| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Laptop-Maus bewegt sich und klickt Wild um sich. Bildschirm dreht sich um 90 Grad.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
14.11.2012, 12:42
| #1 |
| |  Laptop-Maus bewegt sich und klickt Wild um sich. Bildschirm dreht sich um 90 Grad. Hey Leute, Meine Freundin hatte gestern mit ihrem Laptop ein gruseliges Erlebnis. Als sie dabei war, sich Fotos anzugucken, fing auf einmal an sich die Maus von alleine zu bewegen und auf Dateien zu klicken. Kurz darauf drehte sich der Bildschirm noch um 90 Grad. Ich habe, als ich bei ihr war erstmal das Internet ausgeschaltet und AntiVir durchlaufen lassen. Kein Erfolg, nichts gefunden. Wie soll ich weiter Vorgehen? MfG AbsolutStorm |
|
14.11.2012, 12:44
| #2 |
| /// Malwareteam    |  Laptop-Maus bewegt sich und klickt Wild um sich. Bildschirm dreht sich um 90 Grad. Um eine genauere Analyse zu ermöglichen, befolge bitte diesen Link:
__________________An alle Hilfesuchenden! Was muss ich vor Eröffnung eines Themas beachten? Hinweis: Poste die erstellten Logfiles hier in deinem Thema - erstelle kein neues! Falls bereits installierte Antivirensoftware Funde gemeldet hat: Füge unbedingt die entsprechenden Logdateien bei!
__________________ |
|
14.11.2012, 15:48
| #3 |
| | Laptop-Maus bewegt sich und klickt Wild um sich. Bildschirm dreht sich um 90 Grad. Extras.txt:
__________________Code:
ATTFilter OTL Extras logfile created on: 14.11.2012 14:54:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Nici\Desktop
Starter Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1013,00 Mb Total Physical Memory | 348,46 Mb Available Physical Memory | 34,40% Memory free
1,99 Gb Paging File | 1,17 Gb Available in Paging File | 58,61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 225,72 Gb Total Space | 155,59 Gb Free Space | 68,93% Space Free | Partition Type: NTFS
Computer Name: NICI-VAIO | User Name: Nici | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2C52367C-D6DF-46E9-8EE7-17FBBFCB2D0F}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |
"{45698980-05D2-443B-A2D7-6E2A6A9B648D}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |
"{65470038-5AA0-41D5-B458-AF94C4AF4FC2}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{CC069ECB-A4DC-4D1C-A9CA-3D89D6240DAF}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C1248EE-C474-4531-A565-1307CE8DC588}" = protocol=17 | dir=in | app=c:\programdata\kodak\installer\setup.exe |
"{19E9B155-86B4-44CB-8ACC-965F8DDAE951}" = protocol=6 | dir=in | app=c:\program files\kodak\aio\center\networkprinterdiscovery.exe |
"{208F5465-8FB2-4AD6-BCE6-35CEC554B402}" = protocol=17 | dir=in | app=c:\program files\kodak\aio\center\aiohomecenter.exe |
"{34292A6A-01E3-4E47-AE34-65A87BBB7267}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{34B7963F-5DE1-46D3-B3F3-4EA7FDA4D4A3}" = protocol=6 | dir=in | app=c:\programdata\kodak\installer\setup.exe |
"{690D9598-66D2-43BA-8F3B-0D7CB66173CE}" = protocol=17 | dir=in | app=c:\program files\kodak\aio\center\kodak.statistics.exe |
"{83836B70-FE5C-464F-A33C-B55F260101C4}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{8E447E8D-AD43-4C71-8557-59DB7813C111}" = protocol=6 | dir=in | app=c:\program files\kodak\aio\firmware\kodakaioupdater.exe |
"{9EF1831A-CA76-4157-8BD8-B83F4FF5FB17}" = protocol=17 | dir=in | app=c:\program files\kodak\aio\center\networkprinterdiscovery.exe |
"{AB90287C-C627-41C4-B0B4-13B6303429F1}" = protocol=6 | dir=in | app=c:\program files\kodak\aio\center\aiohomecenter.exe |
"{AE6A0C8D-094E-4F92-9EA2-F85A71122DA0}" = protocol=17 | dir=in | app=c:\program files\kodak\aio\firmware\kodakaioupdater.exe |
"{B94861DF-175A-4546-AAF1-1990DA458202}" = protocol=6 | dir=in | app=c:\program files\kodak\aio\center\kodak.statistics.exe |
"{B9C74A0A-23F0-431A-A912-F9C28B89FDD3}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C9EF96A1-F4BD-4BA0-9D05-5C7D304F5345}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{12D0BE8D-538C-4AB1-86DE-C540308F50DA}" = VAIO Content Metadata Manager Settings
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{18510937-0146-417B-95D8-14706649C384}" = VAIO Content Metadata Manager Settings
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{208345BE-27BB-4367-B245-A5B6E764FDD0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = Einstellungen für VAIO-Inhaltsüberwachung
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 33
"{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}" = Kodak AIO Printer
"{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}" = VAIO Content Metadata XML Interface Library
"{34DC654E-6E43-4BFA-9E00-6C16CFA7B9F0}" = VAIO Data Restore Tool
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{376348C2-E372-48BC-A138-E896757BD86A}" = aioscnnr
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4427F384-B5BE-4769-B7D0-C784FC321EB1}" = VAIO Content Metadata Intelligent Network Service Manager
"{4882EBF5-CA37-4EF4-BCB8-9B0E78B907D0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56BA241F-580C-43D2-8403-947241AAE633}" = center
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update 5
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D8ED20E-E792-4DAC-BB66-009836CBD80B}" = VAIO Content Monitoring Settings
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}" = RollerCoaster Tycoon 2
"{7392AA60-133D-4761-94DB-8FBC9B6CD5EA}" = VAIO Content Metadata Intelligent Network Service Manager
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" = VAIO Energie Verwaltung
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support
"{90140000-006D-0407-0000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96D8E26D-70CB-44DE-AE50-43095A39E5B2}" = VAIO Entertainment Platform
"{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}" = JMicron Ethernet Adapter NDIS Driver
"{9B163B82-3B46-4CE5-BF01-A53E550A8E58}" = Sony Home Network Library
"{9DA53D22-D922-494C-B1D7-51CD9BCB9E4A}" = VAIO Hardware Diagnostics
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{A3563827-B0DB-44DC-B037-15CC4E5E692F}" = VAIO Content Metadata XML Interface Library
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Funktion Einstellungen
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{B1DADBEB-7F82-4B29-84D6-5F14A020F0A0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{BE94C681-68E2-4561-8ABC-8D2E799168B4}" = essentials
"{BFBCF96F-7361-486A-965C-54B17AC35421}" = ocr
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}" = Sony Home Network Library
"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq
"{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3
"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK All-in-One Software
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{EA5F34F3-3911-B4DB-63CA-1E44B2AB13A1}" = Adobe Download Assistant
"{EF53BFAB-4C10-40DB-A82D-9B07111715C6}" = aioscnnr
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1432614-6183-49E6-98E8-674485463CFE}" = VAIO Original Function Settings
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"BF20603967CFDCB2BBF91950E8A56DFBC5C833FE" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"BFEE6FC237B51D7CD2E0A40D81E188A6ED95001F" = Windows Driver Package - Broadcom Bluetooth (09/09/2009 6.2.0.9405)
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"MarketingTools" = VAIO Marketing Tools
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VAIO Help and Support" =
"VAIO Premium Partners" = VAIO Premium Partners
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 08.10.2012 13:30:50 | Computer Name = Nici-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
Error - 17.10.2012 12:55:15 | Computer Name = Nici-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA})
(Fehlercode = 0x80042000)
Error - 17.10.2012 12:55:16 | Computer Name = Nici-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
Error - 17.10.2012 13:05:28 | Computer Name = Nici-VAIO | Source = CVHSVC | ID = 100
Description = Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar.
Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.
Error - 17.10.2012 13:46:52 | Computer Name = Nici-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA})
(Fehlercode = 0x80042000)
Error - 17.10.2012 13:46:53 | Computer Name = Nici-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
Error - 18.10.2012 11:12:16 | Computer Name = Nici-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA})
(Fehlercode = 0x80042000)
Error - 18.10.2012 11:12:19 | Computer Name = Nici-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
Error - 18.10.2012 13:48:37 | Computer Name = Nici-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA})
(Fehlercode = 0x80042000)
Error - 18.10.2012 13:48:38 | Computer Name = Nici-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
[ System Events ]
Error - 17.10.2012 12:55:50 | Computer Name = Nici-VAIO | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error - 17.10.2012 13:47:26 | Computer Name = Nici-VAIO | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error - 18.10.2012 11:12:47 | Computer Name = Nici-VAIO | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error - 18.10.2012 13:49:12 | Computer Name = Nici-VAIO | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error - 24.10.2012 03:54:45 | Computer Name = Nici-VAIO | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error - 24.10.2012 04:02:38 | Computer Name = Nici-VAIO | Source = DCOM | ID = 10005
Description =
Error - 24.10.2012 04:02:38 | Computer Name = Nici-VAIO | Source = Service Control Manager | ID = 7038
Description = Der Dienst "upnphost" konnte sich nicht als "NT AUTHORITY\LocalService"
mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%50 Vergewissern
Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
Management Console (MMC).
Error - 24.10.2012 04:02:38 | Computer Name = Nici-VAIO | Source = Service Control Manager | ID = 7000
Description = Der Dienst "UPnP-Gerätehost" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1069
Error - 29.10.2012 09:32:04 | Computer Name = Nici-VAIO | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error - 30.10.2012 04:58:04 | Computer Name = Nici-VAIO | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
< End of report >
Code:
ATTFilter OTL logfile created on: 14.11.2012 14:54:42 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Nici\Desktop Starter Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1013,00 Mb Total Physical Memory | 348,46 Mb Available Physical Memory | 34,40% Memory free 1,99 Gb Paging File | 1,17 Gb Available in Paging File | 58,61% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 225,72 Gb Total Space | 155,59 Gb Free Space | 68,93% Space Free | Partition Type: NTFS Computer Name: NICI-VAIO | User Name: Nici | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.11.14 14:42:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Nici\Desktop\OTL.exe PRC - [2012.08.08 10:55:02 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.07.10 11:18:21 | 000,026,624 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\Marketing Tools\MarketingTools.exe PRC - [2012.06.19 12:44:22 | 000,777,728 | ---- | M] (Eastman Kodak Company) -- C:\Programme\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe PRC - [2012.06.18 20:13:46 | 000,394,712 | ---- | M] (Eastman Kodak Company) -- C:\Programme\Kodak\AiO\Center\EKAiOHostService.exe PRC - [2012.05.02 00:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2012.05.01 23:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2012.04.24 01:11:55 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2012.01.04 13:22:40 | 000,822,624 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE PRC - [2011.10.01 07:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2011.10.01 07:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Application Virtualization Client\sftlist.exe PRC - [2011.07.16 05:31:12 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010.09.02 14:23:28 | 001,638,400 | ---- | M] (Eastman Kodak Company) -- C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe PRC - [2010.03.08 10:04:04 | 001,865,072 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Smart Network\VSNClient.exe PRC - [2010.03.08 10:04:04 | 000,696,320 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe PRC - [2009.11.30 18:19:58 | 000,204,648 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe PRC - [2009.11.30 18:19:58 | 000,112,488 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Event Service\VESMgrSub.exe PRC - [2009.10.30 08:50:30 | 001,312,112 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Update 5\VAIOUpdt.exe PRC - [2009.10.24 02:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- c:\Programme\Sony\PMB\PMBDeviceInfoProvider.exe PRC - [2009.10.24 02:18:52 | 000,597,792 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\PMB\PMBVolumeWatcher.exe PRC - [2009.10.21 03:49:54 | 000,029,552 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Care\VAIOCareService.exe PRC - [2009.10.19 06:12:16 | 000,574,320 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Care\VCsystray.exe PRC - [2009.09.14 18:24:08 | 000,206,336 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe PRC - [2009.09.14 17:53:48 | 000,642,416 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe PRC - [2009.09.04 11:43:40 | 000,795,936 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe PRC - [2009.09.04 11:43:38 | 000,595,232 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe PRC - [2009.08.26 18:24:00 | 000,320,880 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\ISB Utility\ISBMgr.exe PRC - [2009.07.14 02:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe ========== Modules (No Company Name) ========== MOD - [2012.07.14 09:59:19 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b7a7f9c607e09bfa03c07b5ff3a8ae3\System.ServiceProcess.ni.dll MOD - [2012.07.14 09:55:13 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll MOD - [2012.07.14 09:54:33 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll MOD - [2012.07.14 09:51:41 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5c85c9c42e1b8a8760de82ecb4c7d582\System.Xml.ni.dll MOD - [2012.07.14 09:51:20 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb079eab134fd1a752ad91db13274110\System.Configuration.ni.dll MOD - [2012.07.14 09:50:51 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll MOD - [2012.07.14 09:50:10 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll MOD - [2012.07.10 11:41:05 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2012.05.30 19:06:48 | 000,087,912 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2012.05.30 19:06:30 | 001,242,512 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ========== Services (SafeList) ========== SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.06.19 12:44:22 | 000,777,728 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Programme\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe -- (Kodak AiO Status Monitor Service) SRV - [2012.06.18 20:13:46 | 000,394,712 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Programme\Kodak\AiO\Center\EKAiOHostService.exe -- (Kodak AiO Network Discovery Service) SRV - [2012.05.02 00:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.05.01 23:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.01.04 13:22:40 | 000,822,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE -- (cvhsvc) SRV - [2011.10.01 07:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011.10.01 07:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2010.03.08 10:04:04 | 000,696,320 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe -- (VSNService) SRV - [2010.01.09 20:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2010.01.09 20:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose) SRV - [2009.12.16 18:11:44 | 000,513,392 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management) SRV - [2009.11.30 18:19:58 | 000,204,648 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service) SRV - [2009.10.30 08:50:32 | 000,669,040 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Update 5\VUAgent.exe -- (VUAgent) SRV - [2009.10.24 02:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- c:\Programme\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider) SRV - [2009.10.15 15:34:36 | 000,427,304 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms) SRV - [2009.10.15 15:34:36 | 000,091,432 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe -- (SOHPlMgr) SRV - [2009.10.15 15:34:36 | 000,075,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs) SRV - [2009.10.15 15:34:34 | 000,120,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp) SRV - [2009.10.15 15:34:34 | 000,070,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe -- (SOHDBSvr) SRV - [2009.09.16 22:28:42 | 000,122,880 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Care\collsvc.exe -- (SampleCollector) SRV - [2009.09.16 12:27:12 | 000,480,624 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr) SRV - [2009.09.14 18:24:08 | 000,206,336 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc) SRV - [2009.09.14 18:24:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service) SRV - [2009.09.14 17:53:48 | 000,642,416 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw) SRV - [2009.09.08 17:09:14 | 000,083,312 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper) SRV - [2009.09.04 11:43:38 | 000,595,232 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV - [2009.09.01 20:42:00 | 000,361,840 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr) SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009.07.14 02:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) ========== Driver Services (SafeList) ========== DRV - [2012.04.27 09:20:04 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2012.04.24 23:32:27 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2012.04.16 20:17:40 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2011.10.01 07:30:42 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol) DRV - [2011.10.01 07:30:40 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir) DRV - [2011.10.01 07:30:38 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay) DRV - [2011.10.01 07:30:36 | 000,579,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs) DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010.02.19 21:28:10 | 000,130,672 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR) DRV - [2009.12.28 06:55:35 | 000,043,944 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btusbflt.sys -- (btusbflt) DRV - [2009.12.17 04:13:01 | 000,092,272 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\JME.sys -- (JME) DRV - [2009.12.01 21:16:52 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP) DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony.msn.com IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{43FF4C07-D2D9-438E-9130-B1F2F59B53CC}: "URL" = hxxp://www.zinio.com/search/index.jsp?s={searchTerms}&rf=sonyie8search IE - HKCU\..\SearchScopes\{D34C818F-F6E9-47F8-A8A5-FC6E0E211FF3}: "URL" = hxxp://de.shopping.com/?linkin_id=8056363 IE - HKCU\..\SearchScopes\{E6E0ECFE-32A3-47C8-B0F3-CF969141FFD9}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-0/4?satitle={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Nici\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Nici\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) ========== Chrome ========== CHR - homepage: CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Nici\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Nici\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Nici\AppData\Local\Google\Chrome\Application\22.0.1229.94\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Enabled) = c:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Java(TM) Platform SE 6 U33 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Java Deployment Toolkit 6.0.330.3 (Enabled) = C:\Windows\system32\npdeployJava1.dll CHR - plugin: Google Update (Enabled) = C:\Users\Nici\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - Extension: YouTube = C:\Users\Nici\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\Nici\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Google Mail = C:\Users\Nici\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Conime] %windir%\system32\conime.exe File not found O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe (Eastman Kodak Company) O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [MarketingTools] C:\Programme\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation) O4 - HKLM..\Run: [PMBVolumeWatcher] c:\Programme\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation) O4 - HKCU..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Programme\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Programme\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{218198D2-E92D-4112-9E46-E5266B60D89A}: DhcpNameServer = 192.168.1.1 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{fdd012d8-cb82-11e1-8422-5442497519a2}\Shell - "" = AutoRun O33 - MountPoints2\{fdd012d8-cb82-11e1-8422-5442497519a2}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.11.14 14:42:18 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Nici\Desktop\OTL.exe [2012.11.13 19:27:59 | 000,000,000 | ---D | C] -- C:\Users\Nici\Desktop\DM Fotos [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.11.14 14:51:31 | 000,000,000 | ---- | M] () -- C:\Users\Nici\defogger_reenable [2012.11.14 14:43:46 | 000,009,872 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.11.14 14:43:46 | 000,009,872 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.11.14 14:42:46 | 000,302,592 | ---- | M] () -- C:\Users\Nici\Desktop\wffdckbj.exe [2012.11.14 14:42:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Nici\Desktop\OTL.exe [2012.11.14 14:42:11 | 000,050,477 | ---- | M] () -- C:\Users\Nici\Desktop\Defogger.exe [2012.11.14 14:41:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-732471312-2568886562-2223330888-1000UA.job [2012.11.14 14:35:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.11.14 14:35:35 | 796,655,616 | -HS- | M] () -- C:\hiberfil.sys [2012.11.13 19:40:34 | 000,654,610 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.11.13 19:40:34 | 000,616,452 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.11.13 19:40:34 | 000,130,192 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.11.13 19:40:34 | 000,106,574 | ---- | M] () -- C:\Windows\System32\perfc009.dat [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.11.14 14:51:31 | 000,000,000 | ---- | C] () -- C:\Users\Nici\defogger_reenable [2012.11.14 14:42:42 | 000,302,592 | ---- | C] () -- C:\Users\Nici\Desktop\wffdckbj.exe [2012.11.14 14:42:09 | 000,050,477 | ---- | C] () -- C:\Users\Nici\Desktop\Defogger.exe [2012.07.10 11:43:58 | 000,654,610 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2012.07.10 11:43:58 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2012.07.10 11:43:58 | 000,130,192 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2012.07.10 11:43:58 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2012.07.10 11:01:35 | 000,002,119 | ---- | C] () -- C:\Windows\System32\McOEMAppRules.dat ========== ZeroAccess Check ========== [2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2012.09.10 14:26:54 | 000,000,000 | ---D | M] -- C:\Users\Nici\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2012.09.10 17:05:57 | 000,000,000 | ---D | M] -- C:\Users\Nici\AppData\Roaming\PDAppFlex [2012.07.10 17:43:08 | 000,000,000 | ---D | M] -- C:\Users\Nici\AppData\Roaming\SoftGrid Client [2012.09.10 17:39:48 | 000,000,000 | ---D | M] -- C:\Users\Nici\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012.08.27 14:06:39 | 000,000,000 | ---D | M] -- C:\Users\Nici\AppData\Roaming\Temp [2012.07.10 16:46:28 | 000,000,000 | ---D | M] -- C:\Users\Nici\AppData\Roaming\TP ========== Purity Check ========== < End of report > Zu dem GMER Programm: Ich bekomme entweder eine Fehlermeldung, dass das Programm nicht mehr funktioniert, oder einen Bluescreen, mit dem Anfang 0x00000019 (weiß jetzt nicht genau wie viele Nullen es waren) |
|
14.11.2012, 15:57
| #4 |
| /// Malwareteam | Laptop-Maus bewegt sich und klickt Wild um sich. Bildschirm dreht sich um 90 Grad. Lass GMER erstmal weg... Schritt 1: aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
Schritt 2: Scan mit TDSS-Killer Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen. Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Kein Asylrecht für Trojaner!  Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
14.11.2012, 16:35
| #5 |
| | Laptop-Maus bewegt sich und klickt Wild um sich. Bildschirm dreht sich um 90 Grad. aswMBR.txt: Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-14 16:04:21
-----------------------------
16:04:21.188 OS Version: Windows 6.1.7600
16:04:21.188 Number of processors: 2 586 0x1C0A
16:04:21.241 ComputerName: NICI-VAIO UserName: Nici
16:04:59.759 Initialize success
16:09:42.631 AVAST engine defs: 12111400
16:09:47.904 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
16:09:47.904 Disk 0 Vendor: WDC_WD2500BEVT-22A23T0 01.01A01 Size: 238475MB BusType: 3
16:09:47.935 Disk 0 MBR read successfully
16:09:47.935 Disk 0 MBR scan
16:09:48.138 Disk 0 Windows 7 default MBR code
16:09:48.153 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 7231 MB offset 2048
16:09:48.185 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 14811136
16:09:48.247 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 231142 MB offset 15015936
16:09:48.309 Disk 0 scanning sectors +488395120
16:09:48.465 Disk 0 scanning C:\Windows\system32\drivers
16:10:21.257 Service scanning
16:11:16.017 Modules scanning
16:11:29.699 Disk 0 trace - called modules:
16:11:29.730 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
16:11:29.746 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x840ac420]
16:11:29.761 3 CLASSPNP.SYS[85dcb59e] -> nt!IofCallDriver -> [0x83c9e918]
16:11:29.777 5 ACPI.sys[85ea33b2] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x83c91610]
16:11:31.821 AVAST engine scan C:\Windows
16:11:36.501 AVAST engine scan C:\Windows\system32
16:19:34.304 AVAST engine scan C:\Windows\system32\drivers
16:20:00.472 AVAST engine scan C:\Users\Nici
16:30:17.629 AVAST engine scan C:\ProgramData
16:30:48.876 Scan finished successfully
16:31:03.806 Disk 0 MBR has been saved successfully to "C:\Users\Nici\Desktop\MBR.dat"
16:31:03.821 The log file has been saved successfully to "C:\Users\Nici\Desktop\aswMBR.txt"
Code:
ATTFilter 16:49:47.0263 4932 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:49:47.0570 4932 ============================================================
16:49:47.0571 4932 Current date / time: 2012/11/14 16:49:47.0570
16:49:47.0571 4932 SystemInfo:
16:49:47.0571 4932
16:49:47.0571 4932 OS Version: 6.1.7600 ServicePack: 0.0
16:49:47.0571 4932 Product type: Workstation
16:49:47.0572 4932 ComputerName: NICI-VAIO
16:49:47.0572 4932 UserName: Nici
16:49:47.0572 4932 Windows directory: C:\Windows
16:49:47.0572 4932 System windows directory: C:\Windows
16:49:47.0572 4932 Processor architecture: Intel x86
16:49:47.0573 4932 Number of processors: 2
16:49:47.0573 4932 Page size: 0x1000
16:49:47.0573 4932 Boot type: Normal boot
16:49:47.0573 4932 ============================================================
16:49:49.0037 4932 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:49:49.0042 4932 ============================================================
16:49:49.0042 4932 \Device\Harddisk0\DR0:
16:49:49.0043 4932 MBR partitions:
16:49:49.0043 4932 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xE20000, BlocksNum 0x32000
16:49:49.0043 4932 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xE52000, BlocksNum 0x1C373170
16:49:49.0043 4932 ============================================================
16:49:49.0083 4932 C: <-> \Device\Harddisk0\DR0\Partition2
16:49:49.0083 4932 ============================================================
16:49:49.0083 4932 Initialize success
16:49:49.0083 4932 ============================================================
16:49:59.0104 3044 ============================================================
16:49:59.0104 3044 Scan started
16:49:59.0104 3044 Mode: Manual; SigCheck; TDLFS;
16:49:59.0104 3044 ============================================================
16:49:59.0942 3044 ================ Scan system memory ========================
16:49:59.0942 3044 System memory - ok
16:49:59.0944 3044 ================ Scan services =============================
16:50:00.0211 3044 [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:50:00.0413 3044 1394ohci - ok
16:50:00.0500 3044 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
16:50:00.0564 3044 ACDaemon - ok
16:50:00.0612 3044 [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:50:00.0658 3044 ACPI - ok
16:50:00.0682 3044 [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:50:00.0767 3044 AcpiPmi - ok
16:50:00.0885 3044 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
16:50:00.0919 3044 AdobeARMservice - ok
16:50:00.0980 3044 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:50:01.0024 3044 adp94xx - ok
16:50:01.0070 3044 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:50:01.0111 3044 adpahci - ok
16:50:01.0143 3044 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:50:01.0179 3044 adpu320 - ok
16:50:01.0229 3044 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:50:01.0311 3044 AeLookupSvc - ok
16:50:01.0369 3044 [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD C:\Windows\system32\drivers\afd.sys
16:50:01.0450 3044 AFD - ok
16:50:01.0483 3044 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
16:50:01.0515 3044 agp440 - ok
16:50:01.0556 3044 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
16:50:01.0589 3044 aic78xx - ok
16:50:01.0658 3044 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
16:50:01.0721 3044 ALG - ok
16:50:01.0763 3044 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
16:50:01.0796 3044 aliide - ok
16:50:01.0858 3044 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
16:50:01.0900 3044 amdagp - ok
16:50:01.0957 3044 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
16:50:01.0987 3044 amdide - ok
16:50:02.0021 3044 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:50:02.0077 3044 AmdK8 - ok
16:50:02.0109 3044 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
16:50:02.0143 3044 AmdPPM - ok
16:50:02.0183 3044 [ 2101A86C25C154F8314B24EF49D7FBC2 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:50:02.0216 3044 amdsata - ok
16:50:02.0260 3044 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:50:02.0297 3044 amdsbs - ok
16:50:02.0326 3044 [ B81C2B5616F6420A9941EA093A92B150 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:50:02.0364 3044 amdxata - ok
16:50:02.0441 3044 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
16:50:02.0479 3044 AntiVirSchedulerService - ok
16:50:02.0524 3044 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
16:50:02.0558 3044 AntiVirService - ok
16:50:02.0597 3044 [ FEB834C02CE1E84B6A38F953CA067706 ] AppID C:\Windows\system32\drivers\appid.sys
16:50:02.0707 3044 AppID - ok
16:50:02.0758 3044 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:50:02.0844 3044 AppIDSvc - ok
16:50:02.0869 3044 [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo C:\Windows\System32\appinfo.dll
16:50:02.0966 3044 Appinfo - ok
16:50:03.0033 3044 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:50:03.0062 3044 Apple Mobile Device - ok
16:50:03.0107 3044 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
16:50:03.0145 3044 arc - ok
16:50:03.0173 3044 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:50:03.0208 3044 arcsas - ok
16:50:03.0243 3044 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:50:03.0327 3044 AsyncMac - ok
16:50:03.0357 3044 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
16:50:03.0388 3044 atapi - ok
16:50:03.0448 3044 [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:50:03.0549 3044 AudioEndpointBuilder - ok
16:50:03.0581 3044 [ 510C873BFA135AA829F4180352772734 ] Audiosrv C:\Windows\System32\Audiosrv.dll
16:50:03.0656 3044 Audiosrv - ok
16:50:03.0706 3044 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
16:50:03.0734 3044 avgntflt - ok
16:50:03.0772 3044 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
16:50:03.0802 3044 avipbb - ok
16:50:03.0825 3044 [ 53E56450DA16A1A7F0D002F511113F67 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
16:50:03.0851 3044 avkmgr - ok
16:50:03.0905 3044 [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:50:03.0997 3044 AxInstSV - ok
16:50:04.0063 3044 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
16:50:04.0135 3044 b06bdrv - ok
16:50:04.0174 3044 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
16:50:04.0231 3044 b57nd60x - ok
16:50:04.0315 3044 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
16:50:04.0398 3044 BDESVC - ok
16:50:04.0417 3044 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
16:50:04.0506 3044 Beep - ok
16:50:04.0560 3044 [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE C:\Windows\System32\bfe.dll
16:50:04.0650 3044 BFE - ok
16:50:04.0696 3044 [ 53F476476F55A27F580661BDE09C4EC4 ] BITS C:\Windows\System32\qmgr.dll
16:50:04.0792 3044 BITS - ok
16:50:04.0833 3044 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
16:50:04.0868 3044 blbdrive - ok
16:50:04.0966 3044 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:50:05.0005 3044 Bonjour Service - ok
16:50:05.0053 3044 [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:50:05.0125 3044 bowser - ok
16:50:05.0158 3044 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:50:05.0213 3044 BrFiltLo - ok
16:50:05.0234 3044 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:50:05.0287 3044 BrFiltUp - ok
16:50:05.0341 3044 [ 598E1280E7FF3744F4B8329366CC5635 ] Browser C:\Windows\System32\browser.dll
16:50:05.0411 3044 Browser - ok
16:50:05.0467 3044 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:50:05.0541 3044 Brserid - ok
16:50:05.0566 3044 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:50:05.0605 3044 BrSerWdm - ok
16:50:05.0626 3044 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:50:05.0674 3044 BrUsbMdm - ok
16:50:05.0686 3044 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:50:05.0736 3044 BrUsbSer - ok
16:50:05.0802 3044 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
16:50:05.0897 3044 BthEnum - ok
16:50:05.0939 3044 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:50:05.0995 3044 BTHMODEM - ok
16:50:06.0030 3044 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
16:50:06.0087 3044 BthPan - ok
16:50:06.0147 3044 [ 88059FF1DED4472ACD17EEBABD393069 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
16:50:06.0224 3044 BTHPORT - ok
16:50:06.0283 3044 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
16:50:06.0367 3044 bthserv - ok
16:50:06.0392 3044 [ 80E6384BEEC03B8BD45EDEA29802D657 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
16:50:06.0451 3044 BTHUSB - ok
16:50:06.0508 3044 [ 92C5B845803F3662637EB691AC0B250F ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
16:50:06.0535 3044 btusbflt - ok
16:50:06.0592 3044 [ CE5833C144CA6623BCBDE93B188AA850 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
16:50:06.0621 3044 btwaudio - ok
16:50:06.0643 3044 [ AF9148C3E844131AC954CB53FF43D971 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
16:50:06.0669 3044 btwavdt - ok
16:50:06.0755 3044 [ F55C99818FD1EACFC7784958A8592536 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
16:50:06.0797 3044 btwdins - ok
16:50:06.0822 3044 [ AAFD7CB76BA61FBB08E302DA208C974A ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
16:50:06.0845 3044 btwl2cap - ok
16:50:06.0900 3044 [ 480B3D195854B2E55299CDDDDC50BCF9 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
16:50:06.0925 3044 btwrchid - ok
16:50:06.0958 3044 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:50:07.0043 3044 cdfs - ok
16:50:07.0099 3044 [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:50:07.0147 3044 cdrom - ok
16:50:07.0199 3044 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc C:\Windows\System32\certprop.dll
16:50:07.0274 3044 CertPropSvc - ok
16:50:07.0298 3044 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
16:50:07.0338 3044 circlass - ok
16:50:07.0372 3044 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
16:50:07.0410 3044 CLFS - ok
16:50:07.0467 3044 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:50:07.0497 3044 clr_optimization_v2.0.50727_32 - ok
16:50:07.0583 3044 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:50:07.0621 3044 clr_optimization_v4.0.30319_32 - ok
16:50:07.0667 3044 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
16:50:07.0704 3044 CmBatt - ok
16:50:07.0725 3044 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:50:07.0756 3044 cmdide - ok
16:50:07.0804 3044 [ DB5E008B3744DD60C8498CBBF2A1CFA6 ] CNG C:\Windows\system32\Drivers\cng.sys
16:50:07.0876 3044 CNG - ok
16:50:07.0910 3044 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:50:07.0940 3044 Compbatt - ok
16:50:07.0980 3044 [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:50:08.0024 3044 CompositeBus - ok
16:50:08.0039 3044 COMSysApp - ok
16:50:08.0073 3044 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:50:08.0103 3044 crcdisk - ok
16:50:08.0167 3044 [ 520A108A2657F4BCA7FCED9CA7D885DE ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:50:08.0248 3044 CryptSvc - ok
16:50:08.0377 3044 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
16:50:08.0435 3044 cvhsvc - ok
16:50:08.0491 3044 [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch C:\Windows\system32\rpcss.dll
16:50:08.0578 3044 DcomLaunch - ok
16:50:08.0622 3044 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
16:50:08.0707 3044 defragsvc - ok
16:50:08.0764 3044 [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:50:08.0841 3044 DfsC - ok
16:50:08.0906 3044 [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:50:08.0990 3044 Dhcp - ok
16:50:09.0015 3044 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
16:50:09.0097 3044 discache - ok
16:50:09.0157 3044 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
16:50:09.0194 3044 Disk - ok
16:50:09.0233 3044 [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:50:09.0304 3044 Dnscache - ok
16:50:09.0342 3044 [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc C:\Windows\System32\dot3svc.dll
16:50:09.0433 3044 dot3svc - ok
16:50:09.0458 3044 [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS C:\Windows\system32\dps.dll
16:50:09.0544 3044 DPS - ok
16:50:09.0595 3044 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:50:09.0654 3044 drmkaud - ok
16:50:09.0714 3044 [ 1679A4669326CB1A67CC95658D273234 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:50:09.0773 3044 DXGKrnl - ok
16:50:09.0818 3044 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
16:50:09.0890 3044 EapHost - ok
16:50:10.0019 3044 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
16:50:10.0161 3044 ebdrv - ok
16:50:10.0205 3044 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS C:\Windows\System32\lsass.exe
16:50:10.0289 3044 EFS - ok
16:50:10.0358 3044 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:50:10.0406 3044 elxstor - ok
16:50:10.0430 3044 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:50:10.0478 3044 ErrDev - ok
16:50:10.0571 3044 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
16:50:10.0646 3044 EventSystem - ok
16:50:10.0674 3044 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
16:50:10.0749 3044 exfat - ok
16:50:10.0778 3044 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:50:10.0854 3044 fastfat - ok
16:50:10.0900 3044 [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax C:\Windows\system32\fxssvc.exe
16:50:11.0003 3044 Fax - ok
16:50:11.0047 3044 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys
16:50:11.0104 3044 fdc - ok
16:50:11.0136 3044 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
16:50:11.0216 3044 fdPHost - ok
16:50:11.0237 3044 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
16:50:11.0309 3044 FDResPub - ok
16:50:11.0329 3044 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:50:11.0361 3044 FileInfo - ok
16:50:11.0394 3044 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:50:11.0461 3044 Filetrace - ok
16:50:11.0489 3044 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:50:11.0543 3044 flpydisk - ok
16:50:11.0568 3044 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:50:11.0609 3044 FltMgr - ok
16:50:11.0679 3044 [ 151258FC2EC8C48BDF8A53350AE0A676 ] FontCache C:\Windows\system32\FntCache.dll
16:50:11.0804 3044 FontCache - ok
16:50:11.0958 3044 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:50:11.0999 3044 FontCache3.0.0.0 - ok
16:50:12.0079 3044 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:50:12.0113 3044 FsDepends - ok
16:50:12.0160 3044 [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:50:12.0197 3044 Fs_Rec - ok
16:50:12.0268 3044 [ DAFBD9FE39197495AED6D51F3B85B5D2 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:50:12.0316 3044 fvevol - ok
16:50:12.0363 3044 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:50:12.0395 3044 gagp30kx - ok
16:50:12.0449 3044 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:50:12.0473 3044 GEARAspiWDM - ok
16:50:12.0541 3044 [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc C:\Windows\System32\gpsvc.dll
16:50:12.0623 3044 gpsvc - ok
16:50:12.0661 3044 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:50:12.0740 3044 hcw85cir - ok
16:50:12.0779 3044 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:50:12.0844 3044 HdAudAddService - ok
16:50:12.0892 3044 [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:50:12.0942 3044 HDAudBus - ok
16:50:12.0974 3044 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:50:13.0009 3044 HidBatt - ok
16:50:13.0059 3044 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:50:13.0114 3044 HidBth - ok
16:50:13.0157 3044 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
16:50:13.0210 3044 HidIr - ok
16:50:13.0267 3044 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
16:50:13.0348 3044 hidserv - ok
16:50:13.0399 3044 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:50:13.0450 3044 HidUsb - ok
16:50:13.0486 3044 [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:50:13.0573 3044 hkmsvc - ok
16:50:13.0603 3044 [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:50:13.0676 3044 HomeGroupListener - ok
16:50:13.0737 3044 [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:50:13.0781 3044 HomeGroupProvider - ok
16:50:13.0828 3044 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:50:13.0863 3044 HpSAMD - ok
16:50:13.0915 3044 [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:50:14.0008 3044 HTTP - ok
16:50:14.0038 3044 [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:50:14.0068 3044 hwpolicy - ok
16:50:14.0090 3044 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
16:50:14.0147 3044 i8042prt - ok
16:50:14.0205 3044 [ 934AF4D7C5F457B9F0743F4299B77B67 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:50:14.0249 3044 iaStorV - ok
16:50:14.0339 3044 [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:50:14.0393 3044 idsvc - ok
16:50:14.0560 3044 [ E21A74A91F7AA3BB2E985C4CDDCA63F2 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
16:50:14.0814 3044 igfx - ok
16:50:14.0881 3044 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:50:14.0914 3044 iirsp - ok
16:50:14.0986 3044 [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT C:\Windows\System32\ikeext.dll
16:50:15.0112 3044 IKEEXT - ok
16:50:15.0242 3044 [ 0B7E398549ACEC7A6F8BD755C2CE40B5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
16:50:15.0422 3044 IntcAzAudAddService - ok
16:50:15.0447 3044 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
16:50:15.0478 3044 intelide - ok
16:50:15.0524 3044 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\drivers\intelppm.sys
16:50:15.0560 3044 intelppm - ok
16:50:15.0599 3044 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:50:15.0678 3044 IPBusEnum - ok
16:50:15.0711 3044 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:50:15.0800 3044 IpFilterDriver - ok
16:50:15.0859 3044 [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:50:15.0967 3044 iphlpsvc - ok
16:50:15.0993 3044 [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:50:16.0053 3044 IPMIDRV - ok
16:50:16.0095 3044 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:50:16.0185 3044 IPNAT - ok
16:50:16.0260 3044 [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:50:16.0336 3044 iPod Service - ok
16:50:16.0377 3044 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:50:16.0429 3044 IRENUM - ok
16:50:16.0469 3044 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:50:16.0501 3044 isapnp - ok
16:50:16.0530 3044 [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:50:16.0568 3044 iScsiPrt - ok
16:50:16.0619 3044 [ 0A1B5DD3AF49C91B852F23AD747973FB ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
16:50:16.0649 3044 JMCR - ok
16:50:16.0669 3044 [ 8A06C7A0E701BE6D618571095032DCB9 ] JME C:\Windows\system32\DRIVERS\JME.sys
16:50:16.0699 3044 JME - ok
16:50:16.0725 3044 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
16:50:16.0759 3044 kbdclass - ok
16:50:16.0814 3044 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
16:50:16.0870 3044 kbdhid - ok
16:50:16.0893 3044 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso C:\Windows\system32\lsass.exe
16:50:16.0928 3044 KeyIso - ok
16:50:17.0057 3044 [ 162A5E3A691B903111526147C8D29E6D ] Kodak AiO Network Discovery Service C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
16:50:17.0095 3044 Kodak AiO Network Discovery Service - ok
16:50:17.0200 3044 [ B5E53FCA219A6491E9A1BA146A5D2452 ] Kodak AiO Status Monitor Service C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
16:50:17.0241 3044 Kodak AiO Status Monitor Service ( UnsignedFile.Multi.Generic ) - warning
16:50:17.0241 3044 Kodak AiO Status Monitor Service - detected UnsignedFile.Multi.Generic (1)
16:50:17.0290 3044 [ 52FC17C8589F11747D01D3CF592673D0 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:50:17.0327 3044 KSecDD - ok
16:50:17.0352 3044 [ 3E5474B03568CFAB834DA3C38E8C9EFA ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:50:17.0401 3044 KSecPkg - ok
16:50:17.0452 3044 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
16:50:17.0555 3044 KtmRm - ok
16:50:17.0616 3044 [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer C:\Windows\system32\srvsvc.dll
16:50:17.0694 3044 LanmanServer - ok
16:50:17.0727 3044 [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:50:17.0818 3044 LanmanWorkstation - ok
16:50:17.0876 3044 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:50:17.0964 3044 lltdio - ok
16:50:17.0999 3044 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:50:18.0075 3044 lltdsvc - ok
16:50:18.0093 3044 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
16:50:18.0181 3044 lmhosts - ok
16:50:18.0236 3044 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:50:18.0270 3044 LSI_FC - ok
16:50:18.0316 3044 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:50:18.0350 3044 LSI_SAS - ok
16:50:18.0372 3044 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:50:18.0408 3044 LSI_SAS2 - ok
16:50:18.0437 3044 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:50:18.0471 3044 LSI_SCSI - ok
16:50:18.0510 3044 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
16:50:18.0589 3044 luafv - ok
16:50:18.0630 3044 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
16:50:18.0666 3044 megasas - ok
16:50:18.0713 3044 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:50:18.0752 3044 MegaSR - ok
16:50:18.0784 3044 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
16:50:18.0855 3044 MMCSS - ok
16:50:18.0878 3044 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
16:50:18.0979 3044 Modem - ok
16:50:19.0018 3044 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:50:19.0066 3044 monitor - ok
16:50:19.0111 3044 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:50:19.0143 3044 mouclass - ok
16:50:19.0184 3044 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:50:19.0248 3044 mouhid - ok
16:50:19.0261 3044 [ 921C18727C5920D6C0300736646931C2 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:50:19.0297 3044 mountmgr - ok
16:50:19.0329 3044 [ 2AF5997438C55FB79D33D015C30E1974 ] mpio C:\Windows\system32\drivers\mpio.sys
16:50:19.0365 3044 mpio - ok
16:50:19.0391 3044 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:50:19.0474 3044 mpsdrv - ok
16:50:19.0536 3044 [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc C:\Windows\system32\mpssvc.dll
16:50:19.0628 3044 MpsSvc - ok
16:50:19.0664 3044 [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:50:19.0710 3044 MRxDAV - ok
16:50:19.0752 3044 [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:50:19.0810 3044 mrxsmb - ok
16:50:19.0845 3044 [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:50:19.0900 3044 mrxsmb10 - ok
16:50:19.0933 3044 [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:50:19.0968 3044 mrxsmb20 - ok
16:50:20.0017 3044 [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci C:\Windows\system32\drivers\msahci.sys
16:50:20.0051 3044 msahci - ok
16:50:20.0071 3044 [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:50:20.0108 3044 msdsm - ok
16:50:20.0144 3044 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
16:50:20.0190 3044 MSDTC - ok
16:50:20.0231 3044 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:50:20.0317 3044 Msfs - ok
16:50:20.0354 3044 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:50:20.0436 3044 mshidkmdf - ok
16:50:20.0460 3044 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:50:20.0491 3044 msisadrv - ok
16:50:20.0542 3044 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:50:20.0627 3044 MSiSCSI - ok
16:50:20.0639 3044 msiserver - ok
16:50:20.0670 3044 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:50:20.0752 3044 MSKSSRV - ok
16:50:20.0783 3044 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:50:20.0864 3044 MSPCLOCK - ok
16:50:20.0889 3044 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:50:20.0980 3044 MSPQM - ok
16:50:21.0016 3044 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:50:21.0053 3044 MsRPC - ok
16:50:21.0081 3044 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:50:21.0112 3044 mssmbios - ok
16:50:21.0150 3044 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:50:21.0226 3044 MSTEE - ok
16:50:21.0244 3044 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:50:21.0293 3044 MTConfig - ok
16:50:21.0318 3044 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
16:50:21.0350 3044 Mup - ok
16:50:21.0407 3044 [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent C:\Windows\system32\qagentRT.dll
16:50:21.0504 3044 napagent - ok
16:50:21.0561 3044 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:50:21.0623 3044 NativeWifiP - ok
16:50:21.0664 3044 [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:50:21.0723 3044 NDIS - ok
16:50:21.0758 3044 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:50:21.0829 3044 NdisCap - ok
16:50:21.0859 3044 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:50:21.0927 3044 NdisTapi - ok
16:50:21.0965 3044 [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:50:22.0038 3044 Ndisuio - ok
16:50:22.0060 3044 [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:50:22.0131 3044 NdisWan - ok
16:50:22.0155 3044 [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:50:22.0225 3044 NDProxy - ok
16:50:22.0263 3044 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:50:22.0357 3044 NetBIOS - ok
16:50:22.0373 3044 [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:50:22.0449 3044 NetBT - ok
16:50:22.0472 3044 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon C:\Windows\system32\lsass.exe
16:50:22.0512 3044 Netlogon - ok
16:50:22.0569 3044 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
16:50:22.0653 3044 Netman - ok
16:50:22.0691 3044 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
16:50:22.0797 3044 netprofm - ok
16:50:22.0857 3044 [ C340A607BA9D7FB82D39B12F0E829BDB ] netr28 C:\Windows\system32\DRIVERS\netr28.sys
16:50:22.0912 3044 netr28 - ok
16:50:22.0947 3044 [ FE2AA5A684B0DD9B1FAE57B7817C198B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:50:22.0976 3044 NetTcpPortSharing - ok
16:50:23.0039 3044 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:50:23.0074 3044 nfrd960 - ok
16:50:23.0123 3044 [ 2226496E34BD40734946A054B1CD657F ] NlaSvc C:\Windows\System32\nlasvc.dll
16:50:23.0212 3044 NlaSvc - ok
16:50:23.0233 3044 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:50:23.0306 3044 Npfs - ok
16:50:23.0346 3044 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
16:50:23.0439 3044 nsi - ok
16:50:23.0478 3044 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:50:23.0561 3044 nsiproxy - ok
16:50:23.0627 3044 [ 3795DCD21F740EE799FB7223234215AF ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:50:23.0729 3044 Ntfs - ok
16:50:23.0753 3044 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
16:50:23.0836 3044 Null - ok
16:50:23.0868 3044 [ 3F3D04B1D08D43C16EA7963954EC768D ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:50:23.0903 3044 nvraid - ok
16:50:23.0922 3044 [ C99F251A5DE63C6F129CF71933ACED0F ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:50:23.0959 3044 nvstor - ok
16:50:23.0988 3044 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:50:24.0031 3044 nv_agp - ok
16:50:24.0058 3044 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:50:24.0113 3044 ohci1394 - ok
16:50:24.0177 3044 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:50:24.0209 3044 ose - ok
16:50:24.0369 3044 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:50:24.0579 3044 osppsvc - ok
16:50:24.0644 3044 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:50:24.0726 3044 p2pimsvc - ok
16:50:24.0769 3044 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
16:50:24.0825 3044 p2psvc - ok
16:50:24.0861 3044 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\drivers\parport.sys
16:50:24.0898 3044 Parport - ok
16:50:24.0949 3044 [ 66D3415C159741ADE7038A277EFFF99F ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:50:24.0982 3044 partmgr - ok
16:50:25.0003 3044 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\drivers\parvdm.sys
16:50:25.0038 3044 Parvdm - ok
16:50:25.0082 3044 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:50:25.0129 3044 PcaSvc - ok
16:50:25.0150 3044 [ C858CB77C577780ECC456A892E7E7D0F ] pci C:\Windows\system32\drivers\pci.sys
16:50:25.0188 3044 pci - ok
16:50:25.0214 3044 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
16:50:25.0245 3044 pciide - ok
16:50:25.0272 3044 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:50:25.0317 3044 pcmcia - ok
16:50:25.0354 3044 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
16:50:25.0387 3044 pcw - ok
16:50:25.0428 3044 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:50:25.0538 3044 PEAUTH - ok
16:50:25.0661 3044 [ 9C1BFF7910C89A1D12E57343475840CB ] pla C:\Windows\system32\pla.dll
16:50:25.0811 3044 pla - ok
16:50:25.0882 3044 [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:50:25.0940 3044 PlugPlay - ok
16:50:26.0034 3044 [ 627FA58ADC043704F9D14CA44340956F ] PMBDeviceInfoProvider c:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
16:50:26.0082 3044 PMBDeviceInfoProvider - ok
16:50:26.0101 3044 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:50:26.0154 3044 PNRPAutoReg - ok
16:50:26.0179 3044 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:50:26.0221 3044 PNRPsvc - ok
16:50:26.0292 3044 [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:50:26.0389 3044 PolicyAgent - ok
16:50:26.0435 3044 [ DBFF83F709A91049621C1D35DD45C92C ] Power C:\Windows\system32\umpo.dll
16:50:26.0509 3044 Power - ok
16:50:26.0561 3044 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:50:26.0650 3044 PptpMiniport - ok
16:50:26.0675 3044 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
16:50:26.0736 3044 Processor - ok
16:50:26.0785 3044 [ AEA3BDBDBA667AA6F678CB38907E4F5E ] ProfSvc C:\Windows\system32\profsvc.dll
16:50:26.0886 3044 ProfSvc - ok
16:50:26.0905 3044 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:50:26.0940 3044 ProtectedStorage - ok
16:50:26.0972 3044 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:50:27.0053 3044 Psched - ok
16:50:27.0124 3044 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:50:27.0234 3044 ql2300 - ok
16:50:27.0263 3044 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:50:27.0298 3044 ql40xx - ok
16:50:27.0358 3044 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
16:50:27.0416 3044 QWAVE - ok
16:50:27.0439 3044 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:50:27.0498 3044 QWAVEdrv - ok
16:50:27.0529 3044 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:50:27.0613 3044 RasAcd - ok
16:50:27.0637 3044 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:50:27.0713 3044 RasAgileVpn - ok
16:50:27.0753 3044 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
16:50:27.0824 3044 RasAuto - ok
16:50:27.0844 3044 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:50:27.0932 3044 Rasl2tp - ok
16:50:27.0966 3044 [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan C:\Windows\System32\rasmans.dll
16:50:28.0061 3044 RasMan - ok
16:50:28.0100 3044 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:50:28.0184 3044 RasPppoe - ok
16:50:28.0250 3044 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:50:28.0319 3044 RasSstp - ok
16:50:28.0378 3044 [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:50:28.0451 3044 rdbss - ok
16:50:28.0483 3044 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
16:50:28.0522 3044 rdpbus - ok
16:50:28.0554 3044 [ 1E016846895B15A99F9A176A05029075 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:50:28.0634 3044 RDPCDD - ok
16:50:28.0665 3044 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:50:28.0732 3044 RDPENCDD - ok
16:50:28.0753 3044 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:50:28.0822 3044 RDPREFMP - ok
16:50:28.0859 3044 [ C5B8D47A4688DE9D335204EA757C2240 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:50:28.0958 3044 RDPWD - ok
16:50:29.0014 3044 [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:50:29.0051 3044 rdyboost - ok
16:50:29.0099 3044 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
16:50:29.0187 3044 RemoteAccess - ok
16:50:29.0237 3044 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:50:29.0334 3044 RemoteRegistry - ok
16:50:29.0380 3044 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
16:50:29.0442 3044 RFCOMM - ok
16:50:29.0463 3044 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:50:29.0534 3044 RpcEptMapper - ok
16:50:29.0569 3044 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
16:50:29.0616 3044 RpcLocator - ok
16:50:29.0645 3044 [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs C:\Windows\system32\rpcss.dll
16:50:29.0722 3044 RpcSs - ok
16:50:29.0772 3044 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:50:29.0857 3044 rspndr - ok
16:50:29.0931 3044 [ 5B33F64111F626A28026211DA65E6547 ] SampleCollector C:\Program Files\Sony\VAIO Care\collsvc.exe
16:50:29.0949 3044 SampleCollector ( UnsignedFile.Multi.Generic ) - warning
16:50:29.0949 3044 SampleCollector - detected UnsignedFile.Multi.Generic (1)
16:50:29.0971 3044 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs C:\Windows\system32\lsass.exe
16:50:30.0006 3044 SamSs - ok
16:50:30.0042 3044 [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:50:30.0076 3044 sbp2port - ok
16:50:30.0119 3044 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:50:30.0206 3044 SCardSvr - ok
16:50:30.0244 3044 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:50:30.0313 3044 scfilter - ok
16:50:30.0383 3044 [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule C:\Windows\system32\schedsvc.dll
16:50:30.0515 3044 Schedule - ok
16:50:30.0542 3044 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:50:30.0612 3044 SCPolicySvc - ok
16:50:30.0679 3044 [ AA826E35F6D28A8E5D1EFEB337F24BA2 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
16:50:30.0752 3044 sdbus - ok
16:50:30.0796 3044 [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:50:30.0885 3044 SDRSVC - ok
16:50:30.0916 3044 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:50:31.0000 3044 secdrv - ok
16:50:31.0027 3044 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
16:50:31.0111 3044 seclogon - ok
16:50:31.0152 3044 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
16:50:31.0231 3044 SENS - ok
16:50:31.0263 3044 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\drivers\serenum.sys
16:50:31.0299 3044 Serenum - ok
16:50:31.0343 3044 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\drivers\serial.sys
16:50:31.0399 3044 Serial - ok
16:50:31.0429 3044 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:50:31.0464 3044 sermouse - ok
16:50:31.0534 3044 [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv C:\Windows\system32\sessenv.dll
16:50:31.0612 3044 SessionEnv - ok
16:50:31.0669 3044 [ 8B7C1768D2CDE2E02E09A66563DDFD16 ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
16:50:31.0723 3044 SFEP - ok
16:50:31.0747 3044 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:50:31.0801 3044 sffdisk - ok
16:50:31.0834 3044 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:50:31.0891 3044 sffp_mmc - ok
16:50:31.0923 3044 [ A0708BBD07D245C06FF9DE549CA47185 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:50:31.0970 3044 sffp_sd - ok
16:50:32.0001 3044 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:50:32.0061 3044 sfloppy - ok
16:50:32.0116 3044 [ D9B734638DD8DBA9D59AAD3189CD0FAD ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
16:50:32.0171 3044 Sftfs - ok
16:50:32.0236 3044 [ CB73BC422C07FB611F194DA18D1E7F36 ] sftlist C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
16:50:32.0279 3044 sftlist - ok
16:50:32.0304 3044 [ 2F61BD46C0BFF4EB36E1E359CA17BFC5 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
16:50:32.0344 3044 Sftplay - ok
16:50:32.0366 3044 [ 518BAC0179F94304F422696B47C0EC12 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
16:50:32.0393 3044 Sftredir - ok
16:50:32.0434 3044 [ 747325236D88B3F05FFD27FF9EC711C5 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
16:50:32.0460 3044 Sftvol - ok
16:50:32.0523 3044 [ A5812F0281CA5081BF696626F9BF324D ] sftvsa C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
16:50:32.0554 3044 sftvsa - ok
16:50:32.0597 3044 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:50:32.0679 3044 SharedAccess - ok
16:50:32.0714 3044 [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:50:32.0787 3044 ShellHWDetection - ok
16:50:32.0821 3044 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
16:50:32.0855 3044 sisagp - ok
16:50:32.0926 3044 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:50:32.0963 3044 SiSRaid2 - ok
16:50:32.0989 3044 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:50:33.0023 3044 SiSRaid4 - ok
16:50:33.0050 3044 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:50:33.0134 3044 Smb - ok
16:50:33.0184 3044 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:50:33.0244 3044 SNMPTRAP - ok
16:50:33.0343 3044 [ 98886C88A1CB13D61672AE2C638B7E1C ] SOHCImp C:\Program Files\Common Files\Sony Shared\SOHLib\SOHCImp.exe
16:50:33.0381 3044 SOHCImp - ok
16:50:33.0399 3044 [ 442A13F395546F4564C377296D43B564 ] SOHDBSvr C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
16:50:33.0424 3044 SOHDBSvr - ok
16:50:33.0458 3044 [ 556681BE668D71DC162391A45422B52C ] SOHDms C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDms.exe
16:50:33.0494 3044 SOHDms - ok
16:50:33.0522 3044 [ 72B46103E4111439109ACF5882627C24 ] SOHDs C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDs.exe
16:50:33.0546 3044 SOHDs - ok
16:50:33.0568 3044 [ 725B6E9CD1959271AC993DC035E1606D ] SOHPlMgr C:\Program Files\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
16:50:33.0593 3044 SOHPlMgr - ok
16:50:33.0615 3044 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
16:50:33.0647 3044 spldr - ok
16:50:33.0693 3044 [ D1BB750EB51694DE183E08B9C33BE5B2 ] Spooler C:\Windows\System32\spoolsv.exe
16:50:33.0776 3044 Spooler - ok
16:50:33.0894 3044 [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc C:\Windows\system32\sppsvc.exe
16:50:34.0058 3044 sppsvc - ok
16:50:34.0082 3044 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:50:34.0164 3044 sppuinotify - ok
16:50:34.0218 3044 [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:50:34.0330 3044 srv - ok
16:50:34.0375 3044 [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:50:34.0433 3044 srv2 - ok
16:50:34.0469 3044 [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:50:34.0517 3044 srvnet - ok
16:50:34.0556 3044 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:50:34.0630 3044 SSDPSRV - ok
16:50:34.0677 3044 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
16:50:34.0709 3044 ssmdrv - ok
16:50:34.0727 3044 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:50:34.0799 3044 SstpSvc - ok
16:50:34.0850 3044 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:50:34.0886 3044 stexstor - ok
16:50:34.0941 3044 [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc C:\Windows\System32\wiaservc.dll
16:50:35.0002 3044 StiSvc - ok
16:50:35.0027 3044 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
16:50:35.0059 3044 swenum - ok
16:50:35.0092 3044 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
16:50:35.0171 3044 swprv - ok
16:50:35.0231 3044 [ 215A45246C6E2D0A9C263CE1786C8D8A ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
16:50:35.0266 3044 SynTP - ok
16:50:35.0315 3044 [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain C:\Windows\system32\sysmain.dll
16:50:35.0393 3044 SysMain - ok
16:50:35.0415 3044 [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:50:35.0473 3044 TabletInputService - ok
16:50:35.0504 3044 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv C:\Windows\System32\tapisrv.dll
16:50:35.0581 3044 TapiSrv - ok
16:50:35.0603 3044 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
16:50:35.0696 3044 TBS - ok
16:50:35.0777 3044 [ 55E9965552741F3850CB22CBBA9671ED ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:50:35.0860 3044 Tcpip - ok
16:50:35.0922 3044 [ 55E9965552741F3850CB22CBBA9671ED ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:50:35.0998 3044 TCPIP6 - ok
16:50:36.0036 3044 [ E64444523ADD154F86567C469BC0B17F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:50:36.0112 3044 tcpipreg - ok
16:50:36.0148 3044 [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:50:36.0206 3044 TDPIPE - ok
16:50:36.0241 3044 [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:50:36.0290 3044 TDTCP - ok
16:50:36.0320 3044 [ CB39E896A2A83702D1737BFD402B3542 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:50:36.0392 3044 tdx - ok
16:50:36.0411 3044 [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD C:\Windows\system32\drivers\termdd.sys
16:50:36.0444 3044 TermDD - ok
16:50:36.0493 3044 [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService C:\Windows\System32\termsrv.dll
16:50:36.0595 3044 TermService - ok
16:50:36.0622 3044 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
16:50:36.0675 3044 Themes - ok
16:50:36.0694 3044 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
16:50:36.0768 3044 THREADORDER - ok
16:50:36.0788 3044 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
16:50:36.0869 3044 TrkWks - ok
16:50:36.0945 3044 [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:50:37.0011 3044 TrustedInstaller - ok
16:50:37.0041 3044 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:50:37.0108 3044 tssecsrv - ok
16:50:37.0159 3044 [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:50:37.0229 3044 tunnel - ok
16:50:37.0271 3044 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:50:37.0305 3044 uagp35 - ok
16:50:37.0332 3044 [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:50:37.0414 3044 udfs - ok
16:50:37.0463 3044 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:50:37.0506 3044 UI0Detect - ok
16:50:37.0553 3044 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:50:37.0587 3044 uliagpkx - ok
16:50:37.0629 3044 [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:50:37.0683 3044 umbus - ok
16:50:37.0723 3044 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
16:50:37.0775 3044 UmPass - ok
16:50:37.0820 3044 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
16:50:37.0913 3044 upnphost - ok
16:50:37.0958 3044 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
16:50:38.0008 3044 USBAAPL - ok
16:50:38.0049 3044 [ C31AE588E403042632DC796CF09E30B0 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:50:38.0117 3044 usbccgp - ok
16:50:38.0178 3044 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:50:38.0226 3044 usbcir - ok
16:50:38.0268 3044 [ E4C436D914768CE965D5E659BA7EEBD8 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:50:38.0308 3044 usbehci - ok
16:50:38.0336 3044 [ BDCD7156EC37448F08633FD899823620 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:50:38.0379 3044 usbhub - ok
16:50:38.0401 3044 [ EB2D819A639015253C871CDA09D91D58 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:50:38.0436 3044 usbohci - ok
16:50:38.0501 3044 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:50:38.0558 3044 usbprint - ok
16:50:38.0615 3044 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:50:38.0670 3044 usbscan - ok
16:50:38.0698 3044 [ D8889D56E0D27E57ED4591837FE71D27 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:50:38.0751 3044 USBSTOR - ok
16:50:38.0787 3044 [ 22480BF4E5A09192E5E30BA4DDE79FA4 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
16:50:38.0821 3044 usbuhci - ok
16:50:38.0888 3044 [ B5F6A992D996282B7FAE7048E50AF83A ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
16:50:38.0941 3044 usbvideo - ok
16:50:38.0981 3044 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
16:50:39.0055 3044 UxSms - ok
16:50:39.0110 3044 [ 4E7135D6D0127067E4CFEE12259F895D ] VAIO Entertainment TV Device Arbitration Service C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
16:50:39.0127 3044 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - warning
16:50:39.0127 3044 VAIO Entertainment TV Device Arbitration Service - detected UnsignedFile.Multi.Generic (1)
16:50:39.0173 3044 [ D4197CF0C8567046FD4AF28FF47AF528 ] VAIO Event Service C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
16:50:39.0202 3044 VAIO Event Service - ok
16:50:39.0248 3044 [ 49A7C107D51D5F481F702FE75548CE8F ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
16:50:39.0294 3044 VAIO Power Management - ok
16:50:39.0316 3044 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc C:\Windows\system32\lsass.exe
16:50:39.0351 3044 VaultSvc - ok
16:50:39.0405 3044 [ 6A740F5FF3246C3BE3DD317299EFC88E ] VCFw C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
16:50:39.0448 3044 VCFw - ok
16:50:39.0526 3044 [ FD03AC6CD1571AA8B2FF56D3C600E26E ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
16:50:39.0580 3044 VcmIAlzMgr - ok
16:50:39.0628 3044 [ 9D9B34B430B4DC683112F59C80D20AB8 ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
16:50:39.0663 3044 VcmINSMgr - ok
16:50:39.0713 3044 [ B56CD01F36EEF2967EF18D8DF0E5C285 ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
16:50:39.0743 3044 VcmXmlIfHelper - ok
16:50:39.0792 3044 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:50:39.0834 3044 vdrvroot - ok
16:50:39.0879 3044 [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds C:\Windows\System32\vds.exe
16:50:39.0945 3044 vds - ok
16:50:39.0974 3044 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:50:40.0013 3044 vga - ok
16:50:40.0040 3044 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:50:40.0113 3044 VgaSave - ok
16:50:40.0133 3044 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:50:40.0170 3044 vhdmp - ok
16:50:40.0199 3044 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
16:50:40.0233 3044 viaagp - ok
16:50:40.0245 3044 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
16:50:40.0295 3044 ViaC7 - ok
16:50:40.0329 3044 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
16:50:40.0362 3044 viaide - ok
16:50:40.0387 3044 [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:50:40.0423 3044 volmgr - ok
16:50:40.0447 3044 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:50:40.0487 3044 volmgrx - ok
16:50:40.0505 3044 [ 58DF9D2481A56EDDE167E51B334D44FD ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:50:40.0548 3044 volsnap - ok
16:50:40.0573 3044 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:50:40.0616 3044 vsmraid - ok
16:50:40.0688 3044 [ B980371327236BDACB9580ABD14681BD ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
16:50:40.0726 3044 VSNService ( UnsignedFile.Multi.Generic ) - warning
16:50:40.0726 3044 VSNService - detected UnsignedFile.Multi.Generic (1)
16:50:40.0784 3044 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS C:\Windows\system32\vssvc.exe
16:50:40.0881 3044 VSS - ok
16:50:40.0940 3044 [ DC719EF575518BCD7D229E898E306F35 ] VUAgent C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
16:50:40.0984 3044 VUAgent - ok
16:50:41.0024 3044 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:50:41.0071 3044 vwifibus - ok
16:50:41.0099 3044 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:50:41.0141 3044 vwififlt - ok
16:50:41.0180 3044 [ D8BEF4AC1EAC809DBDBD441D6CFF6C4C ] VzCdbSvc C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
16:50:41.0197 3044 VzCdbSvc ( UnsignedFile.Multi.Generic ) - warning
16:50:41.0197 3044 VzCdbSvc - detected UnsignedFile.Multi.Generic (1)
16:50:41.0227 3044 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
16:50:41.0306 3044 W32Time - ok
16:50:41.0355 3044 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:50:41.0390 3044 WacomPen - ok
16:50:41.0414 3044 [ 692A712062146E96D28BA0B7D75DE31B ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:50:41.0484 3044 WANARP - ok
16:50:41.0498 3044 [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:50:41.0568 3044 Wanarpv6 - ok
16:50:41.0638 3044 [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine C:\Windows\system32\wbengine.exe
16:50:41.0736 3044 wbengine - ok
16:50:41.0760 3044 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:50:41.0819 3044 WbioSrvc - ok
16:50:41.0869 3044 [ 6D9B75275C3E3A5F51AEF81AFFADB2B6 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:50:41.0926 3044 wcncsvc - ok
16:50:41.0953 3044 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:50:42.0040 3044 WcsPlugInService - ok
16:50:42.0082 3044 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
16:50:42.0120 3044 Wd - ok
16:50:42.0157 3044 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:50:42.0211 3044 Wdf01000 - ok
16:50:42.0247 3044 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:50:42.0293 3044 WdiServiceHost - ok
16:50:42.0305 3044 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:50:42.0356 3044 WdiSystemHost - ok
16:50:42.0411 3044 [ BB5EC38F8D4600119B4720BC5D4211F1 ] WebClient C:\Windows\System32\webclnt.dll
16:50:42.0488 3044 WebClient - ok
16:50:42.0529 3044 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:50:42.0603 3044 Wecsvc - ok
16:50:42.0617 3044 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:50:42.0698 3044 wercplsupport - ok
16:50:42.0736 3044 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
16:50:42.0816 3044 WerSvc - ok
16:50:42.0862 3044 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:50:42.0936 3044 WfpLwf - ok
16:50:42.0963 3044 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:50:42.0997 3044 WIMMount - ok
16:50:43.0090 3044 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
16:50:43.0148 3044 WinDefend - ok
16:50:43.0164 3044 WinHttpAutoProxySvc - ok
16:50:43.0231 3044 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:50:43.0304 3044 Winmgmt - ok
16:50:43.0371 3044 [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM C:\Windows\system32\WsmSvc.dll
16:50:43.0486 3044 WinRM - ok
16:50:43.0552 3044 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:50:43.0591 3044 WinUsb - ok
16:50:43.0651 3044 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:50:43.0766 3044 Wlansvc - ok
16:50:43.0798 3044 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:50:43.0833 3044 WmiAcpi - ok
16:50:43.0894 3044 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:50:43.0939 3044 wmiApSrv - ok
16:50:44.0009 3044 [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
16:50:44.0121 3044 WMPNetworkSvc - ok
16:50:44.0166 3044 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:50:44.0230 3044 WPCSvc - ok
16:50:44.0253 3044 [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:50:44.0318 3044 WPDBusEnum - ok
16:50:44.0341 3044 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:50:44.0429 3044 ws2ifsl - ok
16:50:44.0470 3044 [ A661A76333057B383A06E65F0073222F ] wscsvc C:\Windows\System32\wscsvc.dll
16:50:44.0524 3044 wscsvc - ok
16:50:44.0536 3044 WSearch - ok
16:50:44.0629 3044 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
16:50:44.0762 3044 wuauserv - ok
16:50:44.0812 3044 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:50:44.0884 3044 WudfPf - ok
16:50:44.0908 3044 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:50:44.0983 3044 WUDFRd - ok
16:50:45.0045 3044 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:50:45.0132 3044 wudfsvc - ok
16:50:45.0163 3044 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
16:50:45.0217 3044 WwanSvc - ok
16:50:45.0262 3044 ================ Scan global ===============================
16:50:45.0313 3044 [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll
16:50:45.0361 3044 [ 008F51AE989C3DF1CBAF8B39DC423CCC ] C:\Windows\system32\winsrv.dll
16:50:45.0383 3044 [ 008F51AE989C3DF1CBAF8B39DC423CCC ] C:\Windows\system32\winsrv.dll
16:50:45.0420 3044 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
16:50:45.0463 3044 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
16:50:45.0474 3044 [Global] - ok
16:50:45.0475 3044 ================ Scan MBR ==================================
16:50:45.0492 3044 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:50:45.0899 3044 \Device\Harddisk0\DR0 - ok
16:50:45.0901 3044 ================ Scan VBR ==================================
16:50:45.0911 3044 [ D6847D140F921D03BCA35F0A5308CAF3 ] \Device\Harddisk0\DR0\Partition1
16:50:45.0915 3044 \Device\Harddisk0\DR0\Partition1 - ok
16:50:45.0954 3044 [ 0BC23C8990465867A17F191A4FCA82F8 ] \Device\Harddisk0\DR0\Partition2
16:50:45.0957 3044 \Device\Harddisk0\DR0\Partition2 - ok
16:50:45.0958 3044 ============================================================
16:50:45.0959 3044 Scan finished
16:50:45.0959 3044 ============================================================
16:50:45.0986 4264 Detected object count: 5
16:50:45.0986 4264 Actual detected object count: 5
16:51:19.0735 4264 Kodak AiO Status Monitor Service ( UnsignedFile.Multi.Generic ) - skipped by user
16:51:19.0736 4264 Kodak AiO Status Monitor Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:51:19.0739 4264 SampleCollector ( UnsignedFile.Multi.Generic ) - skipped by user
16:51:19.0739 4264 SampleCollector ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:51:19.0743 4264 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - skipped by user
16:51:19.0743 4264 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:51:19.0747 4264 VSNService ( UnsignedFile.Multi.Generic ) - skipped by user
16:51:19.0747 4264 VSNService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:51:19.0751 4264 VzCdbSvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:51:19.0752 4264 VzCdbSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
Geändert von AbsolutStorm (14.11.2012 um 16:54 Uhr) |
|
15.11.2012, 07:31
| #6 | ||
| /// Malwareteam | Laptop-Maus bewegt sich und klickt Wild um sich. Bildschirm dreht sich um 90 Grad.Zitat:
Die Tools, die wir hier einsetzen, sind keine Spielzeuge und können deinen Rechner schlimmstenfalls unbootbar machen - folge also bitte genau meinen Anweisungen!  Combofix Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!Downloade dir bitte Combofix von einem dieser Downloadspiegel Link 1 Link 2 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ --> Laptop-Maus bewegt sich und klickt Wild um sich. Bildschirm dreht sich um 90 Grad. |
|
15.11.2012, 15:02
| #7 |
| | Laptop-Maus bewegt sich und klickt Wild um sich. Bildschirm dreht sich um 90 Grad. COMBOFIX.txt Code:
ATTFilter ComboFix 12-11-14.01 - Nici 15.11.2012 14:44:42.1.2 - x86
Microsoft Windows 7 Starter 6.1.7600.0.1252.49.1031.18.1013.184 [GMT 1:00]
ausgeführt von:: c:\users\Nici\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Outdated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Outdated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-10-15 bis 2012-11-15 ))))))))))))))))))))))))))))))
.
.
2012-11-15 13:56 . 2012-11-15 13:56 -------- d-----w- c:\users\Default\AppData\Local\temp
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-12-23 8120864]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-11-26 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-11-26 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-11-26 150552]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-12-23 1578280]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2009-08-26 320880]
"PMBVolumeWatcher"="c:\program files\Sony\PMB\PMBVolumeWatcher.exe" [2009-10-24 597792]
"MarketingTools"="c:\program files\Sony\Marketing Tools\MarketingTools.exe" [2012-07-10 26624]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]
"EKIJ5000StatusMonitor"="c:\windows\system32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe" [2010-09-02 1638400]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-4 795936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-11-30 17:20 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 SampleCollector;Intel(R) Sample Collector;c:\program files\Sony\VAIO Care\collsvc.exe [x]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
R3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [x]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\Common Files\Sony Shared\SOHLib\SOHDms.exe [x]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
R3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [x]
R3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [x]
R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\Kodak\AiO\Center\EKAiOHostService.exe [x]
S2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;c:\program files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\Sony\PMB\PMBDeviceInfoProvider.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 VCFw;VAIO Content Folder Watcher;c:\program files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
S3 JME;JMicron Ethernet Adapter NDIS6.20 Driver;c:\windows\system32\DRIVERS\JME.sys [x]
S3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-10-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-732471312-2568886562-2223330888-1000Core.job
- c:\users\Nici\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-10 11:24]
.
2012-11-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-732471312-2568886562-2223330888-1000UA.job
- c:\users\Nici\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-10 11:24]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://sony.msn.com
uInternet Settings,ProxyOverride = *.local
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-Conime - c:\windows\system32\conime.exe
SafeBoot-mcmscsvc
SafeBoot-MCODS
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\collsvc.exe\" \"/service\" \"/counter=\Processor(_Total)\% Processor Time:5\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:5\" \"/counter=\Network Interface(*)\Bytes Total/sec:5\" \"/directory=inteldata\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(5620)
c:\program files\WIDCOMM\Bluetooth Software\btmmhook.dll
.
Zeit der Fertigstellung: 2012-11-15 15:00:24
ComboFix-quarantined-files.txt 2012-11-15 14:00
.
Vor Suchlauf: 9 Verzeichnis(se), 168.111.554.560 Bytes frei
Nach Suchlauf: 11 Verzeichnis(se), 168.053.354.496 Bytes frei
.
- - End Of File - - 7B2640662F19D753BB77FD20B78CD945
|
|
15.11.2012, 15:04
| #8 |
| /// Malwareteam | Laptop-Maus bewegt sich und klickt Wild um sich. Bildschirm dreht sich um 90 Grad. Sieht ganz gut aus - kontrollieren wir alles nochmal!  Schritt 1: MBAM vollständig Downloade Dir bitte Malwarebytes
Schritt 2: ESET ESET Online Scanner
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
15.11.2012, 18:59
| #9 |
| | Laptop-Maus bewegt sich und klickt Wild um sich. Bildschirm dreht sich um 90 Grad.Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.11.15.07 Windows 7 x86 NTFS Internet Explorer 9.0.8112.16421 Nici :: NICI-VAIO [Administrator] Schutz: Deaktiviert 15.11.2012 17:34:19 mbam-log-2012-11-15 (17-34-19).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|Q:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 278557 Laufzeit: 57 Minute(n), 43 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) den Online Scanner bekomme ich nicht zum laufen. Beim Download am Anfang des Programms sagt es mir "Can not get update. Is Proxy configure" oder so. Aber ich habe keinen Proxy installiert. Zum 90 Grad bildschirm drehen, ich bin drauf gekommen, dass meine Freundin sich vertippt hatte und anstatt "STRG+ALT+ENTF" zu drücken ist sie auf "STRG+ALT+Pfeiltaste Rechts" gekommen. Nur mit der Maus ist es echt merkwürdig. |
|
16.11.2012, 09:50
| #10 |
| /// Malwareteam | Laptop-Maus bewegt sich und klickt Wild um sich. Bildschirm dreht sich um 90 Grad. F-Secure Onlinescanner Bitte während der Online-Scans evtl. vorhandene externe Festplatten einschalten! Bitte während der Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliches) abstellen und nicht vergessen, alles hinterher wieder einzuschalten. Anmerkung für Vista und Win7 User: Bitte den Browser unbedingt als Administrator starten.
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
17.11.2012, 09:24
| #11 |
| | Laptop-Maus bewegt sich und klickt Wild um sich. Bildschirm dreht sich um 90 Grad.Code:
ATTFilter Scanbericht
Samstag, November 17, 2012 18:40:48 - 09:22:32
Name des Computers: NICI-VAIO
Scantyp: Scansystem für Malware, Spyware und Rootkits
Ziel: C:\ Q:\
3 Malware gefunden
TrackingCookie.Atdmt (Spyware)
System (Desinfiziert)
TrackingCookie.Doubleclick (Spyware)
System (Desinfiziert)
TrackingCookie.Yieldmanager (Spyware)
System (Desinfiziert)
Statistik
Gescannt:
Dateien: 298784
System: 3776
Nicht gescannt: 104
Aktionen:
Desinfiziert: 3
Umbenannt: 0
Gelöscht: 0
Nicht bereinigt: 0
Übermittelt: 0
Nicht gescannte Dateien:
C:\HIBERFIL.SYS
C:\PAGEFILE.SYS
C:\WINDOWS\SYSTEM32\LOGFILES\WMI\RTBACKUP\ETWRTEVENTLOG-APPLICATION.ETL
C:\WINDOWS\SYSTEM32\LOGFILES\WMI\RTBACKUP\ETWRTEVENTLOG-SECURITY.ETL
C:\WINDOWS\SYSTEM32\LOGFILES\WMI\RTBACKUP\ETWRTEVENTLOG-SYSTEM.ETL
C:\WINDOWS\SYSTEM32\LOGFILES\WMI\RTBACKUP\ETWRTDIAGLOG.ETL
C:\WINDOWS\SYSTEM32\LOGFILES\WMI\RTBACKUP\ETWRTUBPM.ETL
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG1
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG2
C:\WINDOWS\SYSTEM32\CONFIG\SAM
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG1
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG2
C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG1
C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG2
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG2
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG1
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG1
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG2
C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\DEFAULT
C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SAM
C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SECURITY
C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SOFTWARE
C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SYSTEM
C:\WINDOWS\SYSTEM32\CATROOT2\EDB.LOG
C:\WINDOWS\SYSTEM32\CATROOT2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\CATDB
C:\WINDOWS\SYSTEM32\CATROOT2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\CATDB
C:\WINDOWS\SERVICEPROFILES\NETWORKSERVICE\NTUSER.DAT
C:\WINDOWS\SERVICEPROFILES\NETWORKSERVICE\NTUSER.DAT.LOG1
C:\WINDOWS\SERVICEPROFILES\NETWORKSERVICE\NTUSER.DAT.LOG2
C:\WINDOWS\SERVICEPROFILES\LOCALSERVICE\NTUSER.DAT
C:\WINDOWS\SERVICEPROFILES\LOCALSERVICE\NTUSER.DAT.LOG1
C:\WINDOWS\SERVICEPROFILES\LOCALSERVICE\NTUSER.DAT.LOG2
C:\WINDOWS\SERVICEPROFILES\LOCALSERVICE\APPDATA\LOCAL\LASTALIVE0.DAT
C:\WINDOWS\SERVICEPROFILES\LOCALSERVICE\APPDATA\LOCAL\LASTALIVE1.DAT
C:\USERS\NICI\NTUSER.DAT
C:\USERS\NICI\NTUSER.DAT.LOG1
C:\USERS\NICI\NTUSER.DAT.LOG2
C:\Users\Nici\Downloads\avira_free_antivirus_de12001125.exe\avsdklist.zip\output.xml
C:\Users\Nici\Downloads\avira_free_antivirus_de12001125.exe\manualuninstallconfig.zip\out.xml
C:\Users\Nici\Downloads\avira_free_antivirus_de12001125.exe\productreleasenotes.zip\ProductReleaseNotes.xml
C:\Users\Nici\Downloads\avira_free_antivirus_de12001125.exe\qatestedproducts.zip\QATestedProducts.xml
C:\USERS\NICI\APPDATA\LOCAL\TEMP\ETILQS_NGHVFAHQANLTBCC
C:\USERS\NICI\APPDATA\LOCAL\TEMP\FML2399.TMP
C:\USERS\NICI\APPDATA\LOCAL\TEMP\ETILQS_CFOUHVTUWZ0PKA4
C:\USERS\NICI\APPDATA\LOCAL\TEMP\HSPERFDATA_NICI\2380
C:\USERS\NICI\APPDATA\LOCAL\TEMP\HSPERFDATA_NICI\5000
C:\USERS\NICI\APPDATA\LOCAL\MICROSOFT\WINDOWS\USRCLASS.DAT
C:\USERS\NICI\APPDATA\LOCAL\MICROSOFT\WINDOWS\USRCLASS.DAT.LOG1
C:\USERS\NICI\APPDATA\LOCAL\MICROSOFT\WINDOWS\USRCLASS.DAT.LOG2
C:\USERS\NICI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\LOCKFILE
C:\USERS\NICI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\CURRENT SESSION
C:\USERS\NICI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\CURRENT TABS
C:\USERS\NICI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\SESSION STORAGE\LOCK
C:\USERS\NICI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSION STATE\LOCK
C:\USERS\NICI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\CACHE\DATA_0
C:\USERS\NICI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\CACHE\DATA_1
C:\USERS\NICI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\CACHE\DATA_2
C:\USERS\NICI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\CACHE\DATA_3
C:\USERS\NICI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\CACHE\INDEX
C:\SYSTEM VOLUME INFORMATION\SYSCACHE.HVE
C:\SYSTEM VOLUME INFORMATION\SYSCACHE.HVE.LOG1
C:\SYSTEM VOLUME INFORMATION\SYSCACHE.HVE.LOG2
C:\SYSTEM VOLUME INFORMATION\{0B330E21-2F29-11E2-AD9A-5442497519A2}{3808876B-C176-4E48-B7AE-04046E6CC752}
C:\SYSTEM VOLUME INFORMATION\{1B9D3A31-0007-11E2-9FA4-5442497519A2}{3808876B-C176-4E48-B7AE-04046E6CC752}
C:\SYSTEM VOLUME INFORMATION\{3808876B-C176-4E48-B7AE-04046E6CC752}
C:\SYSTEM VOLUME INFORMATION\{6C879ED5-3012-11E2-895E-5442497519A2}{3808876B-C176-4E48-B7AE-04046E6CC752}
C:\SYSTEM VOLUME INFORMATION\{9B15D4E6-2DD4-11E2-BBBF-5442497519A2}{3808876B-C176-4E48-B7AE-04046E6CC752}
C:\SYSTEM VOLUME INFORMATION\{9B15D4E8-2DD4-11E2-BBBF-5442497519A2}{3808876B-C176-4E48-B7AE-04046E6CC752}
C:\SYSTEM VOLUME INFORMATION\{9B15D4EE-2DD4-11E2-BBBF-5442497519A2}{3808876B-C176-4E48-B7AE-04046E6CC752}
C:\SYSTEM VOLUME INFORMATION\{A4167245-F10E-11E1-9FF5-5442497519A2}{3808876B-C176-4E48-B7AE-04046E6CC752}
C:\QOOBOX\BACKENV\APPDATA.FOLDER.DAT
C:\QOOBOX\BACKENV\CACHE.FOLDER.DAT
C:\QOOBOX\BACKENV\COOKIES.FOLDER.DAT
C:\QOOBOX\BACKENV\DESKTOP.FOLDER.DAT
C:\QOOBOX\BACKENV\FAVORITES.FOLDER.DAT
C:\QOOBOX\BACKENV\HISTORY.FOLDER.DAT
C:\QOOBOX\BACKENV\LOCALAPPDATA.FOLDER.DAT
C:\QOOBOX\BACKENV\LOCALSETTINGS.FOLDER.DAT
C:\QOOBOX\BACKENV\MUSIC.FOLDER.DAT
C:\QOOBOX\BACKENV\NETHOOD.FOLDER.DAT
C:\QOOBOX\BACKENV\PERSONAL.FOLDER.DAT
C:\QOOBOX\BACKENV\PICTURES.FOLDER.DAT
C:\QOOBOX\BACKENV\PRINTHOOD.FOLDER.DAT
C:\QOOBOX\BACKENV\PROFILES.FOLDER.DAT
C:\QOOBOX\BACKENV\PROFILES.FOLDER.FOLDER.DAT
C:\QOOBOX\BACKENV\PROGRAMS.FOLDER.DAT
C:\QOOBOX\BACKENV\RECENT.FOLDER.DAT
C:\QOOBOX\BACKENV\SENDTO.FOLDER.DAT
C:\QOOBOX\BACKENV\SETPATH.BAT
C:\QOOBOX\BACKENV\STARTMENU.FOLDER.DAT
C:\QOOBOX\BACKENV\STARTUP.FOLDER.DAT
C:\QOOBOX\BACKENV\SYSPATH.DAT
C:\QOOBOX\BACKENV\TEMPLATES.FOLDER.DAT
C:\QOOBOX\BACKENV\VIKPEV00
C:\PROGRAMDATA\SONY CORPORATION\VAIO ENTERTAINMENT PLATFORM\1.0\VZCDB\MASTER.VZDB
C:\PROGRAMDATA\MICROSOFT\SEARCH\DATA\APPLICATIONS\WINDOWS\MSS.LOG
C:\PROGRAMDATA\MICROSOFT\SEARCH\DATA\APPLICATIONS\WINDOWS\TMP.EDB
C:\PROGRAMDATA\MICROSOFT\SEARCH\DATA\APPLICATIONS\WINDOWS\WINDOWS.EDB
C:\PROGRAMDATA\MICROSOFT\APPLICATION VIRTUALIZATION CLIENT\SOFTGRID CLIENT\SFTFS.FSD
C:\PROGRAMDATA\MICROSOFT\APPLICATION VIRTUALIZATION CLIENT\SOFTGRID CLIENT\SFTFS.FSG
Optionen
Scan-Engines:
Scanoptionen:
Alle Dateien scannen
Innerhalb von Archiven suchen
Erweiterte Heuristik verwenden
|
|
19.11.2012, 07:51
| #12 |
| /// Malwareteam | Laptop-Maus bewegt sich und klickt Wild um sich. Bildschirm dreht sich um 90 Grad. Wie verhält sich der Rechner?
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
19.11.2012, 17:12
| #13 |
| | Laptop-Maus bewegt sich und klickt Wild um sich. Bildschirm dreht sich um 90 Grad. Bisher keine Probleme mehr. War auch bisher einmalig das Vorkommen. |
|
20.11.2012, 07:55
| #14 |
| /// Malwareteam | Laptop-Maus bewegt sich und klickt Wild um sich. Bildschirm dreht sich um 90 Grad. Dann sind wir durch! Schritt 1: Java update Dein Java ist nicht mehr aktuell. Ältere Versionen enthalten Sicherheitslücken, die von Malware missbraucht werden können.
Nach dem Neustart:
Schritt 2: Adobe Flash Player update Dein Flash-Player ist veraltet. Da gerade diese Software gerne von Schädlingen als Sprungbrett ins System genutzt wird, muss sie immer aktuell gehalten werden. Um den Flash Player zu aktualisieren, gehe bitte wie folgt vor:
Schritt 3: Adobe Reader update Dein Adobe Reader ist veraltet. Da einige Schädlinge die Schwachstellen in veralteten Versionen nutzen, werden wir sie aktualisieren.
Downloade Dir bitte defogger von jpshortstuff auf Deinem Desktop.
Klicke den Re-enable Button nicht ohne Anweisung. ComboFix Bitte vor der folgenden Aktion wieder temporär Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren. Windows-Taste + R drücke. Kopiere nun folgende Zeile in die Kommandozeile und klicke OK. Code:
ATTFilter Combofix /Uninstall
 Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert, damit auch aus dieser die Schädlinge verschwinden. Nun die eben deaktivierten Programme wieder aktivieren. OTL Starte bitte OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Hier noch ein paar Tipps zur Absicherung deines Systems. Aktualität Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, damit ich diesen Thread aus meinen Abos löschen kann.
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
26.11.2012, 08:49
| #15 |
| /// Malwareteam | Laptop-Maus bewegt sich und klickt Wild um sich. Bildschirm dreht sich um 90 Grad. Schön, dass wir helfen konnten!  Dieses Thema scheint erledigt und wurde aus meinen Abos gelöscht. Solltest du das Thema erneut brauchen, schicke mir bitte eine PM. Jeder andere bitte hier klicken und ein eigenes Thema erstellen!
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
| Themen zu Laptop-Maus bewegt sich und klickt Wild um sich. Bildschirm dreht sich um 90 Grad. |
| antivir, auf einmal, ausgeschaltet, bewegt, bildschirm, dateien, dreht, erfolg, fotos, freundin, gefunde, gestern, inter, interne, internet, klick, klicke, klickt, laptop, leute, maus, nichts, storm, vorgehen |
Linear-Darstellung
