 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
23:07:36.0264 4144 SLUINotify - ok
23:07:36.0357 4144 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:07:36.0388 4144 Smb - ok
23:07:36.0529 4144 [ DB31D8989B3450569C29780E7FA98C48 ] SNC C:\Windows\system32\Drivers\SonyNC.sys
23:07:36.0560 4144 SNC - ok
23:07:36.0638 4144 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:07:36.0654 4144 SNMPTRAP - ok
23:07:36.0966 4144 [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Program Files\Sony\Sony PC Companion\PCCService.exe
23:07:36.0981 4144 Sony PC Companion - ok
23:07:37.0028 4144 [ 2F30C6EC1904CDB6F32CA69622726EB4 ] SonyImgF C:\Windows\system32\DRIVERS\SonyImgF.sys
23:07:37.0278 4144 SonyImgF - ok
23:07:37.0309 4144 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
23:07:37.0340 4144 spldr - ok
23:07:37.0402 4144 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
23:07:37.0449 4144 Spooler - ok
23:07:37.0449 4144 sptd - ok
23:07:37.0449 4144 SQLAgent$INVENTORCONTENT - ok
23:07:37.0590 4144 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
23:07:37.0590 4144 SQLBrowser - ok
23:07:37.0652 4144 [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
23:07:37.0746 4144 SQLWriter - ok
23:07:37.0948 4144 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
23:07:37.0995 4144 srv - ok
23:07:38.0104 4144 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:07:38.0120 4144 srv2 - ok
23:07:38.0151 4144 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:07:38.0229 4144 srvnet - ok
23:07:38.0338 4144 [ 64E44ACD8C238FCBBB78F0BA4BDC4B05 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
23:07:38.0370 4144 ssadbus - ok
23:07:38.0604 4144 [ BB2C84A15C765DA89FD832B0E73F26CE ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
23:07:38.0619 4144 ssadmdfl - ok
23:07:38.0744 4144 [ 6D0D132DDC6F43EDA00DCED6D8B1CA31 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
23:07:38.0884 4144 ssadmdm - ok
23:07:39.0430 4144 [ 1A5A397BC459F346AB56492B61EF79F6 ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
23:07:39.0477 4144 ssadserd - ok
23:07:39.0618 4144 [ 069351A1D7D291013177A90AE6EDCCBC ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
23:07:39.0664 4144 sscdbus - ok
23:07:39.0696 4144 [ 1C925BE223A5C0F9F469252292A48DF6 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
23:07:39.0696 4144 sscdmdfl - ok
23:07:39.0805 4144 [ AE3E77AE0FBDB07EB1AC3FED74A0695E ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
23:07:39.0820 4144 sscdmdm - ok
23:07:39.0976 4144 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:07:40.0023 4144 SSDPSRV - ok
23:07:40.0179 4144 [ FA468A51C23EA3246F2F1B5CC4DC6BC4 ] SSScsiSV C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe
23:07:40.0288 4144 SSScsiSV - ok
23:07:40.0366 4144 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:07:40.0382 4144 SstpSvc - ok
23:07:40.0476 4144 [ 07318149E102FD9197AB444C27774372 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
23:07:40.0585 4144 ssudmdm - ok
23:07:40.0663 4144 [ 6C7E2B9E0919149357E2D5057FE58146 ] STHDA C:\Windows\system32\drivers\stwrt.sys
23:07:40.0725 4144 STHDA - ok
23:07:40.0803 4144 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
23:07:40.0819 4144 stisvc - ok
23:07:40.0834 4144 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
23:07:40.0850 4144 swenum - ok
23:07:40.0944 4144 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
23:07:40.0959 4144 swprv - ok
23:07:41.0037 4144 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
23:07:41.0100 4144 Symc8xx - ok
23:07:41.0146 4144 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
23:07:41.0302 4144 Sym_hi - ok
23:07:41.0349 4144 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
23:07:41.0380 4144 Sym_u3 - ok
23:07:41.0583 4144 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
23:07:41.0646 4144 SysMain - ok
23:07:41.0724 4144 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:07:41.0786 4144 TabletInputService - ok
23:07:41.0880 4144 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
23:07:42.0004 4144 TapiSrv - ok
23:07:42.0114 4144 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
23:07:42.0145 4144 TBS - ok
23:07:42.0348 4144 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:07:42.0472 4144 Tcpip - ok
23:07:42.0816 4144 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
23:07:42.0816 4144 Tcpip6 - ok
23:07:42.0909 4144 [ 2C2D4CFF5E09C73908F9B5AF49A51365 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:07:42.0940 4144 tcpipreg - ok
23:07:42.0987 4144 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:07:43.0018 4144 TDPIPE - ok
23:07:43.0096 4144 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:07:43.0112 4144 TDTCP - ok
23:07:43.0237 4144 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:07:43.0252 4144 tdx - ok
23:07:43.0330 4144 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
23:07:43.0377 4144 TermDD - ok
23:07:43.0580 4144 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
23:07:43.0689 4144 TermService - ok
23:07:43.0736 4144 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
23:07:43.0736 4144 Themes - ok
23:07:43.0783 4144 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
23:07:43.0783 4144 THREADORDER - ok
23:07:43.0861 4144 [ 7C7445B4C2BD46C56ABB3499DA52B75C ] ti21sony C:\Windows\system32\drivers\ti21sony.sys
23:07:44.0017 4144 ti21sony - ok
23:07:44.0220 4144 [ 76148C3159718B701252F87B067904A6 ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
23:07:44.0344 4144 TOSHIBA Bluetooth Service - ok
23:07:44.0500 4144 [ E362D54FD394999C4178936396664E57 ] toshidpt C:\Windows\system32\drivers\Toshidpt.sys
23:07:44.0532 4144 toshidpt - ok
23:07:44.0594 4144 [ 8D624D3BD1F2D78BD1C01A2D4E954B4E ] tosporte C:\Windows\system32\DRIVERS\tosporte.sys
23:07:44.0703 4144 tosporte - ok
23:07:44.0922 4144 [ B758FDA2E4389DC41688E4B8CEE832A0 ] tosrfbd C:\Windows\system32\DRIVERS\tosrfbd.sys
23:07:44.0984 4144 tosrfbd - ok
23:07:45.0187 4144 [ 90C8525BC578AAFFE87C2D0ED4379E9E ] tosrfbnp C:\Windows\system32\Drivers\tosrfbnp.sys
23:07:45.0218 4144 tosrfbnp - ok
23:07:45.0374 4144 [ 5BA1CA3B3CDDB1DDC67DF473F05D1EC2 ] Tosrfcom C:\Windows\system32\Drivers\tosrfcom.sys
23:07:45.0468 4144 Tosrfcom - ok
23:07:45.0530 4144 [ 28099A4E52148319AFA685D93A2244D0 ] Tosrfhid C:\Windows\system32\DRIVERS\Tosrfhid.sys
23:07:45.0577 4144 Tosrfhid - ok
23:07:45.0764 4144 [ C52FD27B9ADF3A1F22CB90E6BCF9B0CB ] tosrfnds C:\Windows\system32\DRIVERS\tosrfnds.sys
23:07:45.0780 4144 tosrfnds - ok
23:07:46.0060 4144 [ 7C0999169EF696F10761BF8275027330 ] TosRfSnd C:\Windows\system32\drivers\tosrfsnd.sys
23:07:46.0092 4144 TosRfSnd - ok
23:07:46.0216 4144 [ 20CC46C5D3326122E1A0A8C9DAD00E0D ] tosrfusb C:\Windows\system32\DRIVERS\tosrfusb.sys
23:07:46.0248 4144 tosrfusb - ok
23:07:46.0372 4144 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
23:07:46.0575 4144 TrkWks - ok
23:07:46.0778 4144 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:07:46.0778 4144 TrustedInstaller - ok
23:07:47.0043 4144 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:07:47.0090 4144 tssecsrv - ok
23:07:47.0246 4144 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
23:07:47.0293 4144 tunmp - ok
23:07:47.0402 4144 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:07:47.0558 4144 tunnel - ok
23:07:47.0667 4144 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
23:07:47.0714 4144 uagp35 - ok
23:07:47.0901 4144 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:07:47.0995 4144 udfs - ok
23:07:48.0198 4144 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:07:48.0229 4144 UI0Detect - ok
23:07:48.0291 4144 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:07:48.0338 4144 uliagpkx - ok
23:07:48.0447 4144 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
23:07:48.0666 4144 uliahci - ok
23:07:48.0759 4144 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
23:07:48.0900 4144 UlSata - ok
23:07:49.0040 4144 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
23:07:49.0071 4144 ulsata2 - ok
23:07:49.0165 4144 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:07:49.0180 4144 umbus - ok
23:07:49.0336 4144 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
23:07:49.0399 4144 upnphost - ok
23:07:49.0430 4144 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:07:49.0477 4144 usbccgp - ok
23:07:49.0508 4144 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:07:49.0508 4144 usbcir - ok
23:07:49.0586 4144 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:07:49.0695 4144 usbehci - ok
23:07:49.0804 4144 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:08:13.0860 4144 usbhub - ok
23:08:13.0891 4144 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:08:13.0938 4144 usbohci - ok
23:08:14.0016 4144 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:08:14.0016 4144 usbprint - ok
23:08:14.0062 4144 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
23:08:14.0078 4144 usbscan - ok
23:08:14.0187 4144 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:08:14.0250 4144 USBSTOR - ok
23:08:14.0328 4144 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
23:08:14.0328 4144 usbuhci - ok
23:08:14.0421 4144 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
23:08:14.0562 4144 usbvideo - ok
23:08:14.0702 4144 [ 35C9095FA7076466AFBFC5B9EC4B779E ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
23:08:14.0780 4144 usb_rndisx - ok
23:08:14.0858 4144 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
23:08:14.0889 4144 UxSms - ok
23:08:15.0123 4144 [ 4E9C6BF8D0655BB7538088DC6F2306D9 ] VAIO Entertainment TV Device Arbitration Service C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
23:08:15.0201 4144 VAIO Entertainment TV Device Arbitration Service - ok
23:08:15.0685 4144 [ 3587947466E8E9256DB05ABE3A9D398F ] VAIO Event Service C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
23:08:15.0903 4144 VAIO Event Service - ok
23:08:17.0416 4144 [ 88DC6B884824A578B0E1E9C3790C105B ] VAIOMediaPlatform-IntegratedServer-AppServer C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
23:08:20.0490 4144 VAIOMediaPlatform-IntegratedServer-AppServer - ok
23:08:20.0802 4144 [ 56E33AAA46CBA8431E72486196AFB3A1 ] VAIOMediaPlatform-IntegratedServer-HTTP C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
23:08:20.0926 4144 VAIOMediaPlatform-IntegratedServer-HTTP - ok
23:08:21.0363 4144 [ ADDF0E4E19BD2FF0A0B852D324FDC281 ] VAIOMediaPlatform-IntegratedServer-UPnP C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
23:08:21.0566 4144 VAIOMediaPlatform-IntegratedServer-UPnP - ok
23:08:21.0940 4144 [ 52D4F568FE7D05AE5026B8717EEB59EB ] VAIOMediaPlatform-UCLS-AppServer C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
23:08:22.0268 4144 VAIOMediaPlatform-UCLS-AppServer - ok
23:08:22.0455 4144 [ 56E33AAA46CBA8431E72486196AFB3A1 ] VAIOMediaPlatform-UCLS-HTTP C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
23:08:22.0471 4144 VAIOMediaPlatform-UCLS-HTTP - ok
23:08:22.0783 4144 [ ADDF0E4E19BD2FF0A0B852D324FDC281 ] VAIOMediaPlatform-UCLS-UPnP C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
23:08:22.0798 4144 VAIOMediaPlatform-UCLS-UPnP - ok
23:08:22.0908 4144 Vcsw - ok
23:08:23.0126 4144 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
23:08:23.0235 4144 vds - ok
23:08:23.0454 4144 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:08:23.0516 4144 vga - ok
23:08:23.0625 4144 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
23:08:23.0656 4144 VgaSave - ok
23:08:23.0688 4144 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
23:08:23.0797 4144 viaagp - ok
23:08:23.0875 4144 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
23:08:23.0968 4144 ViaC7 - ok
23:08:24.0015 4144 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
23:08:24.0062 4144 viaide - ok
23:08:24.0109 4144 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:08:24.0124 4144 volmgr - ok
23:08:24.0327 4144 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:08:24.0452 4144 volmgrx - ok
23:08:24.0561 4144 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:08:24.0561 4144 volsnap - ok
23:08:24.0733 4144 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
23:08:24.0811 4144 vsmraid - ok
23:08:25.0216 4144 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
23:08:25.0232 4144 VSS - ok
23:08:25.0575 4144 [ 5FEB20D9ED9A2BD4F234222B0A3BB855 ] VzCdbSvc C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
23:08:26.0012 4144 VzCdbSvc - ok
23:08:26.0121 4144 [ 3757DFD3C07896EF660D4060366E7B4E ] VzFw C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
23:08:26.0402 4144 VzFw - ok
23:08:26.0496 4144 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
23:08:26.0636 4144 W32Time - ok
23:08:26.0667 4144 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
23:08:26.0745 4144 WacomPen - ok
23:08:26.0839 4144 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
23:08:26.0948 4144 Wanarp - ok
23:08:26.0979 4144 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:08:26.0979 4144 Wanarpv6 - ok
23:08:27.0182 4144 [ 779F9C90D3FE9C70B6FFD8EF035F3E83 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
23:08:27.0354 4144 WcesComm - ok
23:08:27.0556 4144 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:08:27.0650 4144 wcncsvc - ok
23:08:27.0806 4144 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:08:27.0837 4144 WcsPlugInService - ok
23:08:27.0993 4144 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
23:08:28.0009 4144 Wd - ok
23:08:28.0180 4144 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:08:28.0414 4144 Wdf01000 - ok
23:08:28.0461 4144 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:08:28.0508 4144 WdiServiceHost - ok
23:08:28.0524 4144 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:08:28.0524 4144 WdiSystemHost - ok
23:08:28.0726 4144 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
23:08:28.0945 4144 WebClient - ok
23:08:28.0992 4144 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:08:29.0038 4144 Wecsvc - ok
23:08:29.0085 4144 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:08:29.0132 4144 wercplsupport - ok
23:08:29.0226 4144 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
23:08:29.0288 4144 WerSvc - ok
23:08:29.0475 4144 [ 6D2350BB6E77E800FC4BE4E5B7A2E89A ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
23:08:29.0772 4144 winachsf - ok
23:08:29.0990 4144 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
23:08:30.0099 4144 WinDefend - ok
23:08:30.0115 4144 WinHttpAutoProxySvc - ok
23:08:30.0442 4144 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:08:30.0442 4144 Winmgmt - ok
23:08:30.0801 4144 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
23:08:31.0020 4144 WinRM - ok
23:08:31.0285 4144 [ 676F4B665BDD8053EAA53AC1695B8074 ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
23:08:31.0316 4144 WinUSB - ok
23:08:31.0456 4144 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
23:08:31.0628 4144 Wlansvc - ok
23:08:32.0455 4144 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:08:33.0157 4144 wlidsvc - ok
23:08:33.0250 4144 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
23:08:33.0328 4144 WmiAcpi - ok
23:08:33.0500 4144 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:08:33.0500 4144 wmiApSrv - ok
23:08:33.0952 4144 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
23:08:34.0311 4144 WMPNetworkSvc - ok
23:08:34.0467 4144 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:08:34.0810 4144 WPCSvc - ok
23:08:34.0998 4144 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:08:35.0044 4144 WPDBusEnum - ok
23:08:35.0107 4144 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
23:08:35.0138 4144 WpdUsb - ok
23:08:35.0949 4144 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:08:36.0199 4144 WPFFontCache_v0400 - ok
23:08:36.0261 4144 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:08:36.0292 4144 ws2ifsl - ok
23:08:36.0339 4144 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
23:08:36.0433 4144 wscsvc - ok
23:08:36.0448 4144 WSearch - ok
23:08:36.0792 4144 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
23:08:37.0260 4144 wuauserv - ok
23:08:37.0353 4144 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:08:37.0416 4144 wudfsvc - ok
23:08:37.0478 4144 [ 5A7FF9A18FF6D7E0527FE3ABF9204EF8 ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
23:08:37.0478 4144 XAudio - ok
23:08:37.0525 4144 [ 28DC5D626E036A75A572556F0A6EB1F6 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
23:08:37.0603 4144 XAudioService - ok
23:08:37.0712 4144 ================ Scan global ===============================
23:08:37.0868 4144 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
23:08:38.0008 4144 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
23:08:38.0289 4144 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
23:08:38.0352 4144 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
23:08:38.0492 4144 [Global] - ok
23:08:38.0492 4144 ================ Scan MBR ==================================
23:08:38.0601 4144 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
23:08:44.0348 4144 \Device\Harddisk0\DR0 - ok
23:08:44.0348 4144 ================ Scan VBR ==================================
23:08:44.0380 4144 [ 627C48C8F6E2C655A03D12BC6DEB9F06 ] \Device\Harddisk0\DR0\Partition1
23:08:44.0458 4144 \Device\Harddisk0\DR0\Partition1 - ok
23:08:44.0458 4144 ============================================================
23:08:44.0458 4144 Scan finished
23:08:44.0458 4144 ============================================================
23:08:44.0458 3656 Detected object count: 0
23:08:44.0458 3656 Actual detected object count: 0
ahja, festplatte habe ich meine bilder und video ordner komplett auf eine externe festplatte kopiert - kann es sein, dass dort auch viren waren? wenn ja, wie bekomme ich diese von meiner externen festplatte weg? Danke für deine Hilfe, MFG Özi |
|
09.10.2012, 09:36
| #4 | |||
| /// TB-Ausbilder | Österreichischer Polizei Virus nach Movie2k Film Servus, Zitat:
Zitat:
Zunächst gehts aber so weiter: Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
|
|
12.10.2012, 19:11
| #5 |
| /// TB-Ausbilder | Österreichischer Polizei Virus nach Movie2k Film Fehlende Rückmeldung Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten. PM an mich falls Du denoch weiter machen willst. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und einen eigenen Thread erstellen! |
|
| Themen zu Österreichischer Polizei Virus nach Movie2k Film |
| 32 bit, adware.mirar, avira, bho, browser, computer, converter, defender, error, excel, explorer, firefox, format, gesperrt, google, helper, home, install.exe, logfile, malware, movie2k, office 2007, plug-in, registry, rundll, software, symantec, temp, viren, virus, vista, wrapper |
Linear-Darstellung
