| |
| |||||||
Log-Analyse und Auswertung: TrojanDownloader:Win32/Adload.Da-VirusWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
30.01.2013, 23:06
| #1 |
 |  TrojanDownloader:Win32/Adload.Da-Virus Hallo, Windows hat bei mir im Wartungssender folgendes angezeigt: Entfernen des TrojanDownloader:Win32/Adload.Da-Virus Leider weiß ich nicht, seit wann genau es angezeigt wird, allerdings habe ich auch keine Beeinträchtigungen bemerkt. Ich habe schon ein Thema mit für mich gleichem Inhalt durchgelesen, weiß jetzt aber trotzdem nicht genau was ich tun soll und hoffe ihr könnt mir helfen. Hier noch die Ergebnisse von OTL,Gmer: |
|
31.01.2013, 13:22
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | TrojanDownloader:Win32/Adload.Da-Virus Hallo und
__________________ Mal eine kurze Frage, das ist jetzt nichts speziell gegen dich, ich hätte auch jeden anderen fragen können der die Logs so postet - wo bitte steht, dass die Logs in den Anhang gelegt werden sollen bzw. wo genau hast du das herausgelesen? Logfiles im Anhang erschweren die Auswertung massivst Bitte um Erläuterung damit man die Textstelle in der Anleitung für alle Neulinge mal gezielt ändern/verbessern kann. Danke.  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
31.01.2013, 18:39
| #3 |
| | TrojanDownloader:Win32/Adload.Da-Virus Kein Problem.. Ich hatte auch bemerkt, dass das so nicht stimmt. Allerdings hab ich so ziemlich keine Ahnung und habe leider in den Infos und Hilfe-Seiten nichts Hilfreiches gefunden, wie ich die Logfiles in ner Code-Box poste.
__________________Vllt wäre es gut, wenn ihr das mit in die Seite "für alle Hilfesuchenden" unter Schritt 3 macht. Wäre jetzt mein Vorschlag für alle Unwissenden, die noch kommen. Mit der Anleitung klappt es aber  Danke!Code:
ATTFilter OTL logfile created on: 30.01.2013 22:12:31 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tanja\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 5,98 Gb Total Physical Memory | 3,36 Gb Available Physical Memory | 56,13% Memory free 11,96 Gb Paging File | 8,98 Gb Available in Paging File | 75,03% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 454,98 Gb Total Space | 232,70 Gb Free Space | 51,15% Space Free | Partition Type: NTFS Computer Name: TANJA-VAIO | User Name: Tanja | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.01.30 22:11:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tanja\Desktop\OTL.exe PRC - [2012.07.18 17:04:33 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2012.07.18 17:04:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2012.07.18 17:04:22 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.04.05 10:11:18 | 001,144,704 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe PRC - [2012.04.05 08:17:42 | 000,871,576 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe PRC - [2012.04.05 08:14:40 | 000,371,864 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\concentr.exe PRC - [2012.04.03 10:00:24 | 000,051,128 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe PRC - [2011.02.14 13:23:50 | 000,044,736 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Care\VCService.exe PRC - [2011.01.29 05:36:18 | 000,081,016 | ---- | M] (Sony of America Corporation) -- C:\Programme\Sony\VAIO Care\listener.exe PRC - [2010.11.20 13:17:55 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe PRC - [2010.05.28 10:14:24 | 000,205,168 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe PRC - [2010.02.19 18:19:24 | 000,529,776 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe PRC - [2009.11.30 18:20:00 | 000,112,488 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe PRC - [2009.10.24 02:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe PRC - [2009.10.15 15:34:36 | 000,427,304 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe PRC - [2009.10.15 15:34:36 | 000,091,432 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe PRC - [2009.10.15 15:34:36 | 000,075,048 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe PRC - [2009.10.15 15:34:34 | 000,120,104 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe PRC - [2009.10.15 15:34:34 | 000,070,952 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe PRC - [2009.10.15 13:17:10 | 000,072,192 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\Media Gallery\ElbServer.exe PRC - [2009.10.13 20:25:54 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2009.10.13 20:25:30 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe PRC - [2009.09.14 18:24:08 | 000,206,336 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe PRC - [2009.09.14 17:53:48 | 000,642,416 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe PRC - [2009.06.09 19:07:24 | 000,214,312 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Personalization Manager\VpmLM.exe PRC - [2008.09.18 09:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe PRC - [2007.11.19 03:19:36 | 000,128,352 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE PRC - [2007.07.24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2007.01.04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe ========== Modules (No Company Name) ========== MOD - [2013.01.12 17:12:13 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll MOD - [2013.01.12 17:11:59 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll MOD - [2013.01.12 17:11:19 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll MOD - [2013.01.12 17:11:06 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll MOD - [2009.06.09 18:52:36 | 000,495,616 | ---- | M] () -- C:\Programme\Sony\VAIO Personalization Manager\sqlite3.dll ========== Services (SafeList) ========== SRV:64bit: - [2011.01.29 05:36:18 | 000,259,192 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector) SRV - [2012.11.05 17:54:52 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.10.26 09:44:28 | 001,286,784 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Update\VUAgent.exe -- (VUAgent) SRV - [2012.07.18 17:04:33 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.07.18 17:04:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011.02.14 13:23:50 | 000,044,736 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Care\VCService.exe -- (VCService) SRV - [2010.08.11 08:46:06 | 000,845,312 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe -- (VSNService) SRV - [2010.05.28 10:14:24 | 000,205,168 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe -- (VAIO Event Service) SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2010.02.19 18:19:28 | 000,115,568 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper) SRV - [2010.02.19 18:19:24 | 000,529,776 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr) SRV - [2010.01.09 20:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2009.11.30 18:51:18 | 000,571,248 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management) SRV - [2009.10.24 02:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider) SRV - [2009.10.15 15:34:36 | 000,427,304 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms) SRV - [2009.10.15 15:34:36 | 000,091,432 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe -- (SOHPlMgr) SRV - [2009.10.15 15:34:36 | 000,075,048 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs) SRV - [2009.10.15 15:34:34 | 000,120,104 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp) SRV - [2009.10.15 15:34:34 | 000,070,952 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe -- (SOHDBSvr) SRV - [2009.10.13 20:25:30 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) SRV - [2009.09.21 15:24:40 | 001,420,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV - [2009.09.21 15:00:44 | 000,831,760 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV - [2009.09.14 18:24:08 | 000,206,336 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc) SRV - [2009.09.14 18:24:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service) SRV - [2009.09.14 17:53:48 | 000,642,416 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw) SRV - [2009.09.04 22:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV - [2009.09.01 20:42:00 | 000,361,840 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr) SRV - [2009.08.31 00:59:30 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10) SRV - [2009.08.31 00:59:18 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008.09.18 09:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor) SRV - [2007.07.24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2007.01.04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.07.18 17:04:42 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012.07.18 17:04:42 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2012.07.18 17:04:41 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.02.14 00:42:32 | 000,093,272 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm) DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010.10.07 09:12:43 | 000,025,344 | ---- | M] (KOBIL Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KOBCCEX.sys -- (KOBCCEX) DRV:64bit: - [2010.10.07 09:12:36 | 000,104,576 | ---- | M] (KOBIL Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KOBCCID.sys -- (KOBCCID) DRV:64bit: - [2010.07.21 16:58:50 | 000,045,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64) DRV:64bit: - [2009.11.18 21:03:16 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:64bit: - [2009.11.18 21:03:15 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2009.11.18 21:03:15 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2009.11.18 21:03:13 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt) DRV:64bit: - [2009.11.18 21:02:45 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2009.11.06 21:34:48 | 000,084,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2009.11.06 21:27:30 | 000,093,696 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci) DRV:64bit: - [2009.11.05 07:30:19 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009.11.04 10:59:59 | 000,253,488 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService) DRV:64bit: - [2009.10.27 21:06:59 | 000,151,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:64bit: - [2009.10.13 20:16:40 | 000,409,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009.09.15 21:09:08 | 000,075,776 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe) DRV:64bit: - [2009.09.15 11:40:42 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) DRV:64bit: - [2009.08.19 21:09:21 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP) DRV:64bit: - [2009.07.31 21:02:03 | 000,393,216 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.26 13:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter) DRV:64bit: - [2009.05.20 11:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2007.04.17 10:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2007.04.17 19:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\regi.sys -- (regi) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\..\SearchScopes,DefaultScope = {4E74D889-955C-4EB7-A6C3-71D144E1F2C1} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{4E74D889-955C-4EB7-A6C3-71D144E1F2C1}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SVEC IE - HKCU\..\SearchScopes\{5AFF30F8-EBA6-47A0-8188-29499155AF38}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-0/4?satitle={searchTerms} IE - HKCU\..\SearchScopes\{6F18D802-A1E3-49EB-AA92-94EF5DAE0B42}: "URL" = hxxp://www.zinio.com/search/index.jsp?s={searchTerms}&rf=sonyie8search IE - HKCU\..\SearchScopes\{F2BB138A-F4F7-45C1-A738-BF19D35757FD}: "URL" = hxxp://de.shopping.com/?linkin_id=8056363 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "https://flexnow3.uni-giessen.de/flexnow/index.html" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30 FF - prefs.js..network.proxy.type: 0 FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Citrix.com/npican: C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Program Files (x86)\Google\Update\1.2.183.7\npGoogleOneClick8.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.05 17:54:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.01.30 22:07:28 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.05 17:54:53 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.01.30 22:07:28 | 000,000,000 | ---D | M] [2010.10.07 09:17:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tanja\AppData\Roaming\mozilla\Extensions [2012.11.19 18:39:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tanja\AppData\Roaming\mozilla\Firefox\Profiles\6j3uywea.default\extensions [2012.09.04 14:12:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.06.20 16:07:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012.09.04 14:12:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012.11.05 17:54:53 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.11.05 17:54:49 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.11.05 17:54:49 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.11.05 17:54:49 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.11.05 17:54:49 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.11.05 17:54:49 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.11.05 17:54:49 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (CtxIEInterceptorBHO Class) - {2C4631FF-5CC8-4EBC-A0DF-34C92291759E} - C:\Program Files (x86)\Citrix\ICA Client\IEInterceptor.dll (Citrix Systems, Inc.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.) O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.) O4 - HKCU..\Run: [Elbserver] C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe (Sony Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab (20-20 3D Viewer for IKEA) O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_Win32.cab (20-20 3D Viewer) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx (WRC Class) O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8ABCCEA5-814C-4A5F-9BAB-937AF458DA1D}: DhcpNameServer = 192.168.2.1 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB8C9484-BDD0-485F-9085-847F9BF303D0}: DhcpNameServer = 192.168.2.1 192.168.2.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found O18:64bit: - Protocol\Filter\application/x-ica; charset=euc-jp - No CLSID value found O18:64bit: - Protocol\Filter\application/x-ica; charset=ISO-8859-1 - No CLSID value found O18:64bit: - Protocol\Filter\application/x-ica; charset=MS936 - No CLSID value found O18:64bit: - Protocol\Filter\application/x-ica; charset=MS949 - No CLSID value found O18:64bit: - Protocol\Filter\application/x-ica; charset=MS950 - No CLSID value found O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF8 - No CLSID value found O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF-8 - No CLSID value found O18:64bit: - Protocol\Filter\application/x-ica;charset=euc-jp - No CLSID value found O18:64bit: - Protocol\Filter\application/x-ica;charset=ISO-8859-1 - No CLSID value found O18:64bit: - Protocol\Filter\application/x-ica;charset=MS936 - No CLSID value found O18:64bit: - Protocol\Filter\application/x-ica;charset=MS949 - No CLSID value found O18:64bit: - Protocol\Filter\application/x-ica;charset=MS950 - No CLSID value found O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF8 - No CLSID value found O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF-8 - No CLSID value found O18:64bit: - Protocol\Filter\ica - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O20 - AppInit_DLLs: (C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll) - C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll (Citrix Systems, Inc.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.01.30 22:11:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Tanja\Desktop\OTL.exe [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.01.30 22:11:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tanja\Desktop\OTL.exe [2013.01.30 22:10:31 | 000,000,000 | ---- | M] () -- C:\Users\Tanja\defogger_reenable [2013.01.30 22:07:28 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2013.01.30 22:06:53 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.01.30 22:06:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.01.30 11:28:03 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.01.29 10:28:24 | 000,050,477 | ---- | M] () -- C:\Users\Tanja\Desktop\Defogger.exe [2013.01.29 09:24:24 | 000,009,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.01.29 09:24:24 | 000,009,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.01.29 09:06:05 | 522,784,767 | -HS- | M] () -- C:\hiberfil.sys [2013.01.21 12:21:24 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.01.21 12:21:24 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.01.21 12:21:24 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.01.21 12:21:24 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.01.21 12:21:24 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.01.18 18:32:57 | 000,400,350 | ---- | M] () -- C:\test.xml [2013.01.12 17:03:10 | 000,462,560 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.01.09 17:07:25 | 005,379,340 | ---- | M] () -- C:\Users\Tanja\Desktop\A.P.EX_._ProAuPair_Auslandshandbuch2012Small[1].pdf [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.01.30 22:10:31 | 000,000,000 | ---- | C] () -- C:\Users\Tanja\defogger_reenable [2013.01.29 10:28:20 | 000,050,477 | ---- | C] () -- C:\Users\Tanja\Desktop\Defogger.exe [2013.01.25 17:41:22 | 000,001,141 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk [2013.01.09 17:07:25 | 005,379,340 | ---- | C] () -- C:\Users\Tanja\Desktop\A.P.EX_._ProAuPair_Auslandshandbuch2012Small[1].pdf [2012.08.06 18:54:50 | 000,000,523 | ---- | C] () -- C:\Windows\eReg.dat [2011.12.19 07:38:25 | 000,000,221 | ---- | C] () -- C:\ProgramData\MusicStation.xml [2011.06.03 10:54:37 | 000,000,355 | ---- | C] () -- C:\Users\Tanja\Netzwerk - Verknüpfung.lnk [2011.02.06 13:14:15 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2010.09.07 20:26:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2010.06.28 12:11:14 | 000,000,000 | -HSD | M] -- C:\Users\Tanja\AppData\Roaming\.# [2010.07.02 15:51:10 | 000,000,000 | ---D | M] -- C:\Users\Tanja\AppData\Roaming\Auslogics [2012.11.19 18:39:39 | 000,000,000 | ---D | M] -- C:\Users\Tanja\AppData\Roaming\DVDVideoSoft [2012.05.07 14:30:43 | 000,000,000 | ---D | M] -- C:\Users\Tanja\AppData\Roaming\ICAClient [2011.11.18 20:49:01 | 000,000,000 | ---D | M] -- C:\Users\Tanja\AppData\Roaming\ICQ [2012.02.26 09:02:13 | 000,000,000 | ---D | M] -- C:\Users\Tanja\AppData\Roaming\Publish Providers [2012.02.26 09:15:41 | 000,000,000 | ---D | M] -- C:\Users\Tanja\AppData\Roaming\Sony [2012.09.08 19:44:13 | 000,000,000 | ---D | M] -- C:\Users\Tanja\AppData\Roaming\TuneUp Software ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 30.01.2013 22:12:31 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tanja\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
5,98 Gb Total Physical Memory | 3,36 Gb Available Physical Memory | 56,13% Memory free
11,96 Gb Paging File | 8,98 Gb Available in Paging File | 75,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 454,98 Gb Total Space | 232,70 Gb Free Space | 51,15% Space Free | Partition Type: NTFS
Computer Name: TANJA-VAIO | User Name: Tanja | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10B442BD-DFB5-4E86-90E0-CFC90BC59E05}" = lport=10243 | protocol=6 | dir=in | app=system |
"{110645FA-BB19-46CF-B7A2-8E76DDB1CF21}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{21D03D28-EF68-4C13-AF4E-3CE0CAFA7D95}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{35F51B6B-CDCB-4D72-9260-E3826BFE3E16}" = lport=2869 | protocol=6 | dir=in | app=system |
"{37BE7AD7-3C1D-47C2-859D-F81BA53FDD0E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{516FCAD6-851D-433F-A983-8BBC3F689FC8}" = lport=138 | protocol=17 | dir=in | app=system |
"{5393DC26-67E3-44ED-90DE-BED9579C6F43}" = lport=445 | protocol=6 | dir=in | app=system |
"{57CB749C-D1C9-455E-A2EF-8D383ACBFA2D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{64A3E7FF-AB44-4A6C-AF59-51AD7E9F0D07}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{66D3BED6-D9F6-4D90-89D7-0E12F5AA90E0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{6E21C973-F5DB-4E1C-8978-FE6ECDBB83B0}" = rport=139 | protocol=6 | dir=out | app=system |
"{705BD42A-28C8-405A-99EB-4010E091D7D2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7FD074BB-1DEC-4BA0-A01A-AE3594476FBD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{8792BBE2-0F3C-4F06-A2C0-C08761A072D7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A782875F-F385-4C91-98C9-1071FAF5306B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AA5344F8-ACA1-48EE-88F0-0B62C5B42B42}" = rport=138 | protocol=17 | dir=out | app=system |
"{AD05BCE5-1478-451B-9A2F-8C6597DB278B}" = lport=139 | protocol=6 | dir=in | app=system |
"{B5272B77-9C94-4DCE-8A7C-5C5438DAC172}" = rport=445 | protocol=6 | dir=out | app=system |
"{C2BC52AF-0E86-4C60-8C0F-EA6E73A2D8A4}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C2EDCCCF-BA4A-434C-B0C0-0858DBD773E8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D3282030-F4D6-4EF7-BEA0-790885C55F04}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DA7059A6-C12F-4933-BE23-9612DD136CC1}" = lport=137 | protocol=17 | dir=in | app=system |
"{DB4DF86F-03AD-4BD4-81D8-774BFEA7555E}" = rport=137 | protocol=17 | dir=out | app=system |
"{FE942CA7-A3FA-4350-95A6-7338163E41AC}" = rport=10243 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{158EA3F7-DDD6-4FAD-BBD8-5185250DDD08}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{18A0B89B-C0D0-4EA7-AE8C-86260A92AD4D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{18CAA21B-4C93-4AAC-98EF-11D80E91A59E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{240EAEB4-9657-4719-8005-776FCD37FD69}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2DB0E936-E6FE-4609-B6E8-2566FEA183FB}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohcimp.exe |
"{3D65CA5B-1479-4BF7-8DE0-646294859A6A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{41CC3F14-262B-4484-BF28-C596DF83A90C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{42CE20A8-9C18-4739-8A50-2DD1B059E46F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{51FFC3B5-0A27-4B90-93E0-E3D136E793D7}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5ACAE82E-8775-409E-8A67-12C96E66304D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{75C739D6-36AD-4310-B21A-D2ECEDA39B38}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7FDD127F-7E9F-4A9C-B724-E02A6C7742C1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{88CD3C6D-16EC-4165-9F1C-F20CA06BA962}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{8B83A074-395D-4083-B12B-AD01CC148589}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{93078FBE-F6BD-4904-A012-DCBF649FF957}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{94174445-0B46-4AA2-A3C6-551545ACA17C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9848A389-B4FB-44E2-B43D-31175CA26D9F}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohds.exe |
"{A62F404F-835B-47DB-A5DC-F281B828099F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A65C2F8B-3A9D-4532-8EED-CFE8434DF34D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A7BC2CBC-BD4C-47BC-93D3-D229021EB9CD}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A80C787D-7903-4511-A2DD-2F0A0281AFB3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B6C31C9C-027A-419E-A277-038F8DE0B8A1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BD07967F-E6F2-4866-B51D-F9C6C66B1BF4}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohdms.exe |
"{C9B9BCDA-E0B2-41C9-9BA0-A8F829550C97}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{EDEA445E-EE0A-4CBD-9448-F8BC2FB858A0}" = protocol=6 | dir=out | app=system |
"{F6329B86-F4A0-4ECE-BBFB-66D07D24A187}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{52762EA3-8084-4354-BD62-309285570374}C:\program files (x86)\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe |
"TCP Query User{A0979C04-FDB8-468D-8BA5-6BF363EC93DA}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{CD410506-F9C7-4149-BDB1-0DD1B6921569}C:\program files (x86)\aom software\voris\fb\bin\fbserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\aom software\voris\fb\bin\fbserver.exe |
"UDP Query User{1689C937-5DEF-4054-ADFB-6F5B1A0C3241}C:\program files (x86)\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe |
"UDP Query User{76A96D1E-8993-41C7-951A-1932A99B8800}C:\program files (x86)\aom software\voris\fb\bin\fbserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\aom software\voris\fb\bin\fbserver.exe |
"UDP Query User{B4528A71-79F3-4EA7-A003-B5CE778750AD}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP980_series" = Canon MP980 series MP Drivers
"{26A24AE4-039D-4CA4-87B4-2F86416016FF}" = Java(TM) 6 Update 16 (64-bit)
"{393A9268-A428-4F5A-9B20-BD753309A98E}" = Click to Disc MergeModules x64
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{6B7DE186-374B-4873-AEC1-7464DA337DD6}" = VU5x64
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{C37B6246-7D4A-4E5C-BFB4-11C8660BDC99}" = VAIO Movie Story MergeModules x64
"{CCAFF072-4DDB-4846-963D-15F02A8E9472}" = Intel(R) PROSet/Wireless WiFi-Software
"{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F83779DF-E1F5-43A2-A7BE-732F856FADB7}" = Microsoft SQL Server Compact 3.5 SP1 x64 English
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"930E4792BDAEAFB62A9514EE7578775658A5D07C" = Windows Driver Package - Broadcom Bluetooth (09/09/2009 6.2.0.9405)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel PROSet Wireless
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007C5268-FB1C-49B9-A5E7-37D66DE46B9C}" = Online Plug-in
"{00B03993-F5A1-47B1-9C54-EC8FBDDDE17E}" = VAIO Care
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{12D0BE8D-538C-4AB1-86DE-C540308F50DA}" = VAIO Content Metadata Manager Settings
"{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"{1E450972-E996-4EC1-A4C3-1518A46928D0}" = VAIO Content Metadata Intelligent Network Service Manager
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{1FD416D0-CC16-41D1-A25C-C9986CD8BBAB}" = VAIO Content Metadata Intelligent Analyzing Manager
"{208345BE-27BB-4367-B245-A5B6E764FDD0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = Einstellungen für VAIO-Inhaltsüberwachung
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 35
"{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}" = VAIO Content Metadata XML Interface Library
"{2DE9C112-2482-4D27-AA90-1504DFD9F117}" = Citrix Authentication Manager
"{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = PMB VAIO Edition Guide
"{34DC654E-6E43-4BFA-9E00-6C16CFA7B9F0}" = VAIO Data Restore Tool
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{37531547-B1F4-45E6-98FC-8AF5F2F0EAA4}" = VAIO Content Metadata Manager Settings
"{3ECA0079-088F-4E69-B66A-65D5E687B092}" = KOBIL Chipkartenterminal Treiber V2.2.11s Build: 20100615.1
"{43EF7CA8-0439-4677-BE6B-749B4562BBB6}" = KOBIL drivers x64x86 installation
"{4427F384-B5BE-4769-B7D0-C784FC321EB1}" = VAIO Content Metadata Intelligent Network Service Manager
"{4882EBF5-CA37-4EF4-BCB8-9B0E78B907D0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D320CE8-79EB-4D45-8C6D-DEF74D84B49A}" = VAIO Window Organizer
"{6D8ED20E-E792-4DAC-BB66-009836CBD80B}" = VAIO Content Monitoring Settings
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7392AA60-133D-4761-94DB-8FBC9B6CD5EA}" = VAIO Content Metadata Intelligent Network Service Manager
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" = VAIO Energie Verwaltung
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8EC50898-E24A-4C0C-A1F2-A71A8DBF291F}" = Citrix Receiver Inside
"{8FA63AA5-7138-4B6F-8404-F18835E2B8F4}" = Media Gallery
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{96D8E26D-70CB-44DE-AE50-43095A39E5B2}" = VAIO Entertainment Platform
"{97E038E1-41AD-4C93-BCDC-6A2394AEE352}" = Vegas Movie Studio Platinum 9.0
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9B163B82-3B46-4CE5-BF01-A53E550A8E58}" = Sony Home Network Library
"{9D12A8B5-9D41-4465-BF11-70719EB0CD02}" = VU5x86
"{9DA53D22-D922-494C-B1D7-51CD9BCB9E4A}" = VAIO Hardware Diagnostics
"{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}" = VAIO Update
"{A0791198-3F0C-4FB4-870C-5734C4CB5F16}" = Citrix Receiver (USB)
"{A3563827-B0DB-44DC-B037-15CC4E5E692F}" = VAIO Content Metadata XML Interface Library
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Funktion Einstellungen
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A8517496-CC0A-4539-A8D1-71A14A3FDF87}_is1" = VORIS 2011
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A95187EF-BCF4-4468-B501-C0BAB976ADD1}" = VAIO Personalization Manager
"{AB259D46-F851-41B0-9AFA-AED8998AD68A}" = MusicStation
"{AC050677-EAFC-4B57-8F83-8205F65134D2}" = VAIO Content Metadata XML Interface Library
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.3 - Deutsch
"{B1DADBEB-7F82-4B29-84D6-5F14A020F0A0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"{B48A3CE4-2F1E-45EF-841A-C0A3C407EB0F}" = Self-Service Plug-in
"{B4D8A5FE-83C9-44AB-88C7-9AB30EFE482A}" = Citrix Receiver(Aero)
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{BCA907B6-5A0F-473E-8C63-0FF0CFAEB7B7}" = VAIO Personalization Manager
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C7C7FA4B-40FF-4B4E-A566-1ABF8FAC38BB}" = Citrix Receiver (HDX Flash-Umleitung)
"{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}" = Sony Home Network Library
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{D777101F-1708-46ED-916E-3BE885F78F55}" = Citrix Receiver (DV)
"{DD88F979-FA58-41AC-980C-A6E1A82B61D9}" = Media Gallery
"{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3
"{DF0415CC-0563-407F-B560-9B7F277122C5}" = VAIO BD Menu Data
"{E3DC1111-5D32-40F9-BB81-64E31294C1A4}" = VAIO Personalization Manager
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1432614-6183-49E6-98E8-674485463CFE}" = VAIO Original Function Settings
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"Canon MP980 series Benutzerregistrierung" = Canon MP980 series Benutzerregistrierung
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CitrixOnlinePluginPackWeb" = Citrix Receiver
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-PhotoPrint Pro" = Canon Utilities Easy-PhotoPrint Pro
"Google Chrome" = Google Chrome
"InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = VAIO - PMB VAIO Edition Guide
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"MarketingTools" = VAIO Marketing Tools
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.SingleImage" = Microsoft Office Professional 2010
"Smart card bundle_is1" = Smart card bundle 0.10
"VAIO Help and Support" =
"VAIO Premium Partners" = VAIO Premium Partners
"VAIO screensaver" = VAIO screensaver
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 25.01.2013 12:13:31 | Computer Name = Tanja-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
Error - 25.01.2013 12:40:15 | Computer Name = Tanja-VAIO | Source = Microsoft-Windows-RestartManager | ID = 10007
Description = Die Anwendung oder der Dienst "VUAgent" konnte nicht neu gestartet
werden.
Error - 27.01.2013 17:56:03 | Computer Name = Tanja-VAIO | Source = Windows Backup | ID = 4103
Description =
Error - 28.01.2013 04:52:43 | Computer Name = Tanja-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA})
(Fehlercode = 0x80042000)
Error - 28.01.2013 04:52:43 | Computer Name = Tanja-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
Error - 28.01.2013 06:13:23 | Computer Name = Tanja-VAIO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567,
Zeitstempel: 0x4d672ee4 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec4aa8e Ausnahmecode: 0xc0000374 Fehleroffset: 0x00000000000c40f2
ID
des fehlerhaften Prozesses: 0x7c0 Startzeit der fehlerhaften Anwendung: 0x01cdfd34d20fb771
Pfad
der fehlerhaften Anwendung: C:\Windows\Explorer.EXE Pfad des fehlerhaften Moduls:
C:\Windows\SYSTEM32\ntdll.dll Berichtskennung: 5882d54d-6933-11e2-84da-f07bcbdf9141
Error - 29.01.2013 04:06:24 | Computer Name = Tanja-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA})
(Fehlercode = 0x80042000)
Error - 29.01.2013 04:06:24 | Computer Name = Tanja-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
Error - 29.01.2013 06:48:54 | Computer Name = Tanja-VAIO | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 29.01.2013 06:48:54 | Computer Name = Tanja-VAIO | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 29.01.2013 06:48:54 | Computer Name = Tanja-VAIO | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 29.01.2013 06:48:54 | Computer Name = Tanja-VAIO | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
[ System Events ]
Error - 28.01.2013 04:53:15 | Computer Name = Tanja-VAIO | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst Dnscache erreicht.
Error - 28.01.2013 04:53:57 | Computer Name = Tanja-VAIO | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst ShellHWDetection erreicht.
Error - 28.01.2013 04:55:40 | Computer Name = Tanja-VAIO | Source = Service Control Manager | ID = 7022
Description = Der Dienst "VAIO Media plus Digital Media Server" wurde nicht richtig
gestartet.
Error - 28.01.2013 04:59:13 | Computer Name = Tanja-VAIO | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 28.01.2013 05:01:37 | Computer Name = Tanja-VAIO | Source = Service Control Manager | ID = 7022
Description = Der Dienst "VAIO Care Performance Service" wurde nicht richtig gestartet.
Error - 29.01.2013 04:06:23 | Computer Name = Tanja-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Roxio Upnp Server 10 erreicht.
Error - 29.01.2013 04:09:18 | Computer Name = Tanja-VAIO | Source = Service Control Manager | ID = 7022
Description = Der Dienst "VAIO Media plus Digital Media Server" wurde nicht richtig
gestartet.
Error - 29.01.2013 04:11:59 | Computer Name = Tanja-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Microsoft .NET Framework NGEN v4.0.30319_X64 erreicht.
Error - 29.01.2013 04:17:54 | Computer Name = Tanja-VAIO | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error - 29.01.2013 04:18:18 | Computer Name = Tanja-VAIO | Source = DCOM | ID = 10010
Description =
< End of report >
Code:
ATTFilter GMER 2.0.18454 - hxxp://www.gmer.net
Rootkit scan 2013-01-30 22:45:04
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 SAMSUNG_ rev.2AC1 465,76GB
Running: gmer_2.0.18454.exe; Driver: C:\Users\Tanja\AppData\Local\Temp\ugtyrpow.sys
---- User code sections - GMER 2.0 ----
.text C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe[2740] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077a21401 2 bytes [A2, 77]
.text C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe[2740] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077a21419 2 bytes [A2, 77]
.text C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe[2740] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077a21431 2 bytes [A2, 77]
.text C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe[2740] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000077a2144a 2 bytes [A2, 77]
.text ... * 9
.text C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe[2740] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000077a214dd 2 bytes [A2, 77]
.text C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe[2740] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000077a214f5 2 bytes [A2, 77]
.text C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe[2740] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000077a2150d 2 bytes [A2, 77]
.text C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe[2740] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077a21525 2 bytes [A2, 77]
.text C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe[2740] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000077a2153d 2 bytes [A2, 77]
.text C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe[2740] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077a21555 2 bytes [A2, 77]
.text C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe[2740] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000077a2156d 2 bytes [A2, 77]
.text C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe[2740] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077a21585 2 bytes [A2, 77]
.text C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe[2740] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000077a2159d 2 bytes [A2, 77]
.text C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe[2740] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000077a215b5 2 bytes [A2, 77]
.text C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe[2740] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000077a215cd 2 bytes [A2, 77]
.text C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe[2740] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000077a216b2 2 bytes [A2, 77]
.text C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe[2740] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000077a216bd 2 bytes [A2, 77]
.text C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077a21401 2 bytes [A2, 77]
.text C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[2784] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077a21419 2 bytes [A2, 77]
.text C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077a21431 2 bytes [A2, 77]
.text C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000077a2144a 2 bytes [A2, 77]
.text ... * 9
.text C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[2784] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000077a214dd 2 bytes [A2, 77]
.text C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000077a214f5 2 bytes [A2, 77]
.text C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[2784] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000077a2150d 2 bytes [A2, 77]
.text C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077a21525 2 bytes [A2, 77]
.text C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000077a2153d 2 bytes [A2, 77]
.text C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[2784] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077a21555 2 bytes [A2, 77]
.text C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000077a2156d 2 bytes [A2, 77]
.text C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077a21585 2 bytes [A2, 77]
.text C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[2784] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000077a2159d 2 bytes [A2, 77]
.text C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000077a215b5 2 bytes [A2, 77]
.text C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000077a215cd 2 bytes [A2, 77]
.text C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000077a216b2 2 bytes [A2, 77]
.text C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000077a216bd 2 bytes [A2, 77]
.text C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2824] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077a21401 2 bytes [A2, 77]
.text C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2824] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077a21419 2 bytes [A2, 77]
.text C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2824] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077a21431 2 bytes [A2, 77]
.text C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2824] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000077a2144a 2 bytes [A2, 77]
.text ... * 9
.text C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2824] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000077a214dd 2 bytes [A2, 77]
.text C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2824] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000077a214f5 2 bytes [A2, 77]
.text C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2824] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000077a2150d 2 bytes [A2, 77]
.text C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2824] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077a21525 2 bytes [A2, 77]
.text C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2824] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000077a2153d 2 bytes [A2, 77]
.text C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2824] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077a21555 2 bytes [A2, 77]
.text C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2824] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000077a2156d 2 bytes [A2, 77]
.text C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2824] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077a21585 2 bytes [A2, 77]
.text C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2824] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000077a2159d 2 bytes [A2, 77]
.text C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2824] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000077a215b5 2 bytes [A2, 77]
.text C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2824] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000077a215cd 2 bytes [A2, 77]
.text C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2824] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000077a216b2 2 bytes [A2, 77]
.text C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2824] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000077a216bd 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077a21401 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[3512] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077a21419 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077a21431 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000077a2144a 2 bytes [A2, 77]
.text ... * 9
.text C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[3512] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000077a214dd 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000077a214f5 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[3512] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000077a2150d 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077a21525 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000077a2153d 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[3512] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077a21555 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000077a2156d 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077a21585 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[3512] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000077a2159d 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000077a215b5 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000077a215cd 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000077a216b2 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000077a216bd 2 bytes [A2, 77]
.text C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe[3664] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077a21401 2 bytes [A2, 77]
.text C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe[3664] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077a21419 2 bytes [A2, 77]
.text C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe[3664] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077a21431 2 bytes [A2, 77]
.text C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe[3664] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000077a2144a 2 bytes [A2, 77]
.text ... * 9
.text C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe[3664] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000077a214dd 2 bytes [A2, 77]
.text C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe[3664] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000077a214f5 2 bytes [A2, 77]
.text C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe[3664] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000077a2150d 2 bytes [A2, 77]
.text C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe[3664] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077a21525 2 bytes [A2, 77]
.text C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe[3664] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000077a2153d 2 bytes [A2, 77]
.text C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe[3664] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077a21555 2 bytes [A2, 77]
.text C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe[3664] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000077a2156d 2 bytes [A2, 77]
.text C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe[3664] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077a21585 2 bytes [A2, 77]
.text C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe[3664] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000077a2159d 2 bytes [A2, 77]
.text C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe[3664] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000077a215b5 2 bytes [A2, 77]
.text C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe[3664] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000077a215cd 2 bytes [A2, 77]
.text C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe[3664] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000077a216b2 2 bytes [A2, 77]
.text C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe[3664] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000077a216bd 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[1328] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077a21401 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[1328] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077a21419 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[1328] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077a21431 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[1328] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000077a2144a 2 bytes [A2, 77]
.text ... * 9
.text C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[1328] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000077a214dd 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[1328] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000077a214f5 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[1328] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000077a2150d 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[1328] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077a21525 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[1328] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000077a2153d 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[1328] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077a21555 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[1328] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000077a2156d 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[1328] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077a21585 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[1328] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000077a2159d 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[1328] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000077a215b5 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[1328] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000077a215cd 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[1328] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000077a216b2 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[1328] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000077a216bd 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe[1932] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17 0000000077a21401 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe[1932] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17 0000000077a21419 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe[1932] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17 0000000077a21431 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe[1932] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42 0000000077a2144a 2 bytes [A2, 77]
.text ... * 9
.text C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe[1932] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17 0000000077a214dd 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe[1932] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17 0000000077a214f5 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe[1932] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17 0000000077a2150d 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe[1932] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17 0000000077a21525 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe[1932] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17 0000000077a2153d 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe[1932] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17 0000000077a21555 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe[1932] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17 0000000077a2156d 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe[1932] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17 0000000077a21585 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe[1932] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17 0000000077a2159d 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe[1932] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17 0000000077a215b5 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe[1932] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17 0000000077a215cd 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe[1932] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20 0000000077a216b2 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe[1932] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31 0000000077a216bd 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[4360] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077a21401 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[4360] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077a21419 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[4360] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077a21431 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[4360] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000077a2144a 2 bytes [A2, 77]
.text ... * 9
.text C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[4360] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000077a214dd 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[4360] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000077a214f5 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[4360] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000077a2150d 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[4360] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077a21525 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[4360] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000077a2153d 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[4360] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077a21555 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[4360] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000077a2156d 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[4360] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077a21585 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[4360] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000077a2159d 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[4360] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000077a215b5 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[4360] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000077a215cd 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[4360] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000077a216b2 2 bytes [A2, 77]
.text C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[4360] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000077a216bd 2 bytes [A2, 77]
---- Registry - GMER 2.0 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0017fad003c6
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0c6076d49816
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\f07bcbdf9141
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\f07bcbdf9141@0021d178e4fc 0xC8 0x4F 0x0B 0xE4 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\f07bcbdf9141@80501b202d02 0x19 0xC3 0x55 0xED ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\f07bcbdf9141@a826d92ef36b 0x64 0x6A 0xE4 0xAB ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\f07bcbdf9141@ec55f9cf9b33 0x1B 0xA4 0x25 0xF8 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0017fad003c6 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0c6076d49816 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\f07bcbdf9141 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\f07bcbdf9141@0021d178e4fc 0xC8 0x4F 0x0B 0xE4 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\f07bcbdf9141@80501b202d02 0x19 0xC3 0x55 0xED ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\f07bcbdf9141@a826d92ef36b 0x64 0x6A 0xE4 0xAB ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\f07bcbdf9141@ec55f9cf9b33 0x1B 0xA4 0x25 0xF8 ...
---- EOF - GMER 2.0 ----
|
|
01.02.2013, 11:13
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TrojanDownloader:Win32/Adload.Da-Virus Malwarebytes Anti-Rootkit  Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.02.2013, 14:39
| #5 |
| | TrojanDownloader:Win32/Adload.Da-Virus Wurde wohl nichts gefunden: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1017
www.malwarebytes.org
Database version: v2013.02.01.05
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Tanja :: TANJA-VAIO [administrator]
01.02.2013 14:17:02
mbar-log-2013-02-01 (14-17-02).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 30302
Time elapsed: 10 minute(s), 7 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Dienstag, 29. Januar 2013 09:20
Es wird nach 4883591 Virenstämmen gesucht.
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Avira Free Antivirus
Seriennummer : 0000149996-ADJIE-0000001
Plattform : Windows 7 Home Premium
Windowsversion : (Service Pack 1) [6.1.7601]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : TANJA-VAIO
Versionsinformationen:
BUILD.DAT : 12.1.9.1236 40872 Bytes 11.10.2012 15:29:00
AVSCAN.EXE : 12.3.0.48 468256 Bytes 16.11.2012 12:45:31
AVSCAN.DLL : 12.3.0.15 66256 Bytes 18.07.2012 16:04:38
LUKE.DLL : 12.3.0.15 68304 Bytes 18.07.2012 16:04:31
AVSCPLR.DLL : 12.3.0.27 97064 Bytes 18.07.2012 16:04:24
AVREG.DLL : 12.3.0.33 232232 Bytes 18.07.2012 16:04:23
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 18:18:34
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 23:22:12
VBASE002.VDF : 7.11.19.170 14374912 Bytes 20.12.2011 23:31:36
VBASE003.VDF : 7.11.21.238 4472832 Bytes 01.02.2012 09:58:50
VBASE004.VDF : 7.11.26.44 4329472 Bytes 28.03.2012 22:37:35
VBASE005.VDF : 7.11.34.116 4034048 Bytes 29.06.2012 16:04:37
VBASE006.VDF : 7.11.41.250 4902400 Bytes 06.09.2012 13:41:22
VBASE007.VDF : 7.11.50.230 3904512 Bytes 22.11.2012 15:51:40
VBASE008.VDF : 7.11.55.142 2214912 Bytes 03.01.2013 13:50:58
VBASE009.VDF : 7.11.55.143 2048 Bytes 03.01.2013 13:50:58
VBASE010.VDF : 7.11.55.144 2048 Bytes 03.01.2013 13:50:58
VBASE011.VDF : 7.11.55.145 2048 Bytes 03.01.2013 13:50:59
VBASE012.VDF : 7.11.55.146 2048 Bytes 03.01.2013 13:50:59
VBASE013.VDF : 7.11.55.196 260096 Bytes 04.01.2013 13:50:59
VBASE014.VDF : 7.11.56.23 206848 Bytes 07.01.2013 11:45:25
VBASE015.VDF : 7.11.56.83 186880 Bytes 08.01.2013 11:45:30
VBASE016.VDF : 7.11.56.145 135168 Bytes 09.01.2013 09:55:36
VBASE017.VDF : 7.11.56.211 139776 Bytes 11.01.2013 16:08:56
VBASE018.VDF : 7.11.57.11 153088 Bytes 13.01.2013 18:25:30
VBASE019.VDF : 7.11.57.75 165888 Bytes 15.01.2013 16:24:05
VBASE020.VDF : 7.11.57.163 190976 Bytes 17.01.2013 16:24:06
VBASE021.VDF : 7.11.57.219 119808 Bytes 18.01.2013 13:30:38
VBASE022.VDF : 7.11.58.7 167936 Bytes 21.01.2013 13:30:41
VBASE023.VDF : 7.11.58.49 140288 Bytes 22.01.2013 14:39:37
VBASE024.VDF : 7.11.58.119 137728 Bytes 24.01.2013 14:39:38
VBASE025.VDF : 7.11.58.175 132608 Bytes 25.01.2013 16:18:34
VBASE026.VDF : 7.11.58.213 116736 Bytes 27.01.2013 21:56:03
VBASE027.VDF : 7.11.58.236 1738752 Bytes 28.01.2013 21:56:03
VBASE028.VDF : 7.11.58.237 2048 Bytes 28.01.2013 21:56:04
VBASE029.VDF : 7.11.58.238 2048 Bytes 28.01.2013 21:56:04
VBASE030.VDF : 7.11.58.239 2048 Bytes 28.01.2013 21:56:04
VBASE031.VDF : 7.11.58.248 31744 Bytes 28.01.2013 21:56:04
Engineversion : 8.2.10.238
AEVDF.DLL : 8.1.2.10 102772 Bytes 02.08.2012 09:25:23
AESCRIPT.DLL : 8.1.4.84 467322 Bytes 24.01.2013 14:39:47
AESCN.DLL : 8.1.10.0 131445 Bytes 13.12.2012 15:08:35
AESBX.DLL : 8.2.5.12 606578 Bytes 18.07.2012 16:04:20
AERDL.DLL : 8.2.0.88 643444 Bytes 11.01.2013 09:55:47
AEPACK.DLL : 8.3.1.2 819574 Bytes 21.12.2012 12:24:05
AEOFFICE.DLL : 8.1.2.50 201084 Bytes 05.11.2012 15:47:13
AEHEUR.DLL : 8.1.4.182 5706104 Bytes 24.01.2013 14:39:46
AEHELP.DLL : 8.1.25.2 258423 Bytes 12.10.2012 13:37:10
AEGEN.DLL : 8.1.6.16 434549 Bytes 24.01.2013 14:39:39
AEEXP.DLL : 8.3.0.14 188788 Bytes 24.01.2013 14:39:47
AEEMU.DLL : 8.1.3.2 393587 Bytes 02.08.2012 09:25:14
AECORE.DLL : 8.1.30.0 201079 Bytes 13.12.2012 15:08:33
AEBB.DLL : 8.1.1.4 53619 Bytes 05.11.2012 15:47:04
AVWINLL.DLL : 12.3.0.15 27344 Bytes 18.07.2012 16:04:25
AVPREF.DLL : 12.3.0.32 50720 Bytes 16.11.2012 12:45:30
AVREP.DLL : 12.3.0.15 179208 Bytes 18.07.2012 16:04:23
AVARKT.DLL : 12.3.0.33 209696 Bytes 16.11.2012 12:45:29
AVEVTLOG.DLL : 12.3.0.15 169168 Bytes 18.07.2012 16:04:22
SQLITE3.DLL : 3.7.0.1 398288 Bytes 18.07.2012 16:04:34
AVSMTP.DLL : 12.3.0.32 63480 Bytes 18.07.2012 16:04:24
NETNT.DLL : 12.3.0.15 17104 Bytes 18.07.2012 16:04:31
RCIMAGE.DLL : 12.3.0.31 4444408 Bytes 18.07.2012 16:04:41
RCTEXT.DLL : 12.3.0.32 98848 Bytes 16.11.2012 12:45:17
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: interaktiv
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Abweichende Gefahrenkategorien........: +PFS,
Beginn des Suchlaufs: Dienstag, 29. Januar 2013 09:20
Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
[INFO] Es wurde kein Virus gefunden!
Masterbootsektor HD1
[INFO] Es wurde kein Virus gefunden!
Masterbootsektor HD2
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'C:\'
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf nach versteckten Objekten wird begonnen.
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'avscan.exe' - '90' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCService.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'AdobeARM.exe' - '72' Modul(e) wurden durchsucht
Durchsuche Prozess 'listener.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'iviRegMgr.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'wfcrun32.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'SelfServicePlugin.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'Receiver.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '82' Modul(e) wurden durchsucht
Durchsuche Prozess 'concentr.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'CNMNSUT.EXE' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'ElbServer.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'VESMgrSub.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAAnotif.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'SOHCImp.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAANTMon.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'SOHPlMgr.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'SOHDs.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'SOHDms.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'VzCdbSvc.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'VcmIAlzMgr.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCFw.exe' - '72' Modul(e) wurden durchsucht
Durchsuche Prozess 'VESMgr.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'uCamMonitor.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'SOHDBSvr.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'PsiService_2.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'PMBDeviceInfoProvider.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'GoogleUpdate.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '42' Modul(e) wurden durchsucht
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '1355' Dateien ).
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\'
C:\Users\Tanja\AppData\Local\Temp\jar_cache3342788618231897045.tmp
[0] Archivtyp: ZIP
--> avpmfsym/acsyab.class
[FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Themod.ES
--> avpmfsym/bptfrr.class
[FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Themod.ET
--> avpmfsym/hrhwjrdgtuabrq.class
[FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Karamel.BQ
--> avpmfsym/pntkmfgpqthk.class
[FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Lamar.RJ
--> avpmfsym/qfkwegsfeackrwlgnswjnffs.class
[FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Dermit.GG
--> avpmfsym/rryjdtbufw.class
[FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Themod.EU
--> avpmfsym/sjedv.class
[FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Lamar.RK
--> avpmfsym/vclscmurstlrcefumaftw.class
[FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Themod.EV
--> avpmfsym/vwsvyuwcktdldbrfjr.class
[FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Treams.JJ
--> avpmfsym/wsjvnvnbthq.class
[FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Lamar.RL
Beginne mit der Desinfektion:
C:\Users\Tanja\AppData\Local\Temp\jar_cache3342788618231897045.tmp
[FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Lamar.RL
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '56f603b7.qua' verschoben!
Ende des Suchlaufs: Dienstag, 29. Januar 2013 11:14
Benötigte Zeit: 1:50:55 Stunde(n)
Der Suchlauf wurde vollständig durchgeführt.
46771 Verzeichnisse wurden überprüft
564901 Dateien wurden geprüft
10 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
1 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
564891 Dateien ohne Befall
4419 Archive wurden durchsucht
0 Warnungen
1 Hinweise
744056 Objekte wurden beim Rootkitscan durchsucht
0 Versteckte Objekte wurden gefunden
|
|
01.02.2013, 15:33
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TrojanDownloader:Win32/Adload.Da-Virus Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehlalarm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ --> TrojanDownloader:Win32/Adload.Da-Virus |
|
01.02.2013, 16:08
| #7 |
| | TrojanDownloader:Win32/Adload.Da-Virus Der log ist wohl zu lang.. ich teile ihn  Code:
ATTFilter 15:59:05.0528 6632 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:59:05.0887 6632 ============================================================
15:59:05.0887 6632 Current date / time: 2013/02/01 15:59:05.0887
15:59:05.0887 6632 SystemInfo:
15:59:05.0887 6632
15:59:05.0887 6632 OS Version: 6.1.7601 ServicePack: 1.0
15:59:05.0887 6632 Product type: Workstation
15:59:05.0887 6632 ComputerName: TANJA-VAIO
15:59:05.0887 6632 UserName: Tanja
15:59:05.0887 6632 Windows directory: C:\Windows
15:59:05.0887 6632 System windows directory: C:\Windows
15:59:05.0887 6632 Running under WOW64
15:59:05.0887 6632 Processor architecture: Intel x64
15:59:05.0887 6632 Number of processors: 4
15:59:05.0887 6632 Page size: 0x1000
15:59:05.0887 6632 Boot type: Normal boot
15:59:05.0887 6632 ============================================================
15:59:06.0293 6632 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:59:06.0293 6632 ============================================================
15:59:06.0293 6632 \Device\Harddisk0\DR0:
15:59:06.0293 6632 MBR partitions:
15:59:06.0293 6632 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x155E000, BlocksNum 0x32000
15:59:06.0293 6632 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1590000, BlocksNum 0x38DF5830
15:59:06.0293 6632 ============================================================
15:59:06.0355 6632 C: <-> \Device\Harddisk0\DR0\Partition2
15:59:06.0355 6632 ============================================================
15:59:06.0355 6632 Initialize success
15:59:06.0355 6632 ============================================================
15:59:19.0459 1164 ============================================================
15:59:19.0459 1164 Scan started
15:59:19.0459 1164 Mode: Manual;
15:59:19.0459 1164 ============================================================
15:59:19.0787 1164 ================ Scan system memory ========================
15:59:19.0787 1164 System memory - ok
15:59:19.0787 1164 ================ Scan services =============================
15:59:19.0989 1164 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:59:19.0989 1164 1394ohci - ok
15:59:20.0099 1164 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
15:59:20.0099 1164 ACDaemon - ok
15:59:20.0145 1164 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:59:20.0145 1164 ACPI - ok
15:59:20.0177 1164 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:59:20.0177 1164 AcpiPmi - ok
15:59:20.0223 1164 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:59:20.0223 1164 adp94xx - ok
15:59:20.0255 1164 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:59:20.0270 1164 adpahci - ok
15:59:20.0286 1164 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:59:20.0286 1164 adpu320 - ok
15:59:20.0348 1164 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:59:20.0348 1164 AeLookupSvc - ok
15:59:20.0411 1164 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:59:20.0411 1164 AFD - ok
15:59:20.0457 1164 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:59:20.0457 1164 agp440 - ok
15:59:20.0489 1164 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:59:20.0489 1164 ALG - ok
15:59:20.0535 1164 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:59:20.0535 1164 aliide - ok
15:59:20.0598 1164 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:59:20.0598 1164 amdide - ok
15:59:20.0629 1164 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:59:20.0629 1164 AmdK8 - ok
15:59:20.0660 1164 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
15:59:20.0660 1164 AmdPPM - ok
15:59:20.0691 1164 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:59:20.0691 1164 amdsata - ok
15:59:20.0738 1164 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:59:20.0738 1164 amdsbs - ok
15:59:20.0754 1164 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:59:20.0754 1164 amdxata - ok
15:59:20.0847 1164 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:59:20.0847 1164 AntiVirSchedulerService - ok
15:59:20.0879 1164 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:59:20.0879 1164 AntiVirService - ok
15:59:20.0941 1164 [ 1661F9C9E4B0049FA0A5E30264375A87 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
15:59:20.0941 1164 ApfiltrService - ok
15:59:21.0035 1164 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:59:21.0035 1164 AppID - ok
15:59:21.0066 1164 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:59:21.0081 1164 AppIDSvc - ok
15:59:21.0128 1164 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:59:21.0128 1164 Appinfo - ok
15:59:21.0191 1164 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
15:59:21.0191 1164 arc - ok
15:59:21.0191 1164 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:59:21.0191 1164 arcsas - ok
15:59:21.0253 1164 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
15:59:21.0253 1164 ArcSoftKsUFilter - ok
15:59:21.0284 1164 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:59:21.0284 1164 AsyncMac - ok
15:59:21.0331 1164 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:59:21.0331 1164 atapi - ok
15:59:21.0393 1164 [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] athr C:\Windows\system32\DRIVERS\athrx.sys
15:59:21.0409 1164 athr - ok
15:59:21.0487 1164 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:59:21.0487 1164 AudioEndpointBuilder - ok
15:59:21.0503 1164 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:59:21.0503 1164 AudioSrv - ok
15:59:21.0596 1164 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
15:59:21.0612 1164 avgntflt - ok
15:59:21.0659 1164 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
15:59:21.0659 1164 avipbb - ok
15:59:21.0690 1164 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
15:59:21.0690 1164 avkmgr - ok
15:59:21.0799 1164 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:59:21.0815 1164 AxInstSV - ok
15:59:21.0846 1164 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:59:21.0861 1164 b06bdrv - ok
15:59:21.0924 1164 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:59:21.0924 1164 b57nd60a - ok
15:59:22.0017 1164 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:59:22.0017 1164 BDESVC - ok
15:59:22.0049 1164 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:59:22.0049 1164 Beep - ok
15:59:22.0111 1164 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:59:22.0111 1164 BFE - ok
15:59:22.0173 1164 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
15:59:22.0173 1164 BITS - ok
15:59:22.0220 1164 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
15:59:22.0220 1164 blbdrive - ok
15:59:22.0267 1164 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:59:22.0267 1164 bowser - ok
15:59:22.0361 1164 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:59:22.0361 1164 BrFiltLo - ok
15:59:22.0361 1164 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:59:22.0361 1164 BrFiltUp - ok
15:59:22.0407 1164 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:59:22.0407 1164 Browser - ok
15:59:22.0423 1164 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:59:22.0423 1164 Brserid - ok
15:59:22.0439 1164 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:59:22.0454 1164 BrSerWdm - ok
15:59:22.0470 1164 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:59:22.0470 1164 BrUsbMdm - ok
15:59:22.0485 1164 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:59:22.0485 1164 BrUsbSer - ok
15:59:22.0548 1164 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
15:59:22.0548 1164 BthEnum - ok
15:59:22.0563 1164 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:59:22.0563 1164 BTHMODEM - ok
15:59:22.0579 1164 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
15:59:22.0579 1164 BthPan - ok
15:59:22.0657 1164 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
15:59:22.0657 1164 BTHPORT - ok
15:59:22.0704 1164 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:59:22.0704 1164 bthserv - ok
15:59:22.0719 1164 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
15:59:22.0719 1164 BTHUSB - ok
15:59:22.0751 1164 [ 6E04458E98DAF28826482E41A7A62DF5 ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
15:59:22.0751 1164 btusbflt - ok
15:59:22.0797 1164 [ 4BDBDB86ABBA924E029FB2683BE7C505 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
15:59:22.0797 1164 btwaudio - ok
15:59:22.0829 1164 [ 5C849BD7C78791C5CEE9F4651D7FE38D ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
15:59:22.0829 1164 btwavdt - ok
15:59:22.0938 1164 [ 31DA517946FFE416442E864592548F8A ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
15:59:22.0953 1164 btwdins - ok
15:59:22.0969 1164 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
15:59:22.0969 1164 btwl2cap - ok
15:59:22.0985 1164 [ 3E1991AFA851A36DC978B0A1B0535C8B ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
15:59:22.0985 1164 btwrchid - ok
15:59:23.0016 1164 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:59:23.0016 1164 cdfs - ok
15:59:23.0078 1164 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
15:59:23.0078 1164 cdrom - ok
15:59:23.0125 1164 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:59:23.0125 1164 CertPropSvc - ok
15:59:23.0156 1164 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
15:59:23.0156 1164 circlass - ok
15:59:23.0203 1164 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:59:23.0203 1164 CLFS - ok
15:59:23.0281 1164 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:59:23.0281 1164 clr_optimization_v2.0.50727_32 - ok
15:59:23.0343 1164 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:59:23.0359 1164 clr_optimization_v2.0.50727_64 - ok
15:59:23.0437 1164 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:59:23.0437 1164 clr_optimization_v4.0.30319_32 - ok
15:59:23.0468 1164 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:59:23.0484 1164 clr_optimization_v4.0.30319_64 - ok
15:59:23.0515 1164 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
15:59:23.0515 1164 CmBatt - ok
15:59:23.0531 1164 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:59:23.0531 1164 cmdide - ok
15:59:23.0593 1164 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
15:59:23.0593 1164 CNG - ok
15:59:23.0640 1164 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:59:23.0640 1164 Compbatt - ok
15:59:23.0687 1164 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:59:23.0687 1164 CompositeBus - ok
15:59:23.0702 1164 COMSysApp - ok
15:59:23.0718 1164 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:59:23.0718 1164 crcdisk - ok
15:59:23.0765 1164 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:59:23.0765 1164 CryptSvc - ok
15:59:23.0811 1164 [ F02D7FD231AF76C69A8F09C619DEE384 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
15:59:23.0811 1164 ctxusbm - ok
15:59:23.0874 1164 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:59:23.0874 1164 DcomLaunch - ok
15:59:23.0905 1164 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:59:23.0921 1164 defragsvc - ok
15:59:23.0999 1164 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:59:23.0999 1164 DfsC - ok
15:59:24.0030 1164 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:59:24.0030 1164 Dhcp - ok
15:59:24.0077 1164 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:59:24.0077 1164 discache - ok
15:59:24.0108 1164 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
15:59:24.0108 1164 Disk - ok
15:59:24.0170 1164 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:59:24.0170 1164 Dnscache - ok
15:59:24.0233 1164 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:59:24.0233 1164 dot3svc - ok
15:59:24.0279 1164 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:59:24.0279 1164 DPS - ok
15:59:24.0295 1164 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:59:24.0295 1164 drmkaud - ok
15:59:24.0357 1164 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:59:24.0357 1164 DXGKrnl - ok
15:59:24.0389 1164 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:59:24.0389 1164 EapHost - ok
15:59:24.0482 1164 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:59:24.0513 1164 ebdrv - ok
15:59:24.0560 1164 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:59:24.0560 1164 EFS - ok
15:59:24.0654 1164 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:59:24.0654 1164 ehRecvr - ok
15:59:24.0685 1164 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:59:24.0685 1164 ehSched - ok
15:59:24.0732 1164 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:59:24.0747 1164 elxstor - ok
15:59:24.0779 1164 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:59:24.0779 1164 ErrDev - ok
15:59:24.0841 1164 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:59:24.0857 1164 EventSystem - ok
15:59:24.0950 1164 [ 51643EE2712D9212E1E53CA7E8D8EB4A ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:59:24.0966 1164 EvtEng - ok
15:59:24.0997 1164 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:59:24.0997 1164 exfat - ok
15:59:25.0028 1164 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:59:25.0028 1164 fastfat - ok
15:59:25.0091 1164 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:59:25.0091 1164 Fax - ok
15:59:25.0122 1164 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
15:59:25.0122 1164 fdc - ok
15:59:25.0137 1164 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:59:25.0153 1164 fdPHost - ok
15:59:25.0153 1164 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:59:25.0153 1164 FDResPub - ok
15:59:25.0169 1164 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:59:25.0169 1164 FileInfo - ok
15:59:25.0184 1164 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:59:25.0184 1164 Filetrace - ok
15:59:25.0200 1164 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:59:25.0200 1164 flpydisk - ok
15:59:25.0231 1164 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:59:25.0231 1164 FltMgr - ok
15:59:25.0293 1164 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:59:25.0309 1164 FontCache - ok
15:59:25.0371 1164 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:59:25.0371 1164 FontCache3.0.0.0 - ok
15:59:25.0403 1164 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:59:25.0403 1164 FsDepends - ok
15:59:25.0434 1164 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:59:25.0434 1164 Fs_Rec - ok
15:59:25.0496 1164 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:59:25.0496 1164 fvevol - ok
15:59:25.0527 1164 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:59:25.0543 1164 gagp30kx - ok
15:59:25.0574 1164 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:59:25.0590 1164 gpsvc - ok
15:59:25.0637 1164 [ 626A24ED1228580B9518C01930936DF9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:59:25.0637 1164 gupdate - ok
15:59:25.0652 1164 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:59:25.0652 1164 hcw85cir - ok
15:59:25.0715 1164 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:59:25.0715 1164 HdAudAddService - ok
15:59:25.0746 1164 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:59:25.0746 1164 HDAudBus - ok
15:59:25.0777 1164 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:59:25.0777 1164 HidBatt - ok
15:59:25.0793 1164 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:59:25.0808 1164 HidBth - ok
15:59:25.0824 1164 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
15:59:25.0839 1164 HidIr - ok
15:59:25.0855 1164 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:59:25.0855 1164 hidserv - ok
15:59:25.0933 1164 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:59:25.0933 1164 HidUsb - ok
15:59:25.0995 1164 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:59:25.0995 1164 hkmsvc - ok
15:59:26.0042 1164 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:59:26.0058 1164 HomeGroupListener - ok
15:59:26.0120 1164 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:59:26.0120 1164 HomeGroupProvider - ok
15:59:26.0183 1164 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:59:26.0183 1164 HpSAMD - ok
15:59:26.0245 1164 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:59:26.0245 1164 HTTP - ok
15:59:26.0292 1164 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:59:26.0292 1164 hwpolicy - ok
15:59:26.0354 1164 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:59:26.0354 1164 i8042prt - ok
15:59:26.0401 1164 [ 660BF3255A1EB18ED803FD2FBA6AE400 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
15:59:26.0417 1164 IAANTMON - ok
15:59:26.0448 1164 [ BE7D72FCF442C26975942007E0831241 ] iaStor C:\Windows\system32\drivers\iaStor.sys
15:59:26.0448 1164 iaStor - ok
15:59:26.0495 1164 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:59:26.0495 1164 iaStorV - ok
15:59:26.0604 1164 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:59:26.0619 1164 idsvc - ok
15:59:26.0651 1164 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:59:26.0651 1164 iirsp - ok
15:59:26.0713 1164 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:59:26.0713 1164 IKEEXT - ok
15:59:26.0775 1164 [ 4FF8A2082D78255D2EB169F986BCC981 ] Impcd C:\Windows\system32\drivers\Impcd.sys
15:59:26.0775 1164 Impcd - ok
15:59:26.0869 1164 [ 2E3B99E8C23BE2BF32EBE1DB5261F275 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:59:26.0885 1164 IntcAzAudAddService - ok
15:59:26.0947 1164 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:59:26.0947 1164 intelide - ok
15:59:26.0978 1164 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
15:59:26.0994 1164 intelppm - ok
15:59:27.0009 1164 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:59:27.0009 1164 IPBusEnum - ok
15:59:27.0072 1164 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:59:27.0072 1164 IpFilterDriver - ok
15:59:27.0119 1164 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:59:27.0134 1164 iphlpsvc - ok
15:59:27.0181 1164 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:59:27.0181 1164 IPMIDRV - ok
15:59:27.0197 1164 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:59:27.0197 1164 IPNAT - ok
15:59:27.0228 1164 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:59:27.0228 1164 IRENUM - ok
15:59:27.0275 1164 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:59:27.0275 1164 isapnp - ok
15:59:27.0290 1164 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:59:27.0290 1164 iScsiPrt - ok
15:59:27.0337 1164 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
15:59:27.0337 1164 IviRegMgr - ok
15:59:27.0368 1164 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:59:27.0368 1164 kbdclass - ok
15:59:27.0431 1164 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:59:27.0431 1164 kbdhid - ok
15:59:27.0446 1164 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:59:27.0462 1164 KeyIso - ok
15:59:27.0509 1164 [ 322CD7A01A961D94C6EAB640D6427504 ] KOBCCEX C:\Windows\system32\drivers\KOBCCEX.sys
15:59:27.0524 1164 KOBCCEX - ok
15:59:27.0555 1164 [ 000200AD75DE8363546EECAFF77980FE ] KOBCCID C:\Windows\system32\drivers\KOBCCID.sys
15:59:27.0555 1164 KOBCCID - ok
15:59:27.0618 1164 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:59:27.0618 1164 KSecDD - ok
15:59:27.0649 1164 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:59:27.0665 1164 KSecPkg - ok
15:59:27.0696 1164 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:59:27.0696 1164 ksthunk - ok
15:59:27.0743 1164 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:59:27.0743 1164 KtmRm - ok
15:59:27.0805 1164 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:59:27.0805 1164 LanmanServer - ok
15:59:27.0852 1164 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:59:27.0867 1164 LanmanWorkstation - ok
15:59:27.0930 1164 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:59:27.0930 1164 lltdio - ok
15:59:27.0945 1164 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:59:27.0961 1164 lltdsvc - ok
15:59:27.0977 1164 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:59:27.0977 1164 lmhosts - ok
15:59:28.0023 1164 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:59:28.0023 1164 LSI_FC - ok
15:59:28.0039 1164 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:59:28.0039 1164 LSI_SAS - ok
15:59:28.0055 1164 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:59:28.0055 1164 LSI_SAS2 - ok
15:59:28.0070 1164 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:59:28.0070 1164 LSI_SCSI - ok
15:59:28.0117 1164 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:59:28.0117 1164 luafv - ok
15:59:28.0164 1164 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:59:28.0164 1164 Mcx2Svc - ok
15:59:28.0179 1164 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
15:59:28.0179 1164 megasas - ok
15:59:28.0195 1164 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:59:28.0195 1164 MegaSR - ok
15:59:28.0226 1164 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:59:28.0226 1164 MMCSS - ok
15:59:28.0242 1164 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:59:28.0242 1164 Modem - ok
15:59:28.0257 1164 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:59:28.0257 1164 monitor - ok
15:59:28.0320 1164 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:59:28.0320 1164 mouclass - ok
15:59:28.0382 1164 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:59:28.0382 1164 mouhid - ok
15:59:28.0429 1164 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:59:28.0429 1164 mountmgr - ok
15:59:28.0507 1164 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:59:28.0507 1164 MozillaMaintenance - ok
15:59:28.0554 1164 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:59:28.0554 1164 mpio - ok
15:59:28.0569 1164 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:59:28.0569 1164 mpsdrv - ok
15:59:28.0632 1164 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:59:28.0632 1164 MpsSvc - ok
15:59:28.0694 1164 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:59:28.0694 1164 MRxDAV - ok
15:59:28.0741 1164 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:59:28.0741 1164 mrxsmb - ok
15:59:28.0788 1164 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:59:28.0788 1164 mrxsmb10 - ok
15:59:28.0819 1164 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:59:28.0819 1164 mrxsmb20 - ok
15:59:28.0835 1164 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:59:28.0835 1164 msahci - ok
15:59:28.0850 1164 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:59:28.0850 1164 msdsm - ok
15:59:28.0881 1164 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:59:28.0881 1164 MSDTC - ok
15:59:28.0928 1164 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:59:28.0928 1164 Msfs - ok
15:59:28.0944 1164 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:59:28.0944 1164 mshidkmdf - ok
15:59:28.0991 1164 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:59:28.0991 1164 msisadrv - ok
15:59:29.0037 1164 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:59:29.0037 1164 MSiSCSI - ok
15:59:29.0037 1164 msiserver - ok
15:59:29.0069 1164 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:59:29.0069 1164 MSKSSRV - ok
15:59:29.0084 1164 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:59:29.0084 1164 MSPCLOCK - ok
15:59:29.0115 1164 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:59:29.0115 1164 MSPQM - ok
15:59:29.0147 1164 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:59:29.0162 1164 MsRPC - ok
15:59:29.0178 1164 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:59:29.0178 1164 mssmbios - ok
15:59:29.0209 1164 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:59:29.0209 1164 MSTEE - ok
15:59:29.0225 1164 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:59:29.0225 1164 MTConfig - ok
15:59:29.0256 1164 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:59:29.0256 1164 Mup - ok
15:59:29.0303 1164 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:59:29.0318 1164 napagent - ok
15:59:29.0365 1164 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:59:29.0365 1164 NativeWifiP - ok
15:59:29.0427 1164 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:59:29.0443 1164 NDIS - ok
15:59:29.0459 1164 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:59:29.0459 1164 NdisCap - ok
15:59:29.0505 1164 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:59:29.0505 1164 NdisTapi - ok
15:59:29.0552 1164 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:59:29.0552 1164 Ndisuio - ok
15:59:29.0599 1164 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:59:29.0599 1164 NdisWan - ok
15:59:29.0646 1164 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:59:29.0646 1164 NDProxy - ok
15:59:29.0677 1164 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:59:29.0677 1164 NetBIOS - ok
15:59:29.0724 1164 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:59:29.0739 1164 NetBT - ok
15:59:29.0755 1164 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:59:29.0755 1164 Netlogon - ok
15:59:29.0817 1164 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:59:29.0817 1164 Netman - ok
15:59:29.0833 1164 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:59:29.0849 1164 netprofm - ok
15:59:29.0880 1164 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:59:29.0895 1164 NetTcpPortSharing - ok
15:59:30.0036 1164 [ 4D85A450EDEF10C38882182753A49AAE ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
15:59:30.0161 1164 NETw5s64 - ok
15:59:30.0192 1164 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:59:30.0192 1164 nfrd960 - ok
15:59:30.0270 1164 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:59:30.0270 1164 NlaSvc - ok
15:59:30.0285 1164 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:59:30.0285 1164 Npfs - ok
15:59:30.0317 1164 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:59:30.0317 1164 nsi - ok
15:59:30.0317 1164 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:59:30.0332 1164 nsiproxy - ok
15:59:30.0395 1164 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:59:30.0410 1164 Ntfs - ok
15:59:30.0426 1164 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:59:30.0426 1164 Null - ok
15:59:30.0488 1164 [ AD37248BD442D41C9A896E53EB8A85EE ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
15:59:30.0488 1164 NVHDA - ok
15:59:30.0707 1164 [ CA8447574E9DAE22250C723819D3EF96 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:59:30.0925 1164 nvlddmkm - ok
15:59:30.0956 1164 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:59:30.0956 1164 nvraid - ok
15:59:30.0987 1164 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:59:30.0987 1164 nvstor - ok
15:59:31.0034 1164 [ AD1E49BCEB5D446A271C43BFA8FD71D2 ] nvsvc C:\Windows\system32\nvvsvc.exe
15:59:31.0034 1164 nvsvc - ok
15:59:31.0065 1164 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:59:31.0065 1164 nv_agp - ok
15:59:31.0112 1164 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:59:31.0112 1164 ohci1394 - ok
15:59:31.0190 1164 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:59:31.0190 1164 ose - ok
15:59:31.0346 1164 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:59:31.0424 1164 osppsvc - ok
15:59:31.0487 1164 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:59:31.0487 1164 p2pimsvc - ok
15:59:31.0518 1164 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:59:31.0518 1164 p2psvc - ok
15:59:31.0549 1164 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
15:59:31.0549 1164 Parport - ok
15:59:31.0580 1164 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:59:31.0580 1164 partmgr - ok
15:59:31.0611 1164 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:59:31.0611 1164 PcaSvc - ok
15:59:31.0658 1164 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:59:31.0674 1164 pci - ok
15:59:31.0705 1164 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:59:31.0705 1164 pciide - ok
15:59:31.0736 1164 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:59:31.0736 1164 pcmcia - ok
15:59:31.0752 1164 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:59:31.0752 1164 pcw - ok
15:59:31.0767 1164 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:59:31.0783 1164 PEAUTH - ok
15:59:31.0861 1164 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:59:31.0861 1164 PerfHost - ok
15:59:31.0939 1164 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:59:31.0955 1164 pla - ok
15:59:32.0001 1164 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:59:32.0001 1164 PlugPlay - ok
15:59:32.0111 1164 [ 627FA58ADC043704F9D14CA44340956F ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
15:59:32.0111 1164 PMBDeviceInfoProvider - ok
15:59:32.0126 1164 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:59:32.0142 1164 PNRPAutoReg - ok
15:59:32.0157 1164 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:59:32.0157 1164 PNRPsvc - ok
15:59:32.0204 1164 [ B8D8EC78B0F9ED8E220506181274F3D3 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
15:59:32.0204 1164 Point64 - ok
15:59:32.0251 1164 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:59:32.0251 1164 PolicyAgent - ok
15:59:32.0298 1164 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:59:32.0298 1164 Power - ok
15:59:32.0360 1164 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:59:32.0360 1164 PptpMiniport - ok
15:59:32.0376 1164 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
15:59:32.0376 1164 Processor - ok
15:59:32.0438 1164 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:59:32.0438 1164 ProfSvc - ok
15:59:32.0454 1164 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:59:32.0454 1164 ProtectedStorage - ok
15:59:32.0516 1164 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:59:32.0516 1164 Psched - ok
15:59:32.0547 1164 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
15:59:32.0547 1164 PSI_SVC_2 - ok
15:59:32.0579 1164 [ AED797CCA02783296C68AA10D0CFF8A9 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
15:59:32.0579 1164 PxHlpa64 - ok
15:59:32.0625 1164 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:59:32.0641 1164 ql2300 - ok
15:59:32.0672 1164 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:59:32.0672 1164 ql40xx - ok
15:59:32.0719 1164 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:59:32.0719 1164 QWAVE - ok
15:59:32.0735 1164 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:59:32.0735 1164 QWAVEdrv - ok
15:59:32.0766 1164 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:59:32.0766 1164 RasAcd - ok
15:59:32.0797 1164 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:59:32.0797 1164 RasAgileVpn - ok
15:59:32.0813 1164 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:59:32.0813 1164 RasAuto - ok
15:59:32.0859 1164 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:59:32.0859 1164 Rasl2tp - ok
15:59:32.0906 1164 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:59:32.0906 1164 RasMan - ok
15:59:32.0937 1164 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:59:32.0937 1164 RasPppoe - ok
15:59:32.0953 1164 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:59:32.0953 1164 RasSstp - ok
15:59:33.0000 1164 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:59:33.0000 1164 rdbss - ok
15:59:33.0015 1164 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
15:59:33.0015 1164 rdpbus - ok
15:59:33.0031 1164 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:59:33.0031 1164 RDPCDD - ok
15:59:33.0062 1164 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:59:33.0062 1164 RDPENCDD - ok
15:59:33.0078 1164 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:59:33.0078 1164 RDPREFMP - ok
15:59:33.0125 1164 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:59:33.0125 1164 RDPWD - ok
15:59:33.0187 1164 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:59:33.0187 1164 rdyboost - ok
15:59:33.0218 1164 [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi C:\Windows\system32\drivers\regi.sys
15:59:33.0234 1164 regi - ok
15:59:33.0312 1164 [ 3B71B5B91E7DCA93585D5A86C897ADC4 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:59:33.0327 1164 RegSrvc - ok
15:59:33.0359 1164 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:59:33.0359 1164 RemoteAccess - ok
15:59:33.0405 1164 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:59:33.0405 1164 RemoteRegistry - ok
15:59:33.0452 1164 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
15:59:33.0452 1164 RFCOMM - ok
15:59:33.0515 1164 [ 5CA4ABD888B602551B59BAA26941C167 ] rimspci C:\Windows\system32\drivers\rimssne64.sys
15:59:33.0515 1164 rimspci - ok
15:59:33.0561 1164 [ BB6E138AEB351728959DA5E2731D8140 ] risdsnpe C:\Windows\system32\drivers\risdsne64.sys
15:59:33.0561 1164 risdsnpe - ok
15:59:33.0608 1164 [ D151224BC11078895A60FA970728FF59 ] Roxio UPnP Renderer 10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
15:59:33.0608 1164 Roxio UPnP Renderer 10 - ok
15:59:33.0639 1164 [ 5022A927944878BD750960BD21E751AF ] Roxio Upnp Server 10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
15:59:33.0639 1164 Roxio Upnp Server 10 - ok
15:59:33.0686 1164 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:59:33.0686 1164 RpcEptMapper - ok
15:59:33.0717 1164 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:59:33.0717 1164 RpcLocator - ok
15:59:33.0780 1164 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:59:33.0780 1164 RpcSs - ok
15:59:33.0827 1164 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:59:33.0827 1164 rspndr - ok
15:59:33.0936 1164 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:59:33.0936 1164 SamSs - ok
15:59:33.0983 1164 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:59:33.0983 1164 sbp2port - ok
15:59:34.0029 1164 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:59:34.0029 1164 SCardSvr - ok
15:59:34.0076 1164 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:59:34.0076 1164 scfilter - ok
15:59:34.0139 1164 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:59:34.0154 1164 Schedule - ok
15:59:34.0185 1164 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:59:34.0185 1164 SCPolicySvc - ok
15:59:34.0217 1164 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
15:59:34.0217 1164 sdbus - ok
15:59:34.0248 1164 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:59:34.0263 1164 SDRSVC - ok
15:59:34.0295 1164 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:59:34.0295 1164 secdrv - ok
15:59:34.0310 1164 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:59:34.0310 1164 seclogon - ok
15:59:34.0357 1164 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:59:34.0357 1164 SENS - ok
15:59:34.0388 1164 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:59:34.0388 1164 SensrSvc - ok
15:59:34.0419 1164 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
15:59:34.0419 1164 Serenum - ok
15:59:34.0466 1164 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
15:59:34.0466 1164 Serial - ok
15:59:34.0497 1164 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:59:34.0497 1164 sermouse - ok
15:59:34.0544 1164 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:59:34.0560 1164 SessionEnv - ok
15:59:34.0607 1164 [ 70F9C476B62DE4F2823E918A6C181ADE ] SFEP C:\Windows\system32\drivers\SFEP.sys
15:59:34.0607 1164 SFEP - ok
15:59:34.0638 1164 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:59:34.0638 1164 sffdisk - ok
15:59:34.0653 1164 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:59:34.0653 1164 sffp_mmc - ok
15:59:34.0669 1164 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:59:34.0669 1164 sffp_sd - ok
15:59:34.0685 1164 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:59:34.0685 1164 sfloppy - ok
15:59:34.0731 1164 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:59:34.0731 1164 SharedAccess - ok
15:59:34.0778 1164 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:59:34.0794 1164 ShellHWDetection - ok
15:59:34.0825 1164 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:59:34.0825 1164 SiSRaid2 - ok
15:59:34.0841 1164 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:59:34.0856 1164 SiSRaid4 - ok
15:59:34.0919 1164 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:59:34.0919 1164 SkypeUpdate - ok
15:59:34.0950 1164 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:59:34.0950 1164 Smb - ok
15:59:35.0012 1164 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:59:35.0012 1164 SNMPTRAP - ok
15:59:35.0075 1164 [ 98886C88A1CB13D61672AE2C638B7E1C ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
15:59:35.0075 1164 SOHCImp - ok
15:59:35.0090 1164 [ 442A13F395546F4564C377296D43B564 ] SOHDBSvr C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
15:59:35.0090 1164 SOHDBSvr - ok
15:59:35.0137 1164 [ 556681BE668D71DC162391A45422B52C ] SOHDms C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
15:59:35.0137 1164 SOHDms - ok
15:59:35.0153 1164 [ 72B46103E4111439109ACF5882627C24 ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
15:59:35.0153 1164 SOHDs - ok
15:59:35.0153 1164 [ 725B6E9CD1959271AC993DC035E1606D ] SOHPlMgr C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
15:59:35.0168 1164 SOHPlMgr - ok
15:59:35.0199 1164 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:59:35.0199 1164 spldr - ok
15:59:35.0262 1164 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:59:35.0262 1164 Spooler - ok
15:59:35.0355 1164 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:59:35.0402 1164 sppsvc - ok
15:59:35.0433 1164 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:59:35.0433 1164 sppuinotify - ok
15:59:35.0480 1164 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:59:35.0480 1164 srv - ok
15:59:35.0527 1164 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:59:35.0527 1164 srv2 - ok
15:59:35.0543 1164 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:59:35.0543 1164 srvnet - ok
15:59:35.0574 1164 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:59:35.0589 1164 SSDPSRV - ok
15:59:35.0605 1164 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:59:35.0605 1164 SstpSvc - ok
15:59:35.0621 1164 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:59:35.0621 1164 stexstor - ok
15:59:35.0652 1164 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
15:59:35.0652 1164 StillCam - ok
15:59:35.0699 1164 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:59:35.0714 1164 stisvc - ok
15:59:35.0745 1164 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
15:59:35.0745 1164 swenum - ok
15:59:35.0792 1164 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:59:35.0808 1164 swprv - ok
15:59:35.0870 1164 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:59:35.0886 1164 SysMain - ok
15:59:35.0933 1164 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:59:35.0933 1164 TabletInputService - ok
15:59:35.0948 1164 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:59:35.0964 1164 TapiSrv - ok
15:59:35.0979 1164 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:59:35.0995 1164 TBS - ok
15:59:36.0073 1164 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:59:36.0089 1164 Tcpip - ok
15:59:36.0120 1164 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:59:36.0135 1164 TCPIP6 - ok
15:59:36.0182 1164 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:59:36.0182 1164 tcpipreg - ok
15:59:36.0213 1164 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:59:36.0229 1164 TDPIPE - ok
15:59:36.0276 1164 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:59:36.0276 1164 TDTCP - ok
15:59:36.0323 1164 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:59:36.0323 1164 tdx - ok
15:59:36.0338 1164 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:59:36.0338 1164 TermDD - ok
15:59:36.0401 1164 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:59:36.0401 1164 TermService - ok
15:59:36.0432 1164 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:59:36.0432 1164 Themes - ok
15:59:36.0447 1164 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:59:36.0447 1164 THREADORDER - ok
15:59:36.0463 1164 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:59:36.0479 1164 TrkWks - ok
15:59:36.0525 1164 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:59:36.0525 1164 TrustedInstaller - ok
15:59:36.0557 1164 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:59:36.0557 1164 tssecsrv - ok
15:59:36.0619 1164 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:59:36.0619 1164 TsUsbFlt - ok
15:59:36.0713 1164 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:59:36.0713 1164 tunnel - ok
15:59:36.0744 1164 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:59:36.0744 1164 uagp35 - ok
15:59:36.0791 1164 [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
15:59:36.0791 1164 uCamMonitor - ok
15:59:36.0853 1164 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:59:36.0853 1164 udfs - ok
15:59:36.0884 1164 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:59:36.0884 1164 UI0Detect - ok
15:59:36.0900 1164 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:59:36.0900 1164 uliagpkx - ok
15:59:36.0947 1164 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
15:59:36.0947 1164 umbus - ok
15:59:36.0978 1164 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
15:59:36.0978 1164 UmPass - ok
15:59:37.0009 1164 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:59:37.0009 1164 upnphost - ok
15:59:37.0025 1164 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:59:37.0025 1164 usbccgp - ok
15:59:37.0071 1164 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:59:37.0071 1164 usbcir - ok
15:59:37.0103 1164 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
15:59:37.0103 1164 usbehci - ok
15:59:37.0149 1164 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:59:37.0149 1164 usbhub - ok
15:59:37.0181 1164 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:59:37.0181 1164 usbohci - ok
15:59:37.0212 1164 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:59:37.0212 1164 usbprint - ok
15:59:37.0227 1164 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:59:37.0227 1164 USBSTOR - ok
15:59:37.0243 1164 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:59:37.0243 1164 usbuhci - ok
15:59:37.0305 1164 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
15:59:37.0305 1164 usbvideo - ok
15:59:37.0337 1164 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:59:37.0352 1164 UxSms - ok
15:59:37.0415 1164 [ 4E7135D6D0127067E4CFEE12259F895D ] VAIO Entertainment TV Device Arbitration Service C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
15:59:37.0415 1164 VAIO Entertainment TV Device Arbitration Service - ok
15:59:37.0461 1164 [ 6B31C9CB94927DBEEB62E15275F4CC54 ] VAIO Event Service C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
15:59:37.0461 1164 VAIO Event Service - ok
15:59:37.0539 1164 [ B8C9A7010AFD5CBBE194CB9EF7C4FD14 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
15:59:37.0555 1164 VAIO Power Management - ok
15:59:37.0571 1164 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:59:37.0571 1164 VaultSvc - ok
15:59:37.0617 1164 [ 6A740F5FF3246C3BE3DD317299EFC88E ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
15:59:37.0633 1164 VCFw - ok
15:59:37.0727 1164 [ 10E212BFB7EAB152A64C1AAEC2F7F4E0 ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
15:59:37.0727 1164 VcmIAlzMgr - ok
15:59:37.0773 1164 [ 9D9B34B430B4DC683112F59C80D20AB8 ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
15:59:37.0773 1164 VcmINSMgr - ok
15:59:37.0836 1164 [ 8EFAACCC7BFA1E9031EFDFB01A1B0D69 ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
15:59:37.0836 1164 VcmXmlIfHelper - ok
15:59:37.0898 1164 [ D347D3ABE070AA09C22FC37121555D52 ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe
15:59:37.0914 1164 VCService - ok
15:59:37.0961 1164 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:59:37.0961 1164 vdrvroot - ok
15:59:38.0023 1164 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:59:38.0039 1164 vds - ok
15:59:38.0054 1164 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:59:38.0070 1164 vga - ok
15:59:38.0085 1164 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:59:38.0085 1164 VgaSave - ok
15:59:38.0117 1164 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:59:38.0117 1164 vhdmp - ok
15:59:38.0132 1164 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:59:38.0148 1164 viaide - ok
15:59:38.0163 1164 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:59:38.0163 1164 volmgr - ok
15:59:38.0210 1164 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:59:38.0226 1164 volmgrx - ok
15:59:38.0241 1164 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:59:38.0241 1164 volsnap - ok
15:59:38.0288 1164 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:59:38.0288 1164 vsmraid - ok
15:59:38.0351 1164 [ 047F22BDFDAE6DF6F1E47E747A1237A2 ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
15:59:38.0351 1164 VSNService - ok
15:59:38.0429 1164 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:59:38.0444 1164 VSS - ok
15:59:38.0553 1164 [ D2D646D4D686C6996BA1FF96E11BE570 ] VUAgent C:\Program Files\Sony\VAIO Update\VUAgent.exe
15:59:38.0569 1164 VUAgent - ok
15:59:38.0585 1164 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:59:38.0585 1164 vwifibus - ok
15:59:38.0616 1164 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:59:38.0616 1164 vwififlt - ok
15:59:38.0647 1164 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:59:38.0663 1164 vwifimp - ok
15:59:38.0678 1164 [ D8BEF4AC1EAC809DBDBD441D6CFF6C4C ] VzCdbSvc C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
15:59:38.0678 1164 VzCdbSvc - ok
15:59:38.0725 1164 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:59:38.0741 1164 W32Time - ok
15:59:38.0756 1164 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:59:38.0756 1164 WacomPen - ok
15:59:38.0819 1164 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:59:38.0819 1164 WANARP - ok
15:59:38.0834 1164 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:59:38.0834 1164 Wanarpv6 - ok
15:59:38.0897 1164 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:59:38.0912 1164 wbengine - ok
15:59:38.0928 1164 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:59:38.0943 1164 WbioSrvc - ok
15:59:38.0975 1164 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:59:38.0990 1164 wcncsvc - ok
15:59:39.0021 1164 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:59:39.0021 1164 WcsPlugInService - ok
15:59:39.0037 1164 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
15:59:39.0037 1164 Wd - ok
15:59:39.0099 1164 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:59:39.0099 1164 Wdf01000 - ok
15:59:39.0115 1164 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:59:39.0115 1164 WdiServiceHost - ok
15:59:39.0131 1164 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:59:39.0131 1164 WdiSystemHost - ok
15:59:39.0177 1164 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:59:39.0177 1164 WebClient - ok
15:59:39.0193 1164 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:59:39.0193 1164 Wecsvc - ok
15:59:39.0209 1164 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:59:39.0209 1164 wercplsupport - ok
15:59:39.0240 1164 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:59:39.0240 1164 WerSvc - ok
15:59:39.0287 1164 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:59:39.0287 1164 WfpLwf - ok
15:59:39.0302 1164 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:59:39.0302 1164 WIMMount - ok
15:59:39.0318 1164 WinDefend - ok
15:59:39.0318 1164 WinHttpAutoProxySvc - ok
15:59:39.0380 1164 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:59:39.0396 1164 Winmgmt - ok
15:59:39.0458 1164 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:59:39.0489 1164 WinRM - ok
15:59:39.0552 1164 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:59:39.0552 1164 WinUsb - ok
15:59:39.0583 1164 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:59:39.0599 1164 Wlansvc - ok
15:59:39.0614 1164 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:59:39.0614 1164 WmiAcpi - ok
15:59:39.0661 1164 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:59:39.0661 1164 wmiApSrv - ok
15:59:39.0692 1164 WMPNetworkSvc - ok
15:59:39.0708 1164 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:59:39.0708 1164 WPCSvc - ok
15:59:39.0755 1164 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:59:39.0770 1164 WPDBusEnum - ok
15:59:39.0801 1164 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:59:39.0801 1164 ws2ifsl - ok
|
|
01.02.2013, 16:11
| #8 |
| | TrojanDownloader:Win32/Adload.Da-Virus Hier der Rest Code:
ATTFilter 15:59:39.0833 1164 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
15:59:39.0833 1164 wscsvc - ok
15:59:39.0833 1164 WSearch - ok
15:59:39.0942 1164 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:59:39.0973 1164 wuauserv - ok
15:59:40.0020 1164 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:59:40.0020 1164 WudfPf - ok
15:59:40.0067 1164 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:59:40.0067 1164 WUDFRd - ok
15:59:40.0113 1164 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:59:40.0113 1164 wudfsvc - ok
15:59:40.0160 1164 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:59:40.0160 1164 WwanSvc - ok
15:59:40.0207 1164 [ 6AFFD75C6807B3DD3AB018E27B88EF95 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
15:59:40.0207 1164 yukonw7 - ok
15:59:40.0254 1164 ================ Scan global ===============================
15:59:40.0285 1164 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:59:40.0316 1164 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
15:59:40.0332 1164 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
15:59:40.0363 1164 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:59:40.0394 1164 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:59:40.0410 1164 [Global] - ok
15:59:40.0410 1164 ================ Scan MBR ==================================
15:59:40.0425 1164 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:59:40.0628 1164 \Device\Harddisk0\DR0 - ok
15:59:40.0644 1164 ================ Scan VBR ==================================
15:59:40.0644 1164 [ B075350F0E2E906626AFA655B02DEA20 ] \Device\Harddisk0\DR0\Partition1
15:59:40.0644 1164 \Device\Harddisk0\DR0\Partition1 - ok
15:59:40.0659 1164 [ 6DFC446AC7C7BF87F4EBC2D9F954570F ] \Device\Harddisk0\DR0\Partition2
15:59:40.0659 1164 \Device\Harddisk0\DR0\Partition2 - ok
15:59:40.0659 1164 ============================================================
15:59:40.0659 1164 Scan finished
15:59:40.0659 1164 ============================================================
15:59:40.0659 4572 Detected object count: 0
15:59:40.0659 4572 Actual detected object count: 0
16:00:10.0767 6856 ============================================================
16:00:10.0767 6856 Scan started
16:00:10.0767 6856 Mode: Manual; SigCheck; TDLFS;
16:00:10.0767 6856 ============================================================
16:00:11.0095 6856 ================ Scan system memory ========================
16:00:11.0095 6856 System memory - ok
16:00:11.0095 6856 ================ Scan services =============================
16:00:11.0672 6856 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:00:11.0860 6856 1394ohci - ok
16:00:12.0156 6856 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
16:00:12.0172 6856 ACDaemon - ok
16:00:12.0328 6856 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:00:12.0343 6856 ACPI - ok
16:00:12.0406 6856 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:00:13.0061 6856 AcpiPmi - ok
16:00:13.0217 6856 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:00:13.0232 6856 adp94xx - ok
16:00:13.0357 6856 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:00:13.0373 6856 adpahci - ok
16:00:13.0482 6856 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:00:13.0498 6856 adpu320 - ok
16:00:13.0544 6856 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:00:17.0226 6856 AeLookupSvc - ok
16:00:17.0398 6856 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:00:17.0507 6856 AFD - ok
16:00:17.0538 6856 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:00:17.0554 6856 agp440 - ok
16:00:17.0616 6856 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:00:17.0663 6856 ALG - ok
16:00:17.0694 6856 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:00:17.0710 6856 aliide - ok
16:00:17.0725 6856 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:00:17.0741 6856 amdide - ok
16:00:17.0803 6856 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:00:17.0850 6856 AmdK8 - ok
16:00:17.0928 6856 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
16:00:18.0006 6856 AmdPPM - ok
16:00:18.0053 6856 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:00:18.0068 6856 amdsata - ok
16:00:18.0131 6856 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:00:18.0146 6856 amdsbs - ok
16:00:18.0178 6856 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:00:18.0193 6856 amdxata - ok
16:00:18.0287 6856 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
16:00:18.0287 6856 AntiVirSchedulerService - ok
16:00:18.0365 6856 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
16:00:18.0380 6856 AntiVirService - ok
16:00:18.0474 6856 [ 1661F9C9E4B0049FA0A5E30264375A87 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
16:00:18.0490 6856 ApfiltrService - ok
16:00:18.0536 6856 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:00:22.0795 6856 AppID - ok
16:00:22.0858 6856 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:00:22.0967 6856 AppIDSvc - ok
16:00:23.0029 6856 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:00:23.0092 6856 Appinfo - ok
16:00:23.0123 6856 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
16:00:23.0138 6856 arc - ok
16:00:23.0170 6856 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:00:23.0185 6856 arcsas - ok
16:00:23.0216 6856 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
16:00:23.0232 6856 ArcSoftKsUFilter - ok
16:00:23.0248 6856 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:00:23.0310 6856 AsyncMac - ok
16:00:23.0341 6856 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:00:23.0357 6856 atapi - ok
16:00:23.0466 6856 [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] athr C:\Windows\system32\DRIVERS\athrx.sys
16:00:23.0497 6856 athr - ok
16:00:23.0575 6856 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:00:23.0653 6856 AudioEndpointBuilder - ok
16:00:23.0669 6856 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:00:23.0731 6856 AudioSrv - ok
16:00:23.0762 6856 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
16:00:23.0778 6856 avgntflt - ok
16:00:23.0825 6856 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
16:00:23.0840 6856 avipbb - ok
16:00:23.0903 6856 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
16:00:23.0918 6856 avkmgr - ok
16:00:23.0965 6856 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:00:24.0028 6856 AxInstSV - ok
16:00:24.0059 6856 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:00:24.0090 6856 b06bdrv - ok
16:00:24.0199 6856 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:00:24.0277 6856 b57nd60a - ok
16:00:24.0340 6856 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:00:24.0386 6856 BDESVC - ok
16:00:24.0418 6856 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:00:24.0480 6856 Beep - ok
16:00:24.0527 6856 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
16:00:24.0574 6856 BFE - ok
16:00:24.0636 6856 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
16:00:24.0730 6856 BITS - ok
16:00:24.0761 6856 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
16:00:24.0792 6856 blbdrive - ok
16:00:24.0839 6856 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:00:24.0917 6856 bowser - ok
16:00:25.0010 6856 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:00:25.0198 6856 BrFiltLo - ok
16:00:25.0213 6856 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:00:25.0229 6856 BrFiltUp - ok
16:00:25.0322 6856 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
16:00:25.0385 6856 Browser - ok
16:00:25.0494 6856 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:00:25.0588 6856 Brserid - ok
16:00:25.0666 6856 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:00:25.0712 6856 BrSerWdm - ok
16:00:25.0728 6856 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:00:25.0790 6856 BrUsbMdm - ok
16:00:25.0822 6856 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:00:25.0853 6856 BrUsbSer - ok
16:00:25.0931 6856 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
16:00:26.0009 6856 BthEnum - ok
16:00:26.0040 6856 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:00:26.0087 6856 BTHMODEM - ok
16:00:26.0118 6856 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
16:00:26.0165 6856 BthPan - ok
16:00:26.0352 6856 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
16:00:26.0430 6856 BTHPORT - ok
16:00:26.0492 6856 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:00:26.0570 6856 bthserv - ok
16:00:26.0602 6856 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
16:00:26.0648 6856 BTHUSB - ok
16:00:26.0726 6856 [ 6E04458E98DAF28826482E41A7A62DF5 ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
16:00:26.0726 6856 btusbflt - ok
16:00:26.0804 6856 [ 4BDBDB86ABBA924E029FB2683BE7C505 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
16:00:26.0820 6856 btwaudio - ok
16:00:26.0914 6856 [ 5C849BD7C78791C5CEE9F4651D7FE38D ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
16:00:26.0929 6856 btwavdt - ok
16:00:27.0553 6856 [ 31DA517946FFE416442E864592548F8A ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
16:00:27.0569 6856 btwdins - ok
16:00:27.0600 6856 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
16:00:27.0616 6856 btwl2cap - ok
16:00:27.0647 6856 [ 3E1991AFA851A36DC978B0A1B0535C8B ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
16:00:27.0662 6856 btwrchid - ok
16:00:27.0694 6856 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:00:27.0772 6856 cdfs - ok
16:00:27.0896 6856 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
16:00:27.0959 6856 cdrom - ok
16:00:28.0006 6856 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:00:28.0068 6856 CertPropSvc - ok
16:00:28.0130 6856 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
16:00:28.0162 6856 circlass - ok
16:00:28.0224 6856 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:00:28.0240 6856 CLFS - ok
16:00:28.0708 6856 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:00:28.0723 6856 clr_optimization_v2.0.50727_32 - ok
16:00:29.0035 6856 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:00:29.0051 6856 clr_optimization_v2.0.50727_64 - ok
16:00:29.0472 6856 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:00:29.0488 6856 clr_optimization_v4.0.30319_32 - ok
16:00:29.0722 6856 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:00:29.0722 6856 clr_optimization_v4.0.30319_64 - ok
16:00:29.0815 6856 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
16:00:29.0862 6856 CmBatt - ok
16:00:29.0878 6856 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:00:29.0893 6856 cmdide - ok
16:00:29.0987 6856 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
16:00:30.0034 6856 CNG - ok
16:00:30.0096 6856 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:00:30.0112 6856 Compbatt - ok
16:00:30.0174 6856 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:00:30.0221 6856 CompositeBus - ok
16:00:30.0236 6856 COMSysApp - ok
16:00:30.0252 6856 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:00:30.0268 6856 crcdisk - ok
16:00:30.0377 6856 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:00:30.0455 6856 CryptSvc - ok
16:00:30.0486 6856 [ F02D7FD231AF76C69A8F09C619DEE384 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
16:00:30.0486 6856 ctxusbm - ok
16:00:30.0533 6856 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:00:30.0626 6856 DcomLaunch - ok
16:00:30.0767 6856 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:00:30.0814 6856 defragsvc - ok
16:00:30.0845 6856 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:00:30.0938 6856 DfsC - ok
16:00:31.0079 6856 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:00:31.0172 6856 Dhcp - ok
16:00:31.0204 6856 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:00:31.0282 6856 discache - ok
16:00:31.0313 6856 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
16:00:31.0328 6856 Disk - ok
16:00:31.0422 6856 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:00:31.0500 6856 Dnscache - ok
16:00:31.0547 6856 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:00:31.0640 6856 dot3svc - ok
16:00:31.0781 6856 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:00:31.0859 6856 DPS - ok
16:00:31.0921 6856 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:00:31.0968 6856 drmkaud - ok
16:00:32.0062 6856 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:00:32.0093 6856 DXGKrnl - ok
16:00:32.0140 6856 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:00:32.0218 6856 EapHost - ok
16:00:33.0154 6856 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:00:33.0232 6856 ebdrv - ok
16:00:33.0325 6856 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:00:33.0372 6856 EFS - ok
16:00:33.0653 6856 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:00:33.0746 6856 ehRecvr - ok
16:00:33.0809 6856 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:00:33.0856 6856 ehSched - ok
16:00:34.0074 6856 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:00:34.0090 6856 elxstor - ok
16:00:34.0168 6856 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:00:34.0214 6856 ErrDev - ok
16:00:34.0324 6856 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:00:34.0402 6856 EventSystem - ok
16:00:34.0651 6856 [ 51643EE2712D9212E1E53CA7E8D8EB4A ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
16:00:34.0682 6856 EvtEng - ok
16:00:34.0760 6856 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:00:34.0823 6856 exfat - ok
16:00:34.0901 6856 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:00:34.0994 6856 fastfat - ok
16:00:35.0260 6856 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:00:35.0306 6856 Fax - ok
16:00:35.0338 6856 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
16:00:35.0353 6856 fdc - ok
16:00:35.0384 6856 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:00:35.0462 6856 fdPHost - ok
16:00:35.0478 6856 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:00:35.0556 6856 FDResPub - ok
16:00:35.0587 6856 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:00:35.0603 6856 FileInfo - ok
16:00:35.0634 6856 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:00:35.0696 6856 Filetrace - ok
16:00:35.0728 6856 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:00:35.0759 6856 flpydisk - ok
16:00:35.0884 6856 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:00:35.0899 6856 FltMgr - ok
16:00:36.0258 6856 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
16:00:36.0289 6856 FontCache - ok
16:00:36.0367 6856 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:00:36.0367 6856 FontCache3.0.0.0 - ok
16:00:36.0445 6856 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:00:36.0461 6856 FsDepends - ok
16:00:36.0492 6856 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:00:36.0508 6856 Fs_Rec - ok
16:00:36.0601 6856 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:00:36.0617 6856 fvevol - ok
16:00:36.0695 6856 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:00:36.0695 6856 gagp30kx - ok
16:00:36.0913 6856 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:00:36.0991 6856 gpsvc - ok
16:00:37.0178 6856 [ 626A24ED1228580B9518C01930936DF9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:00:37.0194 6856 gupdate - ok
16:00:37.0225 6856 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:00:37.0272 6856 hcw85cir - ok
16:00:37.0397 6856 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:00:37.0459 6856 HdAudAddService - ok
16:00:37.0522 6856 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:00:37.0568 6856 HDAudBus - ok
16:00:37.0600 6856 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:00:37.0662 6856 HidBatt - ok
16:00:37.0678 6856 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:00:37.0740 6856 HidBth - ok
16:00:37.0771 6856 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
16:00:37.0802 6856 HidIr - ok
16:00:37.0849 6856 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
16:00:37.0912 6856 hidserv - ok
16:00:37.0990 6856 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:00:38.0005 6856 HidUsb - ok
16:00:38.0068 6856 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:00:38.0146 6856 hkmsvc - ok
16:00:38.0224 6856 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:00:38.0270 6856 HomeGroupListener - ok
16:00:38.0364 6856 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:00:38.0411 6856 HomeGroupProvider - ok
16:00:38.0489 6856 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:00:38.0489 6856 HpSAMD - ok
16:00:38.0738 6856 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:00:38.0816 6856 HTTP - ok
16:00:38.0863 6856 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:00:38.0879 6856 hwpolicy - ok
16:00:38.0957 6856 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
16:00:38.0972 6856 i8042prt - ok
16:00:39.0253 6856 [ 660BF3255A1EB18ED803FD2FBA6AE400 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
16:00:39.0269 6856 IAANTMON - ok
16:00:39.0394 6856 [ BE7D72FCF442C26975942007E0831241 ] iaStor C:\Windows\system32\drivers\iaStor.sys
16:00:39.0425 6856 iaStor - ok
16:00:39.0550 6856 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:00:39.0581 6856 iaStorV - ok
16:00:39.0893 6856 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:00:39.0908 6856 idsvc - ok
16:00:39.0986 6856 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:00:40.0002 6856 iirsp - ok
16:00:40.0314 6856 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:00:40.0392 6856 IKEEXT - ok
16:00:40.0454 6856 [ 4FF8A2082D78255D2EB169F986BCC981 ] Impcd C:\Windows\system32\drivers\Impcd.sys
16:00:40.0517 6856 Impcd - ok
16:00:41.0250 6856 [ 2E3B99E8C23BE2BF32EBE1DB5261F275 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:00:41.0297 6856 IntcAzAudAddService - ok
16:00:41.0344 6856 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:00:41.0359 6856 intelide - ok
16:00:41.0422 6856 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
16:00:41.0453 6856 intelppm - ok
16:00:41.0531 6856 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:00:41.0609 6856 IPBusEnum - ok
16:00:41.0671 6856 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:00:41.0734 6856 IpFilterDriver - ok
16:00:41.0905 6856 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:00:42.0030 6856 iphlpsvc - ok
16:00:42.0092 6856 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:00:42.0108 6856 IPMIDRV - ok
16:00:42.0170 6856 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:00:42.0248 6856 IPNAT - ok
16:00:42.0373 6856 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:00:43.0091 6856 IRENUM - ok
16:00:43.0138 6856 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:00:43.0153 6856 isapnp - ok
16:00:43.0262 6856 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:00:43.0294 6856 iScsiPrt - ok
16:00:43.0356 6856 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
16:00:43.0356 6856 IviRegMgr - ok
16:00:43.0387 6856 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:00:43.0403 6856 kbdclass - ok
16:00:43.0418 6856 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:00:43.0465 6856 kbdhid - ok
16:00:43.0512 6856 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:00:43.0528 6856 KeyIso - ok
16:00:43.0590 6856 [ 322CD7A01A961D94C6EAB640D6427504 ] KOBCCEX C:\Windows\system32\drivers\KOBCCEX.sys
16:00:43.0637 6856 KOBCCEX - ok
16:00:43.0668 6856 [ 000200AD75DE8363546EECAFF77980FE ] KOBCCID C:\Windows\system32\drivers\KOBCCID.sys
16:00:43.0715 6856 KOBCCID - ok
16:00:43.0793 6856 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:00:43.0808 6856 KSecDD - ok
16:00:43.0886 6856 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:00:43.0902 6856 KSecPkg - ok
16:00:43.0964 6856 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:00:44.0042 6856 ksthunk - ok
16:00:44.0214 6856 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:00:44.0292 6856 KtmRm - ok
16:00:44.0386 6856 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:00:44.0464 6856 LanmanServer - ok
16:00:44.0510 6856 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:00:44.0557 6856 LanmanWorkstation - ok
16:00:44.0588 6856 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:00:44.0651 6856 lltdio - ok
16:00:44.0698 6856 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:00:44.0729 6856 lltdsvc - ok
16:00:44.0760 6856 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:00:44.0791 6856 lmhosts - ok
16:00:44.0822 6856 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:00:44.0838 6856 LSI_FC - ok
16:00:44.0854 6856 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:00:44.0869 6856 LSI_SAS - ok
16:00:44.0900 6856 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:00:44.0916 6856 LSI_SAS2 - ok
16:00:44.0932 6856 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:00:44.0947 6856 LSI_SCSI - ok
16:00:44.0978 6856 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:00:45.0056 6856 luafv - ok
16:00:45.0103 6856 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:00:45.0134 6856 Mcx2Svc - ok
16:00:45.0150 6856 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
16:00:45.0150 6856 megasas - ok
16:00:45.0181 6856 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:00:45.0181 6856 MegaSR - ok
16:00:45.0228 6856 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:00:45.0290 6856 MMCSS - ok
16:00:45.0306 6856 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:00:45.0384 6856 Modem - ok
16:00:45.0400 6856 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:00:45.0431 6856 monitor - ok
16:00:45.0462 6856 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:00:45.0478 6856 mouclass - ok
16:00:45.0509 6856 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:00:45.0540 6856 mouhid - ok
16:00:45.0587 6856 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:00:45.0602 6856 mountmgr - ok
16:00:45.0634 6856 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:00:45.0649 6856 MozillaMaintenance - ok
16:00:45.0696 6856 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
16:00:45.0712 6856 mpio - ok
16:00:45.0743 6856 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:00:45.0790 6856 mpsdrv - ok
16:00:45.0852 6856 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:00:45.0914 6856 MpsSvc - ok
16:00:45.0992 6856 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:00:46.0024 6856 MRxDAV - ok
16:00:46.0102 6856 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:00:46.0148 6856 mrxsmb - ok
16:00:46.0242 6856 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:00:46.0273 6856 mrxsmb10 - ok
16:00:46.0304 6856 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:00:46.0320 6856 mrxsmb20 - ok
16:00:46.0351 6856 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:00:46.0351 6856 msahci - ok
16:00:46.0382 6856 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:00:46.0398 6856 msdsm - ok
16:00:46.0414 6856 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:00:46.0429 6856 MSDTC - ok
16:00:46.0460 6856 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:00:46.0507 6856 Msfs - ok
16:00:46.0523 6856 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:00:46.0570 6856 mshidkmdf - ok
16:00:46.0616 6856 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:00:46.0632 6856 msisadrv - ok
16:00:46.0663 6856 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:00:46.0726 6856 MSiSCSI - ok
16:00:46.0741 6856 msiserver - ok
16:00:46.0757 6856 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:00:46.0819 6856 MSKSSRV - ok
16:00:46.0850 6856 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:00:46.0897 6856 MSPCLOCK - ok
16:00:46.0928 6856 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:00:46.0975 6856 MSPQM - ok
16:00:47.0038 6856 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:00:47.0053 6856 MsRPC - ok
16:00:47.0116 6856 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:00:47.0116 6856 mssmbios - ok
16:00:47.0147 6856 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:00:47.0209 6856 MSTEE - ok
16:00:47.0225 6856 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:00:47.0240 6856 MTConfig - ok
16:00:47.0256 6856 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:00:47.0272 6856 Mup - ok
16:00:47.0318 6856 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:00:47.0381 6856 napagent - ok
16:00:47.0474 6856 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:00:47.0506 6856 NativeWifiP - ok
16:00:47.0599 6856 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:00:47.0630 6856 NDIS - ok
16:00:47.0646 6856 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:00:47.0693 6856 NdisCap - ok
16:00:47.0708 6856 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:00:47.0755 6856 NdisTapi - ok
16:00:47.0802 6856 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:00:47.0864 6856 Ndisuio - ok
16:00:47.0927 6856 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:00:47.0974 6856 NdisWan - ok
16:00:48.0020 6856 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:00:48.0083 6856 NDProxy - ok
16:00:48.0114 6856 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:00:48.0176 6856 NetBIOS - ok
16:00:48.0223 6856 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:00:48.0270 6856 NetBT - ok
16:00:48.0301 6856 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
16:00:48.0317 6856 Netlogon - ok
16:00:48.0395 6856 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:00:48.0457 6856 Netman - ok
16:00:48.0504 6856 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:00:48.0551 6856 netprofm - ok
16:00:48.0598 6856 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:00:48.0613 6856 NetTcpPortSharing - ok
16:00:48.0863 6856 [ 4D85A450EDEF10C38882182753A49AAE ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
16:00:49.0003 6856 NETw5s64 - ok
16:00:49.0034 6856 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:00:49.0050 6856 nfrd960 - ok
16:00:49.0081 6856 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:00:49.0112 6856 NlaSvc - ok
16:00:49.0128 6856 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:00:49.0159 6856 Npfs - ok
16:00:49.0206 6856 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:00:49.0268 6856 nsi - ok
16:00:49.0284 6856 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:00:49.0346 6856 nsiproxy - ok
16:00:49.0456 6856 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:00:49.0487 6856 Ntfs - ok
16:00:49.0502 6856 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:00:49.0565 6856 Null - ok
16:00:49.0612 6856 [ AD37248BD442D41C9A896E53EB8A85EE ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
16:00:49.0643 6856 NVHDA - ok
16:00:50.0080 6856 [ CA8447574E9DAE22250C723819D3EF96 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:00:50.0298 6856 nvlddmkm - ok
16:00:50.0360 6856 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:00:50.0376 6856 nvraid - ok
16:00:50.0438 6856 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:00:50.0454 6856 nvstor - ok
16:00:50.0516 6856 [ AD1E49BCEB5D446A271C43BFA8FD71D2 ] nvsvc C:\Windows\system32\nvvsvc.exe
16:00:50.0532 6856 nvsvc - ok
16:00:50.0548 6856 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:00:50.0563 6856 nv_agp - ok
16:00:50.0594 6856 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:00:50.0641 6856 ohci1394 - ok
16:00:50.0688 6856 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:00:50.0704 6856 ose - ok
16:00:50.0906 6856 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:00:51.0031 6856 osppsvc - ok
16:00:51.0094 6856 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:00:51.0109 6856 p2pimsvc - ok
16:00:51.0187 6856 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:00:51.0203 6856 p2psvc - ok
16:00:51.0218 6856 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
16:00:51.0234 6856 Parport - ok
16:00:51.0281 6856 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:00:51.0281 6856 partmgr - ok
16:00:51.0328 6856 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:00:51.0359 6856 PcaSvc - ok
16:00:51.0437 6856 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
16:00:51.0452 6856 pci - ok
16:00:51.0468 6856 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:00:51.0484 6856 pciide - ok
16:00:51.0499 6856 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:00:51.0530 6856 pcmcia - ok
16:00:51.0546 6856 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:00:51.0562 6856 pcw - ok
16:00:51.0608 6856 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:00:51.0686 6856 PEAUTH - ok
16:00:51.0796 6856 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:00:51.0827 6856 PerfHost - ok
16:00:51.0952 6856 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:00:52.0014 6856 pla - ok
16:00:52.0061 6856 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:00:52.0076 6856 PlugPlay - ok
16:00:52.0186 6856 [ 627FA58ADC043704F9D14CA44340956F ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
16:00:52.0201 6856 PMBDeviceInfoProvider - ok
16:00:52.0232 6856 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:00:52.0264 6856 PNRPAutoReg - ok
16:00:52.0295 6856 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:00:52.0310 6856 PNRPsvc - ok
16:00:52.0342 6856 [ B8D8EC78B0F9ED8E220506181274F3D3 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
16:00:52.0357 6856 Point64 - ok
16:00:52.0404 6856 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:00:52.0466 6856 PolicyAgent - ok
16:00:52.0544 6856 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
16:00:52.0607 6856 Power - ok
16:00:52.0638 6856 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:00:52.0685 6856 PptpMiniport - ok
16:00:52.0716 6856 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
16:00:52.0732 6856 Processor - ok
16:00:52.0825 6856 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
16:00:52.0872 6856 ProfSvc - ok
16:00:52.0903 6856 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:00:52.0919 6856 ProtectedStorage - ok
16:00:52.0950 6856 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:00:53.0012 6856 Psched - ok
16:00:53.0044 6856 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
16:00:53.0044 6856 PSI_SVC_2 - ok
16:00:53.0075 6856 [ AED797CCA02783296C68AA10D0CFF8A9 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
16:00:53.0090 6856 PxHlpa64 - ok
16:00:53.0153 6856 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:00:53.0200 6856 ql2300 - ok
16:00:53.0246 6856 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:00:53.0262 6856 ql40xx - ok
16:00:53.0309 6856 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:00:53.0324 6856 QWAVE - ok
16:00:53.0340 6856 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:00:53.0371 6856 QWAVEdrv - ok
16:00:53.0387 6856 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:00:53.0434 6856 RasAcd - ok
16:00:53.0496 6856 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:00:53.0527 6856 RasAgileVpn - ok
16:00:53.0543 6856 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:00:53.0574 6856 RasAuto - ok
16:00:53.0636 6856 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:00:53.0714 6856 Rasl2tp - ok
16:00:53.0761 6856 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
16:00:53.0824 6856 RasMan - ok
16:00:53.0870 6856 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:00:53.0902 6856 RasPppoe - ok
16:00:53.0948 6856 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:00:53.0995 6856 RasSstp - ok
16:00:54.0104 6856 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:00:54.0182 6856 rdbss - ok
16:00:54.0214 6856 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
16:00:54.0276 6856 rdpbus - ok
16:00:54.0292 6856 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:00:54.0338 6856 RDPCDD - ok
16:00:54.0370 6856 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:00:54.0432 6856 RDPENCDD - ok
16:00:54.0448 6856 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:00:54.0494 6856 RDPREFMP - ok
16:00:54.0541 6856 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:00:54.0557 6856 RDPWD - ok
16:00:54.0588 6856 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:00:54.0619 6856 rdyboost - ok
16:00:54.0619 6856 [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi C:\Windows\system32\drivers\regi.sys
16:00:54.0635 6856 regi - ok
16:00:54.0760 6856 [ 3B71B5B91E7DCA93585D5A86C897ADC4 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
16:00:54.0791 6856 RegSrvc - ok
16:00:54.0822 6856 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:00:54.0869 6856 RemoteAccess - ok
16:00:54.0900 6856 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:00:54.0947 6856 RemoteRegistry - ok
16:00:54.0978 6856 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
16:00:55.0009 6856 RFCOMM - ok
16:00:55.0056 6856 [ 5CA4ABD888B602551B59BAA26941C167 ] rimspci C:\Windows\system32\drivers\rimssne64.sys
16:00:55.0103 6856 rimspci - ok
16:00:55.0118 6856 [ BB6E138AEB351728959DA5E2731D8140 ] risdsnpe C:\Windows\system32\drivers\risdsne64.sys
16:00:55.0134 6856 risdsnpe - ok
16:00:55.0212 6856 [ D151224BC11078895A60FA970728FF59 ] Roxio UPnP Renderer 10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
16:00:55.0228 6856 Roxio UPnP Renderer 10 - ok
16:00:55.0259 6856 [ 5022A927944878BD750960BD21E751AF ] Roxio Upnp Server 10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
16:00:55.0274 6856 Roxio Upnp Server 10 - ok
16:00:55.0321 6856 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:00:55.0399 6856 RpcEptMapper - ok
16:00:55.0415 6856 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:00:55.0462 6856 RpcLocator - ok
16:00:55.0540 6856 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
16:00:55.0586 6856 RpcSs - ok
16:00:55.0618 6856 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:00:55.0664 6856 rspndr - ok
16:00:55.0696 6856 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
16:00:55.0711 6856 SamSs - ok
16:00:55.0758 6856 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:00:55.0774 6856 sbp2port - ok
16:00:55.0836 6856 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:00:55.0914 6856 SCardSvr - ok
16:00:55.0945 6856 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:00:56.0008 6856 scfilter - ok
16:00:56.0101 6856 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
16:00:56.0148 6856 Schedule - ok
16:00:56.0195 6856 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:00:56.0242 6856 SCPolicySvc - ok
16:00:56.0304 6856 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
16:00:56.0335 6856 sdbus - ok
16:00:56.0382 6856 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:00:56.0413 6856 SDRSVC - ok
16:00:56.0444 6856 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:00:56.0507 6856 secdrv - ok
16:00:56.0554 6856 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
16:00:56.0632 6856 seclogon - ok
16:00:56.0663 6856 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
16:00:56.0710 6856 SENS - ok
16:00:56.0725 6856 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:00:56.0741 6856 SensrSvc - ok
16:00:56.0756 6856 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
16:00:56.0803 6856 Serenum - ok
16:00:56.0834 6856 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
16:00:56.0866 6856 Serial - ok
16:00:56.0912 6856 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:00:56.0944 6856 sermouse - ok
16:00:56.0990 6856 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
16:00:57.0053 6856 SessionEnv - ok
16:00:57.0084 6856 [ 70F9C476B62DE4F2823E918A6C181ADE ] SFEP C:\Windows\system32\drivers\SFEP.sys
16:00:57.0131 6856 SFEP - ok
16:00:57.0178 6856 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:00:57.0209 6856 sffdisk - ok
16:00:57.0224 6856 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:00:57.0256 6856 sffp_mmc - ok
16:00:57.0271 6856 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:00:57.0302 6856 sffp_sd - ok
16:00:57.0349 6856 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:00:57.0365 6856 sfloppy - ok
16:00:57.0412 6856 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:00:57.0490 6856 SharedAccess - ok
16:00:57.0568 6856 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:00:57.0614 6856 ShellHWDetection - ok
16:00:57.0630 6856 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:00:57.0646 6856 SiSRaid2 - ok
16:00:57.0661 6856 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:00:57.0677 6856 SiSRaid4 - ok
16:00:57.0755 6856 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:00:57.0770 6856 SkypeUpdate - ok
16:00:57.0817 6856 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:00:57.0880 6856 Smb - ok
16:00:57.0911 6856 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:00:57.0958 6856 SNMPTRAP - ok
16:00:58.0036 6856 [ 98886C88A1CB13D61672AE2C638B7E1C ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
16:00:58.0051 6856 SOHCImp - ok
16:00:58.0067 6856 [ 442A13F395546F4564C377296D43B564 ] SOHDBSvr C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
16:00:58.0067 6856 SOHDBSvr - ok
16:00:58.0114 6856 [ 556681BE668D71DC162391A45422B52C ] SOHDms C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
16:00:58.0129 6856 SOHDms - ok
16:00:58.0145 6856 [ 72B46103E4111439109ACF5882627C24 ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
16:00:58.0145 6856 SOHDs - ok
16:00:58.0160 6856 [ 725B6E9CD1959271AC993DC035E1606D ] SOHPlMgr C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
16:00:58.0176 6856 SOHPlMgr - ok
16:00:58.0207 6856 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:00:58.0223 6856 spldr - ok
16:00:58.0301 6856 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
16:00:58.0316 6856 Spooler - ok
16:00:58.0488 6856 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
16:00:58.0613 6856 sppsvc - ok
16:00:58.0644 6856 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:00:58.0706 6856 sppuinotify - ok
16:00:58.0753 6856 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
16:00:58.0816 6856 srv - ok
16:00:58.0847 6856 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:00:58.0878 6856 srv2 - ok
16:00:58.0909 6856 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:00:58.0925 6856 srvnet - ok
16:00:58.0987 6856 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:00:59.0065 6856 SSDPSRV - ok
16:00:59.0081 6856 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:00:59.0128 6856 SstpSvc - ok
16:00:59.0143 6856 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:00:59.0159 6856 stexstor - ok
16:00:59.0190 6856 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
16:00:59.0221 6856 StillCam - ok
16:00:59.0284 6856 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:00:59.0346 6856 stisvc - ok
16:00:59.0377 6856 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
16:00:59.0377 6856 swenum - ok
16:00:59.0455 6856 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:00:59.0533 6856 swprv - ok
16:00:59.0611 6856 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
16:00:59.0674 6856 SysMain - ok
16:00:59.0736 6856 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:00:59.0767 6856 TabletInputService - ok
16:00:59.0798 6856 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:00:59.0845 6856 TapiSrv - ok
16:00:59.0892 6856 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:00:59.0954 6856 TBS - ok
16:01:00.0032 6856 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:01:00.0095 6856 Tcpip - ok
16:01:00.0110 6856 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:01:00.0173 6856 TCPIP6 - ok
16:01:00.0220 6856 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:01:00.0235 6856 tcpipreg - ok
16:01:00.0266 6856 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:01:00.0282 6856 TDPIPE - ok
16:01:00.0344 6856 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:01:00.0360 6856 TDTCP - ok
16:01:00.0407 6856 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:01:00.0469 6856 tdx - ok
16:01:00.0485 6856 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
16:01:00.0500 6856 TermDD - ok
16:01:00.0578 6856 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
16:01:00.0641 6856 TermService - ok
16:01:00.0672 6856 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:01:00.0719 6856 Themes - ok
16:01:00.0750 6856 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:01:00.0797 6856 THREADORDER - ok
16:01:00.0828 6856 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:01:00.0890 6856 TrkWks - ok
16:01:00.0953 6856 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:01:01.0000 6856 TrustedInstaller - ok
16:01:01.0046 6856 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:01:01.0093 6856 tssecsrv - ok
16:01:01.0156 6856 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:01:01.0171 6856 TsUsbFlt - ok
16:01:01.0218 6856 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:01:01.0280 6856 tunnel - ok
16:01:01.0327 6856 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:01:01.0327 6856 uagp35 - ok
16:01:01.0390 6856 [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
16:01:01.0390 6856 uCamMonitor - ok
16:01:01.0452 6856 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:01:01.0514 6856 udfs - ok
16:01:01.0561 6856 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:01:01.0577 6856 UI0Detect - ok
16:01:01.0592 6856 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:01:01.0608 6856 uliagpkx - ok
16:01:01.0639 6856 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
16:01:01.0670 6856 umbus - ok
16:01:01.0686 6856 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
16:01:01.0702 6856 UmPass - ok
16:01:01.0733 6856 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:01:01.0795 6856 upnphost - ok
16:01:01.0811 6856 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:01:01.0842 6856 usbccgp - ok
16:01:01.0873 6856 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:01:01.0889 6856 usbcir - ok
16:01:01.0936 6856 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
16:01:01.0967 6856 usbehci - ok
16:01:01.0998 6856 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:01:02.0029 6856 usbhub - ok
16:01:02.0060 6856 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:01:02.0076 6856 usbohci - ok
16:01:02.0107 6856 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:01:02.0138 6856 usbprint - ok
16:01:02.0154 6856 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:01:02.0170 6856 USBSTOR - ok
16:01:02.0185 6856 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:01:02.0216 6856 usbuhci - ok
16:01:02.0279 6856 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
16:01:02.0294 6856 usbvideo - ok
16:01:02.0341 6856 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:01:02.0404 6856 UxSms - ok
16:01:02.0497 6856 [ 4E7135D6D0127067E4CFEE12259F895D ] VAIO Entertainment TV Device Arbitration Service C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
16:01:02.0513 6856 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - warning
16:01:02.0513 6856 VAIO Entertainment TV Device Arbitration Service - detected UnsignedFile.Multi.Generic (1)
16:01:02.0560 6856 [ 6B31C9CB94927DBEEB62E15275F4CC54 ] VAIO Event Service C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
16:01:02.0575 6856 VAIO Event Service - ok
16:01:02.0731 6856 [ B8C9A7010AFD5CBBE194CB9EF7C4FD14 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
16:01:02.0747 6856 VAIO Power Management - ok
16:01:02.0778 6856 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
16:01:02.0794 6856 VaultSvc - ok
16:01:02.0903 6856 [ 6A740F5FF3246C3BE3DD317299EFC88E ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
16:01:02.0918 6856 VCFw - ok
16:01:02.0996 6856 [ 10E212BFB7EAB152A64C1AAEC2F7F4E0 ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
16:01:03.0012 6856 VcmIAlzMgr - ok
16:01:03.0090 6856 [ 9D9B34B430B4DC683112F59C80D20AB8 ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
16:01:03.0106 6856 VcmINSMgr - ok
16:01:03.0184 6856 [ 8EFAACCC7BFA1E9031EFDFB01A1B0D69 ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
16:01:03.0199 6856 VcmXmlIfHelper - ok
16:01:03.0230 6856 [ D347D3ABE070AA09C22FC37121555D52 ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe
16:01:03.0246 6856 VCService - ok
16:01:03.0308 6856 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:01:03.0324 6856 vdrvroot - ok
16:01:03.0402 6856 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
16:01:03.0464 6856 vds - ok
16:01:03.0511 6856 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:01:03.0542 6856 vga - ok
16:01:03.0558 6856 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:01:03.0605 6856 VgaSave - ok
16:01:03.0667 6856 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:01:03.0683 6856 vhdmp - ok
16:01:03.0745 6856 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:01:03.0745 6856 viaide - ok
16:01:03.0776 6856 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:01:03.0792 6856 volmgr - ok
16:01:03.0870 6856 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:01:03.0886 6856 volmgrx - ok
16:01:03.0979 6856 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:01:03.0995 6856 volsnap - ok
16:01:04.0010 6856 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:01:04.0026 6856 vsmraid - ok
16:01:04.0088 6856 [ 047F22BDFDAE6DF6F1E47E747A1237A2 ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
16:01:04.0120 6856 VSNService ( UnsignedFile.Multi.Generic ) - warning
16:01:04.0120 6856 VSNService - detected UnsignedFile.Multi.Generic (1)
16:01:04.0182 6856 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:01:04.0260 6856 VSS - ok
16:01:04.0369 6856 [ D2D646D4D686C6996BA1FF96E11BE570 ] VUAgent C:\Program Files\Sony\VAIO Update\VUAgent.exe
16:01:04.0416 6856 VUAgent - ok
16:01:04.0432 6856 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:01:04.0463 6856 vwifibus - ok
16:01:04.0478 6856 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:01:04.0510 6856 vwififlt - ok
16:01:04.0525 6856 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
16:01:04.0556 6856 vwifimp - ok
16:01:04.0588 6856 [ D8BEF4AC1EAC809DBDBD441D6CFF6C4C ] VzCdbSvc C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
16:01:04.0588 6856 VzCdbSvc ( UnsignedFile.Multi.Generic ) - warning
16:01:04.0588 6856 VzCdbSvc - detected UnsignedFile.Multi.Generic (1)
16:01:04.0634 6856 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:01:04.0681 6856 W32Time - ok
16:01:04.0712 6856 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:01:04.0744 6856 WacomPen - ok
16:01:04.0790 6856 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:01:04.0853 6856 WANARP - ok
16:01:04.0853 6856 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:01:04.0915 6856 Wanarpv6 - ok
16:01:04.0978 6856 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
16:01:05.0009 6856 wbengine - ok
16:01:05.0056 6856 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:01:05.0071 6856 WbioSrvc - ok
16:01:05.0149 6856 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:01:05.0180 6856 wcncsvc - ok
16:01:05.0196 6856 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:01:05.0212 6856 WcsPlugInService - ok
16:01:05.0243 6856 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
16:01:05.0258 6856 Wd - ok
16:01:05.0321 6856 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:01:05.0336 6856 Wdf01000 - ok
16:01:05.0368 6856 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:01:05.0399 6856 WdiServiceHost - ok
16:01:05.0399 6856 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:01:05.0414 6856 WdiSystemHost - ok
16:01:05.0508 6856 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
16:01:05.0555 6856 WebClient - ok
16:01:05.0586 6856 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:01:05.0664 6856 Wecsvc - ok
16:01:05.0680 6856 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:01:05.0758 6856 wercplsupport - ok
16:01:05.0789 6856 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:01:05.0867 6856 WerSvc - ok
16:01:05.0914 6856 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:01:05.0960 6856 WfpLwf - ok
16:01:05.0976 6856 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:01:05.0992 6856 WIMMount - ok
16:01:06.0023 6856 WinDefend - ok
16:01:06.0038 6856 WinHttpAutoProxySvc - ok
16:01:06.0132 6856 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:01:06.0194 6856 Winmgmt - ok
16:01:06.0319 6856 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
16:01:06.0413 6856 WinRM - ok
16:01:06.0444 6856 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:01:06.0491 6856 WinUsb - ok
16:01:06.0569 6856 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:01:06.0616 6856 Wlansvc - ok
16:01:06.0647 6856 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:01:06.0678 6856 WmiAcpi - ok
16:01:06.0709 6856 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:01:06.0740 6856 wmiApSrv - ok
16:01:06.0756 6856 WMPNetworkSvc - ok
16:01:06.0772 6856 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:01:06.0787 6856 WPCSvc - ok
16:01:06.0834 6856 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:01:06.0850 6856 WPDBusEnum - ok
16:01:06.0881 6856 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:01:06.0959 6856 ws2ifsl - ok
16:01:06.0990 6856 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
16:01:07.0021 6856 wscsvc - ok
16:01:07.0037 6856 WSearch - ok
16:01:07.0240 6856 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:01:07.0286 6856 wuauserv - ok
16:01:07.0333 6856 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:01:07.0364 6856 WudfPf - ok
16:01:07.0380 6856 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:01:07.0427 6856 WUDFRd - ok
16:01:07.0474 6856 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:01:07.0489 6856 wudfsvc - ok
16:01:07.0552 6856 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
16:01:07.0598 6856 WwanSvc - ok
16:01:07.0692 6856 [ 6AFFD75C6807B3DD3AB018E27B88EF95 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
16:01:07.0739 6856 yukonw7 - ok
16:01:07.0754 6856 ================ Scan global ===============================
16:01:07.0786 6856 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:01:07.0848 6856 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
16:01:07.0848 6856 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
16:01:07.0879 6856 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:01:07.0926 6856 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:01:07.0926 6856 [Global] - ok
16:01:07.0926 6856 ================ Scan MBR ==================================
16:01:07.0942 6856 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:01:08.0285 6856 \Device\Harddisk0\DR0 - ok
16:01:08.0285 6856 ================ Scan VBR ==================================
16:01:08.0285 6856 [ B075350F0E2E906626AFA655B02DEA20 ] \Device\Harddisk0\DR0\Partition1
16:01:08.0285 6856 \Device\Harddisk0\DR0\Partition1 - ok
16:01:08.0316 6856 [ 6DFC446AC7C7BF87F4EBC2D9F954570F ] \Device\Harddisk0\DR0\Partition2
16:01:08.0316 6856 \Device\Harddisk0\DR0\Partition2 - ok
16:01:08.0316 6856 ============================================================
16:01:08.0316 6856 Scan finished
16:01:08.0316 6856 ============================================================
16:01:08.0332 5828 Detected object count: 3
16:01:08.0332 5828 Actual detected object count: 3
16:01:53.0369 5828 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - skipped by user
16:01:53.0369 5828 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:01:53.0369 5828 VSNService ( UnsignedFile.Multi.Generic ) - skipped by user
16:01:53.0369 5828 VSNService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:01:53.0369 5828 VzCdbSvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:01:53.0369 5828 VzCdbSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
01.02.2013, 16:20
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TrojanDownloader:Win32/Adload.Da-Virus Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm!
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.02.2013, 16:47
| #10 |
| | TrojanDownloader:Win32/Adload.Da-VirusCode:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-01 16:45:24
-----------------------------
16:45:24.328 OS Version: Windows x64 6.1.7601 Service Pack 1
16:45:24.328 Number of processors: 4 586 0x2502
16:45:24.328 ComputerName: TANJA-VAIO UserName: Tanja
16:45:25.966 Initialize success
16:45:34.078 AVAST engine defs: 13020100
16:45:41.473 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
16:45:41.473 Disk 0 Vendor: SAMSUNG_ 2AC1 Size: 476940MB BusType: 3
16:45:41.473 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000067
16:45:41.473 Disk 1 Vendor: RICOH 02 Size: 476940MB BusType: 0
16:45:41.473 Disk 2 \Device\Harddisk2\DR2 -> \Device\00000068
16:45:41.473 Disk 2 Vendor: RICOH 02 Size: 476940MB BusType: 0
16:45:41.520 Disk 0 MBR read successfully
16:45:41.520 Disk 0 MBR scan
16:45:41.520 Disk 0 Windows 7 default MBR code
16:45:41.551 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 10939 MB offset 2048
16:45:41.582 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 22405120
16:45:41.598 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 465899 MB offset 22609920
16:45:41.629 Disk 0 scanning C:\Windows\system32\drivers
16:45:57.057 Service scanning
16:46:26.214 Modules scanning
16:46:26.214 Disk 0 trace - called modules:
16:46:26.245 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
16:46:26.245 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006e20060]
16:46:26.245 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa8005212340]
16:46:26.261 5 ACPI.sys[fffff88000f837a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8006025050]
16:46:26.261 Scan finished successfully
16:46:41.049 Disk 0 MBR has been saved successfully to "C:\Users\Tanja\Desktop\MBR.dat"
16:46:41.049 The log file has been saved successfully to "C:\Users\Tanja\Desktop\aswMBR.txt"
|
|
01.02.2013, 16:48
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TrojanDownloader:Win32/Adload.Da-Virus adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.02.2013, 18:38
| #12 |
| | TrojanDownloader:Win32/Adload.Da-VirusCode:
ATTFilter # AdwCleaner v2.109 - Datei am 01/02/2013 um 18:00:16 erstellt
# Aktualisiert am 26/01/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Tanja - TANJA-VAIO
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Tanja\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Ordner Gelöscht : C:\ProgramData\Partner
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.7601.17514
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v15.0.1 (de)
Datei : C:\Users\Tanja\AppData\Roaming\Mozilla\Firefox\Profiles\6j3uywea.default\prefs.js
C:\Users\Tanja\AppData\Roaming\Mozilla\Firefox\Profiles\6j3uywea.default\user.js ... Gelöscht !
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [1107 octets] - [01/02/2013 18:00:16]
########## EOF - C:\AdwCleaner[S1].txt - [1167 octets] ##########
Code:
ATTFilter OTL Extras logfile created on: 01.02.2013 18:15:01 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tanja\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
5,98 Gb Total Physical Memory | 4,23 Gb Available Physical Memory | 70,76% Memory free
11,96 Gb Paging File | 10,20 Gb Available in Paging File | 85,25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 454,98 Gb Total Space | 231,71 Gb Free Space | 50,93% Space Free | Partition Type: NTFS
Computer Name: TANJA-VAIO | User Name: Tanja | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10B442BD-DFB5-4E86-90E0-CFC90BC59E05}" = lport=10243 | protocol=6 | dir=in | app=system |
"{110645FA-BB19-46CF-B7A2-8E76DDB1CF21}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{21D03D28-EF68-4C13-AF4E-3CE0CAFA7D95}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{35F51B6B-CDCB-4D72-9260-E3826BFE3E16}" = lport=2869 | protocol=6 | dir=in | app=system |
"{37BE7AD7-3C1D-47C2-859D-F81BA53FDD0E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{516FCAD6-851D-433F-A983-8BBC3F689FC8}" = lport=138 | protocol=17 | dir=in | app=system |
"{5393DC26-67E3-44ED-90DE-BED9579C6F43}" = lport=445 | protocol=6 | dir=in | app=system |
"{57CB749C-D1C9-455E-A2EF-8D383ACBFA2D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{64A3E7FF-AB44-4A6C-AF59-51AD7E9F0D07}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{66D3BED6-D9F6-4D90-89D7-0E12F5AA90E0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{6E21C973-F5DB-4E1C-8978-FE6ECDBB83B0}" = rport=139 | protocol=6 | dir=out | app=system |
"{705BD42A-28C8-405A-99EB-4010E091D7D2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7FD074BB-1DEC-4BA0-A01A-AE3594476FBD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{8792BBE2-0F3C-4F06-A2C0-C08761A072D7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A782875F-F385-4C91-98C9-1071FAF5306B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AA5344F8-ACA1-48EE-88F0-0B62C5B42B42}" = rport=138 | protocol=17 | dir=out | app=system |
"{AD05BCE5-1478-451B-9A2F-8C6597DB278B}" = lport=139 | protocol=6 | dir=in | app=system |
"{B5272B77-9C94-4DCE-8A7C-5C5438DAC172}" = rport=445 | protocol=6 | dir=out | app=system |
"{C2BC52AF-0E86-4C60-8C0F-EA6E73A2D8A4}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C2EDCCCF-BA4A-434C-B0C0-0858DBD773E8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D3282030-F4D6-4EF7-BEA0-790885C55F04}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DA7059A6-C12F-4933-BE23-9612DD136CC1}" = lport=137 | protocol=17 | dir=in | app=system |
"{DB4DF86F-03AD-4BD4-81D8-774BFEA7555E}" = rport=137 | protocol=17 | dir=out | app=system |
"{FE942CA7-A3FA-4350-95A6-7338163E41AC}" = rport=10243 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{158EA3F7-DDD6-4FAD-BBD8-5185250DDD08}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{18A0B89B-C0D0-4EA7-AE8C-86260A92AD4D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{18CAA21B-4C93-4AAC-98EF-11D80E91A59E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{240EAEB4-9657-4719-8005-776FCD37FD69}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2DB0E936-E6FE-4609-B6E8-2566FEA183FB}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohcimp.exe |
"{3D65CA5B-1479-4BF7-8DE0-646294859A6A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{41CC3F14-262B-4484-BF28-C596DF83A90C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{42CE20A8-9C18-4739-8A50-2DD1B059E46F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{51FFC3B5-0A27-4B90-93E0-E3D136E793D7}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5ACAE82E-8775-409E-8A67-12C96E66304D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{75C739D6-36AD-4310-B21A-D2ECEDA39B38}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7FDD127F-7E9F-4A9C-B724-E02A6C7742C1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{88CD3C6D-16EC-4165-9F1C-F20CA06BA962}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{8B83A074-395D-4083-B12B-AD01CC148589}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{93078FBE-F6BD-4904-A012-DCBF649FF957}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{94174445-0B46-4AA2-A3C6-551545ACA17C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9848A389-B4FB-44E2-B43D-31175CA26D9F}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohds.exe |
"{A62F404F-835B-47DB-A5DC-F281B828099F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A65C2F8B-3A9D-4532-8EED-CFE8434DF34D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A7BC2CBC-BD4C-47BC-93D3-D229021EB9CD}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A80C787D-7903-4511-A2DD-2F0A0281AFB3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B6C31C9C-027A-419E-A277-038F8DE0B8A1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BD07967F-E6F2-4866-B51D-F9C6C66B1BF4}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohdms.exe |
"{C9B9BCDA-E0B2-41C9-9BA0-A8F829550C97}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{EDEA445E-EE0A-4CBD-9448-F8BC2FB858A0}" = protocol=6 | dir=out | app=system |
"{F6329B86-F4A0-4ECE-BBFB-66D07D24A187}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{52762EA3-8084-4354-BD62-309285570374}C:\program files (x86)\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe |
"TCP Query User{A0979C04-FDB8-468D-8BA5-6BF363EC93DA}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{CD410506-F9C7-4149-BDB1-0DD1B6921569}C:\program files (x86)\aom software\voris\fb\bin\fbserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\aom software\voris\fb\bin\fbserver.exe |
"UDP Query User{1689C937-5DEF-4054-ADFB-6F5B1A0C3241}C:\program files (x86)\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe |
"UDP Query User{76A96D1E-8993-41C7-951A-1932A99B8800}C:\program files (x86)\aom software\voris\fb\bin\fbserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\aom software\voris\fb\bin\fbserver.exe |
"UDP Query User{B4528A71-79F3-4EA7-A003-B5CE778750AD}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP980_series" = Canon MP980 series MP Drivers
"{26A24AE4-039D-4CA4-87B4-2F86416016FF}" = Java(TM) 6 Update 16 (64-bit)
"{393A9268-A428-4F5A-9B20-BD753309A98E}" = Click to Disc MergeModules x64
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{6B7DE186-374B-4873-AEC1-7464DA337DD6}" = VU5x64
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{C37B6246-7D4A-4E5C-BFB4-11C8660BDC99}" = VAIO Movie Story MergeModules x64
"{CCAFF072-4DDB-4846-963D-15F02A8E9472}" = Intel(R) PROSet/Wireless WiFi-Software
"{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F83779DF-E1F5-43A2-A7BE-732F856FADB7}" = Microsoft SQL Server Compact 3.5 SP1 x64 English
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"930E4792BDAEAFB62A9514EE7578775658A5D07C" = Windows Driver Package - Broadcom Bluetooth (09/09/2009 6.2.0.9405)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel PROSet Wireless
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007C5268-FB1C-49B9-A5E7-37D66DE46B9C}" = Online Plug-in
"{00B03993-F5A1-47B1-9C54-EC8FBDDDE17E}" = VAIO Care
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{12D0BE8D-538C-4AB1-86DE-C540308F50DA}" = VAIO Content Metadata Manager Settings
"{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"{1E450972-E996-4EC1-A4C3-1518A46928D0}" = VAIO Content Metadata Intelligent Network Service Manager
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{1FD416D0-CC16-41D1-A25C-C9986CD8BBAB}" = VAIO Content Metadata Intelligent Analyzing Manager
"{208345BE-27BB-4367-B245-A5B6E764FDD0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = Einstellungen für VAIO-Inhaltsüberwachung
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 35
"{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}" = VAIO Content Metadata XML Interface Library
"{2DE9C112-2482-4D27-AA90-1504DFD9F117}" = Citrix Authentication Manager
"{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = PMB VAIO Edition Guide
"{34DC654E-6E43-4BFA-9E00-6C16CFA7B9F0}" = VAIO Data Restore Tool
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{37531547-B1F4-45E6-98FC-8AF5F2F0EAA4}" = VAIO Content Metadata Manager Settings
"{3ECA0079-088F-4E69-B66A-65D5E687B092}" = KOBIL Chipkartenterminal Treiber V2.2.11s Build: 20100615.1
"{43EF7CA8-0439-4677-BE6B-749B4562BBB6}" = KOBIL drivers x64x86 installation
"{4427F384-B5BE-4769-B7D0-C784FC321EB1}" = VAIO Content Metadata Intelligent Network Service Manager
"{4882EBF5-CA37-4EF4-BCB8-9B0E78B907D0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D320CE8-79EB-4D45-8C6D-DEF74D84B49A}" = VAIO Window Organizer
"{6D8ED20E-E792-4DAC-BB66-009836CBD80B}" = VAIO Content Monitoring Settings
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7392AA60-133D-4761-94DB-8FBC9B6CD5EA}" = VAIO Content Metadata Intelligent Network Service Manager
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" = VAIO Energie Verwaltung
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8EC50898-E24A-4C0C-A1F2-A71A8DBF291F}" = Citrix Receiver Inside
"{8FA63AA5-7138-4B6F-8404-F18835E2B8F4}" = Media Gallery
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{96D8E26D-70CB-44DE-AE50-43095A39E5B2}" = VAIO Entertainment Platform
"{97E038E1-41AD-4C93-BCDC-6A2394AEE352}" = Vegas Movie Studio Platinum 9.0
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9B163B82-3B46-4CE5-BF01-A53E550A8E58}" = Sony Home Network Library
"{9D12A8B5-9D41-4465-BF11-70719EB0CD02}" = VU5x86
"{9DA53D22-D922-494C-B1D7-51CD9BCB9E4A}" = VAIO Hardware Diagnostics
"{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}" = VAIO Update
"{A0791198-3F0C-4FB4-870C-5734C4CB5F16}" = Citrix Receiver (USB)
"{A3563827-B0DB-44DC-B037-15CC4E5E692F}" = VAIO Content Metadata XML Interface Library
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Funktion Einstellungen
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A8517496-CC0A-4539-A8D1-71A14A3FDF87}_is1" = VORIS 2011
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A95187EF-BCF4-4468-B501-C0BAB976ADD1}" = VAIO Personalization Manager
"{AB259D46-F851-41B0-9AFA-AED8998AD68A}" = MusicStation
"{AC050677-EAFC-4B57-8F83-8205F65134D2}" = VAIO Content Metadata XML Interface Library
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.3 - Deutsch
"{B1DADBEB-7F82-4B29-84D6-5F14A020F0A0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"{B48A3CE4-2F1E-45EF-841A-C0A3C407EB0F}" = Self-Service Plug-in
"{B4D8A5FE-83C9-44AB-88C7-9AB30EFE482A}" = Citrix Receiver(Aero)
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{BCA907B6-5A0F-473E-8C63-0FF0CFAEB7B7}" = VAIO Personalization Manager
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C7C7FA4B-40FF-4B4E-A566-1ABF8FAC38BB}" = Citrix Receiver (HDX Flash-Umleitung)
"{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}" = Sony Home Network Library
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{D777101F-1708-46ED-916E-3BE885F78F55}" = Citrix Receiver (DV)
"{DD88F979-FA58-41AC-980C-A6E1A82B61D9}" = Media Gallery
"{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3
"{DF0415CC-0563-407F-B560-9B7F277122C5}" = VAIO BD Menu Data
"{E3DC1111-5D32-40F9-BB81-64E31294C1A4}" = VAIO Personalization Manager
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1432614-6183-49E6-98E8-674485463CFE}" = VAIO Original Function Settings
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"Canon MP980 series Benutzerregistrierung" = Canon MP980 series Benutzerregistrierung
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CitrixOnlinePluginPackWeb" = Citrix Receiver
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-PhotoPrint Pro" = Canon Utilities Easy-PhotoPrint Pro
"Google Chrome" = Google Chrome
"InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = VAIO - PMB VAIO Edition Guide
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"MarketingTools" = VAIO Marketing Tools
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.SingleImage" = Microsoft Office Professional 2010
"Smart card bundle_is1" = Smart card bundle 0.10
"VAIO Help and Support" =
"VAIO Premium Partners" = VAIO Premium Partners
"VAIO screensaver" = VAIO screensaver
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 30.01.2013 18:29:02 | Computer Name = Tanja-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
Error - 31.01.2013 13:18:06 | Computer Name = Tanja-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA})
(Fehlercode = 0x80042000)
Error - 31.01.2013 13:18:06 | Computer Name = Tanja-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
Error - 01.02.2013 07:53:21 | Computer Name = Tanja-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA})
(Fehlercode = 0x80042000)
Error - 01.02.2013 07:53:22 | Computer Name = Tanja-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
Error - 01.02.2013 08:48:09 | Computer Name = Tanja-VAIO | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 01.02.2013 08:48:09 | Computer Name = Tanja-VAIO | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 01.02.2013 08:48:09 | Computer Name = Tanja-VAIO | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 01.02.2013 08:48:09 | Computer Name = Tanja-VAIO | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 01.02.2013 11:45:11 | Computer Name = Tanja-VAIO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: aswMBR.exe, Version: 0.9.9.1707,
Zeitstempel: 0x509be8bf Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec49b8f Ausnahmecode: 0xc0000005 Fehleroffset: 0x0002e3be ID des fehlerhaften
Prozesses: 0x1448 Startzeit der fehlerhaften Anwendung: 0x01ce0091cfa7b5a2 Pfad der
fehlerhaften Anwendung: C:\Users\Tanja\Desktop\aswMBR.exe Pfad des fehlerhaften
Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 5c12ad6c-6c86-11e2-b76a-54424911efca
Error - 01.02.2013 13:02:30 | Computer Name = Tanja-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA})
(Fehlercode = 0x80042000)
Error - 01.02.2013 13:02:30 | Computer Name = Tanja-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
[ System Events ]
Error - 01.02.2013 08:00:40 | Computer Name = Tanja-VAIO | Source = Service Control Manager | ID = 7022
Description = Der Dienst "VAIO Care Performance Service" wurde nicht richtig gestartet.
Error - 01.02.2013 08:04:17 | Computer Name = Tanja-VAIO | Source = DCOM | ID = 10010
Description =
Error - 01.02.2013 08:04:29 | Computer Name = Tanja-VAIO | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error - 01.02.2013 11:05:54 | Computer Name = Tanja-VAIO | Source = DCOM | ID = 10016
Description =
Error - 01.02.2013 13:02:26 | Computer Name = Tanja-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Roxio Upnp Server 10 erreicht.
Error - 01.02.2013 13:05:24 | Computer Name = Tanja-VAIO | Source = Service Control Manager | ID = 7022
Description = Der Dienst "VAIO Media plus Digital Media Server" wurde nicht richtig
gestartet.
Error - 01.02.2013 13:09:03 | Computer Name = Tanja-VAIO | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 01.02.2013 13:11:10 | Computer Name = Tanja-VAIO | Source = Service Control Manager | ID = 7022
Description = Der Dienst "VAIO Care Performance Service" wurde nicht richtig gestartet.
Error - 01.02.2013 13:14:29 | Computer Name = Tanja-VAIO | Source = DCOM | ID = 10010
Description =
Error - 01.02.2013 13:14:29 | Computer Name = Tanja-VAIO | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Windows Update" wurde nicht richtig gestartet.
< End of report >
Code:
ATTFilter OTL logfile created on: 01.02.2013 18:15:01 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tanja\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 5,98 Gb Total Physical Memory | 4,23 Gb Available Physical Memory | 70,76% Memory free 11,96 Gb Paging File | 10,20 Gb Available in Paging File | 85,25% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 454,98 Gb Total Space | 231,71 Gb Free Space | 50,93% Space Free | Partition Type: NTFS Computer Name: TANJA-VAIO | User Name: Tanja | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Tanja\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe (Citrix Systems, Inc.) PRC - C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe (Citrix Systems, Inc.) PRC - C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.) PRC - C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe (Citrix Systems, Inc.) PRC - C:\Programme\Sony\VAIO Care\listener.exe (Sony of America Corporation) PRC - C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe (Sony Corporation) PRC - C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) PRC - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe (Sony Corporation) PRC - C:\Program Files (x86)\SONY\Media Gallery\ElbServer.exe (Sony Corporation) PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Personalization Manager\VpmLM.exe (Sony Corporation) PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.) PRC - C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.) PRC - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) PRC - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll () MOD - C:\Programme\Sony\VAIO Personalization Manager\sqlite3.dll () ========== Services (SafeList) ========== SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update\VUAgent.exe (Sony Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (VCService) -- C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation) SRV - (VSNService) -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation) SRV - (VAIO Event Service) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe (Sony Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (VcmXmlIfHelper) -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation) SRV - (VcmIAlzMgr) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation) SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation) SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation) SRV - (SOHPlMgr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe (Sony Corporation) SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation) SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation) SRV - (SOHDBSvr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe (Sony Corporation) SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation) SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV - (VzCdbSvc) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation) SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV - (VcmINSMgr) -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation) SRV - (Roxio Upnp Server 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe (Sonic Solutions) SRV - (Roxio UPnP Renderer 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe (Sonic Solutions) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.) SRV - (PSI_SVC_2) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) SRV - (IviRegMgr) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) ========== Driver Services (SafeList) ========== DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (ctxusbm) -- C:\Windows\SysNative\drivers\ctxusbm.sys (Citrix Systems, Inc.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (KOBCCEX) -- C:\Windows\SysNative\drivers\KOBCCEX.sys (KOBIL Systems GmbH) DRV:64bit: - (KOBCCID) -- C:\Windows\SysNative\drivers\KOBCCID.sys (KOBIL Systems GmbH) DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation) DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.) DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.) DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.) DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.) DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (rimspci) -- C:\Windows\SysNative\drivers\rimssne64.sys (REDC) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (risdsnpe) -- C:\Windows\SysNative\drivers\risdsne64.sys (REDC) DRV:64bit: - (NETw5s64) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation) DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation) DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (regi) -- C:\Windows\SysNative\drivers\regi.sys (InterVideo) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (regi) -- C:\Windows\SysWOW64\drivers\regi.sys (InterVideo) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-724336481-3898033179-696243705-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01 IE - HKU\S-1-5-21-724336481-3898033179-696243705-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-724336481-3898033179-696243705-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKU\S-1-5-21-724336481-3898033179-696243705-1000\..\SearchScopes,DefaultScope = {4E74D889-955C-4EB7-A6C3-71D144E1F2C1} IE - HKU\S-1-5-21-724336481-3898033179-696243705-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-724336481-3898033179-696243705-1000\..\SearchScopes\{4E74D889-955C-4EB7-A6C3-71D144E1F2C1}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SVEC IE - HKU\S-1-5-21-724336481-3898033179-696243705-1000\..\SearchScopes\{5AFF30F8-EBA6-47A0-8188-29499155AF38}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-0/4?satitle={searchTerms} IE - HKU\S-1-5-21-724336481-3898033179-696243705-1000\..\SearchScopes\{6F18D802-A1E3-49EB-AA92-94EF5DAE0B42}: "URL" = hxxp://www.zinio.com/search/index.jsp?s={searchTerms}&rf=sonyie8search IE - HKU\S-1-5-21-724336481-3898033179-696243705-1000\..\SearchScopes\{F2BB138A-F4F7-45C1-A738-BF19D35757FD}: "URL" = hxxp://de.shopping.com/?linkin_id=8056363 IE - HKU\S-1-5-21-724336481-3898033179-696243705-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "https://flexnow3.uni-giessen.de/flexnow/index.html" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30 FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Citrix.com/npican: C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Program Files (x86)\Google\Update\1.2.183.7\npGoogleOneClick8.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.05 17:54:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.01.30 22:07:28 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.05 17:54:53 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.01.30 22:07:28 | 000,000,000 | ---D | M] [2010.10.07 09:17:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tanja\AppData\Roaming\mozilla\Extensions [2012.11.19 18:39:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tanja\AppData\Roaming\mozilla\Firefox\Profiles\6j3uywea.default\extensions [2012.09.04 14:12:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.06.20 16:07:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012.09.04 14:12:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012.11.05 17:54:53 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.11.05 17:54:49 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.11.05 17:54:49 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.11.05 17:54:49 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.11.05 17:54:49 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.11.05 17:54:49 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.11.05 17:54:49 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (CtxIEInterceptorBHO Class) - {2C4631FF-5CC8-4EBC-A0DF-34C92291759E} - C:\Program Files (x86)\Citrix\ICA Client\IEInterceptor.dll (Citrix Systems, Inc.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.) O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-724336481-3898033179-696243705-1000..\Run: [Elbserver] C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe (Sony Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab (20-20 3D Viewer for IKEA) O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_Win32.cab (20-20 3D Viewer) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx (WRC Class) O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8ABCCEA5-814C-4A5F-9BAB-937AF458DA1D}: DhcpNameServer = 192.168.2.1 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB8C9484-BDD0-485F-9085-847F9BF303D0}: DhcpNameServer = 192.168.2.1 192.168.2.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found O18:64bit: - Protocol\Filter\application/x-ica; charset=euc-jp - No CLSID value found O18:64bit: - Protocol\Filter\application/x-ica; charset=ISO-8859-1 - No CLSID value found O18:64bit: - Protocol\Filter\application/x-ica; charset=MS936 - No CLSID value found O18:64bit: - Protocol\Filter\application/x-ica; charset=MS949 - No CLSID value found O18:64bit: - Protocol\Filter\application/x-ica; charset=MS950 - No CLSID value found O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF8 - No CLSID value found O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF-8 - No CLSID value found O18:64bit: - Protocol\Filter\application/x-ica;charset=euc-jp - No CLSID value found O18:64bit: - Protocol\Filter\application/x-ica;charset=ISO-8859-1 - No CLSID value found O18:64bit: - Protocol\Filter\application/x-ica;charset=MS936 - No CLSID value found O18:64bit: - Protocol\Filter\application/x-ica;charset=MS949 - No CLSID value found O18:64bit: - Protocol\Filter\application/x-ica;charset=MS950 - No CLSID value found O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF8 - No CLSID value found O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF-8 - No CLSID value found O18:64bit: - Protocol\Filter\ica - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.02.01 16:33:59 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\Tanja\Desktop\aswMBR.exe [2013.02.01 15:57:12 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Tanja\Desktop\tdsskiller.exe [2013.02.01 13:17:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.02.01 13:16:13 | 000,000,000 | ---D | C] -- C:\Users\Tanja\Desktop\mbar-1.01.0.1017 [2013.01.30 22:11:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Tanja\Desktop\OTL.exe [2013.01.09 11:46:35 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2013.01.09 11:46:35 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2013.01.09 11:46:15 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2013.01.09 11:46:14 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll [2013.01.09 11:46:13 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs [2013.01.09 11:46:13 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs [2013.01.09 11:46:13 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs [2013.01.09 11:46:13 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs [2013.01.09 11:46:13 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs [2013.01.09 11:46:13 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs [2013.01.09 11:46:13 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs [2013.01.09 11:46:13 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs [2013.01.09 11:46:13 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs [2013.01.09 11:46:13 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs [2013.01.09 11:46:13 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs [2013.01.09 11:46:13 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs [2013.01.09 11:46:13 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs [2013.01.09 11:46:13 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs [2013.01.09 11:46:13 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs [2013.01.09 11:46:13 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs [2013.01.09 11:46:13 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs [2013.01.09 11:46:13 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs [2013.01.09 11:46:12 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll [2013.01.09 11:46:12 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll [2013.01.09 11:46:12 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll [2013.01.09 11:46:12 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll [2013.01.09 11:46:12 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs [2013.01.09 11:46:12 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs [2013.01.09 11:46:12 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs [2013.01.09 11:46:12 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs [2013.01.09 11:46:12 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs [2013.01.09 11:46:12 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs [2013.01.09 11:46:12 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs [2013.01.09 11:46:12 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs [2013.01.09 11:46:12 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs [2013.01.09 11:46:12 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs [2013.01.09 11:45:52 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2013.01.09 11:45:52 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2013.01.09 11:45:51 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2013.01.09 11:45:51 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2013.01.09 11:45:51 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2013.01.09 11:45:51 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2013.01.09 11:45:51 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2013.01.09 11:45:51 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2013.01.09 11:45:51 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2013.01.09 11:45:51 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2013.01.09 11:45:51 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2013.01.09 11:45:51 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2013.01.09 11:45:51 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2013.01.09 11:45:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2013.01.09 11:45:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2013.01.09 11:45:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2013.01.09 11:45:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2013.01.09 11:45:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2013.01.09 11:45:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2013.01.09 11:45:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2013.01.09 11:45:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2013.01.09 11:45:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2013.01.09 11:45:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2013.01.09 11:45:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2013.01.09 11:45:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2013.01.09 11:45:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2013.01.09 11:45:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2013.01.09 11:45:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2013.01.09 11:45:50 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2013.01.09 11:45:50 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2013.01.09 11:45:50 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2013.01.09 11:45:50 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2013.01.09 11:45:50 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2013.01.09 11:45:50 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2013.01.09 11:45:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2013.01.09 11:45:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2013.01.09 11:45:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2013.01.09 11:45:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2013.01.09 11:45:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2013.01.09 11:45:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2013.01.09 11:45:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2013.01.09 11:45:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2013.01.09 11:45:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2013.01.09 11:45:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2013.01.09 11:45:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2013.01.09 11:45:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2013.01.09 11:45:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2013.01.09 11:45:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2013.01.09 11:45:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2013.01.09 11:45:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2013.01.09 11:45:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2013.01.09 11:45:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2013.01.09 11:45:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2013.01.09 11:45:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2013.01.09 11:45:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2013.01.09 11:45:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2013.01.09 11:45:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2013.01.09 11:45:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2013.01.09 11:45:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2013.01.09 11:45:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2013.01.09 11:45:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2013.01.09 11:45:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2013.01.09 11:45:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2013.01.09 11:45:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2013.01.09 11:45:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2013.01.09 11:45:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2013.01.09 11:45:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2013.01.09 11:45:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2013.01.09 11:45:50 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2013.01.09 11:45:31 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.02.01 18:21:54 | 000,009,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.02.01 18:21:54 | 000,009,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.02.01 18:02:25 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.02.01 18:02:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.02.01 18:02:09 | 522,784,767 | -HS- | M] () -- C:\hiberfil.sys [2013.02.01 17:58:42 | 000,580,235 | ---- | M] () -- C:\Users\Tanja\Desktop\adwcleaner.exe [2013.02.01 17:55:00 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.02.01 16:46:41 | 000,000,512 | ---- | M] () -- C:\Users\Tanja\Desktop\MBR.dat [2013.02.01 16:34:01 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Tanja\Desktop\aswMBR.exe [2013.02.01 15:57:26 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Tanja\Desktop\tdsskiller.exe [2013.01.30 22:27:05 | 000,365,568 | ---- | M] () -- C:\Users\Tanja\Desktop\gmer_2.0.18454.exe [2013.01.30 22:11:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tanja\Desktop\OTL.exe [2013.01.30 22:10:31 | 000,000,000 | ---- | M] () -- C:\Users\Tanja\defogger_reenable [2013.01.30 22:07:28 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2013.01.29 10:28:24 | 000,050,477 | ---- | M] () -- C:\Users\Tanja\Desktop\Defogger.exe [2013.01.21 12:21:24 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.01.21 12:21:24 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.01.21 12:21:24 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.01.21 12:21:24 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.01.21 12:21:24 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.01.18 18:32:57 | 000,400,350 | ---- | M] () -- C:\test.xml [2013.01.12 17:03:10 | 000,462,560 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.01.09 17:07:25 | 005,379,340 | ---- | M] () -- C:\Users\Tanja\Desktop\A.P.EX_._ProAuPair_Auslandshandbuch2012Small[1].pdf [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.02.01 17:58:35 | 000,580,235 | ---- | C] () -- C:\Users\Tanja\Desktop\adwcleaner.exe [2013.02.01 16:46:41 | 000,000,512 | ---- | C] () -- C:\Users\Tanja\Desktop\MBR.dat [2013.01.30 22:27:02 | 000,365,568 | ---- | C] () -- C:\Users\Tanja\Desktop\gmer_2.0.18454.exe [2013.01.30 22:10:31 | 000,000,000 | ---- | C] () -- C:\Users\Tanja\defogger_reenable [2013.01.29 10:28:20 | 000,050,477 | ---- | C] () -- C:\Users\Tanja\Desktop\Defogger.exe [2013.01.25 17:41:22 | 000,001,141 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk [2013.01.09 17:07:25 | 005,379,340 | ---- | C] () -- C:\Users\Tanja\Desktop\A.P.EX_._ProAuPair_Auslandshandbuch2012Small[1].pdf [2012.08.06 18:54:50 | 000,000,523 | ---- | C] () -- C:\Windows\eReg.dat [2011.12.19 07:38:25 | 000,000,221 | ---- | C] () -- C:\ProgramData\MusicStation.xml [2011.06.03 10:54:37 | 000,000,355 | ---- | C] () -- C:\Users\Tanja\Netzwerk - Verknüpfung.lnk [2011.02.06 13:14:15 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2010.09.07 20:26:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > |
|
01.02.2013, 18:47
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TrojanDownloader:Win32/Adload.Da-Virus Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.02.2013, 20:48
| #14 |
| | TrojanDownloader:Win32/Adload.Da-VirusCode:
ATTFilter Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.02.01.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 Tanja :: TANJA-VAIO [Administrator] 01.02.2013 19:07:18 mbam-log-2013-02-01 (19-07-18).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 215920 Laufzeit: 2 Minute(n), 17 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6889
# api_version=3.0.2
# EOSSerial=90ae6430137fc046bc671a3b5a608e57
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-02-01 07:44:20
# local_time=2013-02-01 08:44:20 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 97 12079 225171150 4843 0
# compatibility_mode=5893 16776573 100 94 13357 111377710 0 0
# scanned=220018
# found=0
# cleaned=0
# scan_time=5000
|
|
02.02.2013, 15:36
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TrojanDownloader:Win32/Adload.Da-Virus Sieht soweit ok aus Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu TrojanDownloader:Win32/Adload.Da-Virus |
| angezeigt, downloader, entferne, entfernen, ergebnisse, folge, folgendes, gmer, hoffe, inhalt, loader, thema, troja, trojandownloader, trojandownloader:win32/adload.da-virus, win, win32/adload.da-virus |
Linear-Darstellung
