"Sparkassentrojaner"

Grant · 31.05.2013, 14:31

Hallo zusammen!
Ich bin neu hier und möchte mich und mein Problem kurz vorstellen:
Ich bin 27 Jahre alt und habe von Computern/Lap Tops wenig Ahnung, deswegen wende ich mich auch an euch. Folgendes Problem ist heute aufgetreten:
Als ich mich wie gewohnt zum Online Banking anmelden wollte, kam die Aufforderung, eine "Testüberweisung" zu machen. Das kam mir komisch vor und ich habe daraufhin (zum Glück) bei der Sparkassen Hotline angerufen. Die Dame dort erzählte mir, dass mein Rechner mit einem Trojaner infiziert sei. Ich entgegnete ihr: "Nein, das kann nicht sein. Mein Rechner ist permanent von McAffee geschützt..."

Ich startete McAffee und ließ das System scannen. Irgendwann erschien dort die Meldung, dass ich einen Trojaner hätte und dieser gelöscht wurde, ich bräuchte mich um nichts weiter kümmern.

Meine Frage nun an euch, ist mein Rechner noch zu retten, ohne dass ich ihn formatieren muss?!
Habe ich wirklich irgendwelche Viren, Trojaner oder was auch immer?

Ich bin euch um jede hilfreiche Antwort dankbar.

LG, ein ahnungsloser User

cosinus · 31.05.2013, 14:37

Hallo und

Zitat:

Irgendwann erschien dort die Meldung, dass ich einen Trojaner hätte und dieser gelöscht wurde, ich bräuchte mich um nichts weiter kümmern.

Wo sind die Logs dazu?

Solche Angaben reichen nicht, bitte poste die vollständigen Angaben/Logs der Virenscanner siehe http://www.trojaner-board.de/125889-...tml#post941520

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Grant · 31.05.2013, 14:43

Wie gesagt, ich habe wirklich keine Ahnung von der ganzen Materie und bin auf deine/eure Hilfe angewiesen... Wenn ich bei McAffee jetzt auf den Bericht vom letzten Scan klicke, steht da lediglich, dass 2 Trojaner gefunden wurden, mehr nicht.
Kannst du mir trotzdem iwie helfen?

cosinus · 31.05.2013, 14:47

Schau da mal nach was genau wo gefunden wurde.

Grant · 31.05.2013, 14:57

Sorry, mein Fehler, habe da doch etwas gefunden:

Auf ihrem Computer wurde mindestens ein Element entdeckt.

Entdeckungsname: RDN/Ransom!cp (Trojaner)

Datei: C:\USERS\GRANT\APPDATA\LOCAL\TEMP\tmp9bebc2da\68.exe

Prozess: C:\Program Files (x86)\Malwarebytes` Anti-Malware\mbam.exe

cosinus · 31.05.2013, 15:20

MBAM = Malwarebytes

Hast du da auch Logs von? Bitte alle Logs mit Funden posten!

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.

Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.
Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.
Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!
Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!
Die Logs der aufgegebenen Tools wie zB Malwarebytes sind immer zu posten - egal ob ein Fund dabei war oder nicht!
Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.

Erstmal eine Kontrolle mit OTL bitte:

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Setze oben mittig den Haken bei Scanne alle Benutzer
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles hier in CODE-Tags in den Thread.

Grant · 31.05.2013, 15:34

Die Logs von Malwarebytes waren alle ohne Fund, willst du sie dann trotzdem haben?!
Ich habe deine Anleitung verstanden und beginne jetzt mit OTL.

Hier das Ergebnis von otl.txt:

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 31.05.2013 16:41:06 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Grant\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,97 Gb Total Physical Memory | 2,69 Gb Available Physical Memory | 67,80% Memory free
7,94 Gb Paging File | 5,37 Gb Available in Paging File | 67,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448,76 Gb Total Space | 389,31 Gb Free Space | 86,75% Space Free | Partition Type: NTFS
 
Computer Name: GRANT-VAIO | User Name: Grant | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Grant\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Users\Grant\AppData\Roaming\Douh\syoni.exe (Sysinternals - www.sysinternals.com)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe ()
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
PRC - c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Care\listener.exe (Sony of America Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f878765b06a1d56b04f4bd23a9c60985\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\389a1832a3da11e1b409cd6ae60cb9fa\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\7ffdaee3a54ffd1a5e3b008a5bde5ecf\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation)
SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McOobeSv) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McAfee SiteAdvisor Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (McODS) -- C:\Programme\McAfee\virusscan\mcods.exe (McAfee, Inc.)
SRV - (VSNService) -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation)
SRV - (DCDhcpService) -- C:\Programme\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe (Atheros Communication Inc.)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe ()
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Sony Corporation)
SRV - (ZAtheros Bt&Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Atheros Commnucations)
SRV - (PMBDeviceInfoProvider) -- c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (IconMan_R) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
SRV - (Intel(R) -- c:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (VCService) -- C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation)
SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update Common\VUAgent.exe (Sony Corporation)
SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (VcmINSMgr) -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation)
SRV - (VcmIAlzMgr) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV - (SpfService) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (VcmXmlIfHelper) -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)
SRV - (MOBK649backup) -- C:\Program Files (x86)\McAfee Online Backup\MOBK649backup.exe (McAfee, Inc.)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
SRV - (McAWFwk) -- c:\Programme\McAfee\MSC\McAWFwk.exe (McAfee, Inc.)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (SmbDrv) -- C:\Windows\SysNative\drivers\Smb_driver.sys (Synaptics Incorporated)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (lehidmini) -- C:\Windows\SysNative\drivers\leath_hid.sys (Atheros)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)
DRV:64bit: - (BTATH_VDP) -- C:\Windows\SysNative\drivers\btath_vdp.sys (Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros)
DRV:64bit: - (ATHDFU) -- C:\Windows\SysNative\drivers\AthDfu.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.)
DRV:64bit: - (mfenlfk) -- C:\Windows\SysNative\drivers\mfenlfk.sys (McAfee, Inc.)
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (RSPCIESTOR) -- C:\Windows\SysNative\drivers\RtsPStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (MOBK649Filter) -- C:\Windows\SysNative\drivers\MOBK649.sys (Mozy, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (e1yexpress) -- C:\Windows\SysNative\drivers\e1y60x64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2404110451-2394441783-2893451950-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vaioportal.sony.eu
IE - HKU\S-1-5-21-2404110451-2394441783-2893451950-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com [binary data]
IE - HKU\S-1-5-21-2404110451-2394441783-2893451950-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bild.de/
IE - HKU\S-1-5-21-2404110451-2394441783-2893451950-1001\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-2404110451-2394441783-2893451950-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2404110451-2394441783-2893451950-1001\..\SearchScopes\{23833CA6-1CF6-49ED-9F69-47A13EB628F3}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q212&_nkw={searchTerms}
IE - HKU\S-1-5-21-2404110451-2394441783-2893451950-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2404110451-2394441783-2893451950-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2013.02.02 00:49:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012.06.27 12:35:19 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\McAfee\systemcore\ScriptSn.20120626204535.dll (McAfee, Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120626204535.dll (McAfee, Inc.)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [McAfeeWrapperApplication] C:\Program Files (x86)\McAfeeMOBK\WrapperTrayIcon.exe (McAfee, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2404110451-2394441783-2893451950-1001..\Run: [Adteipad] C:\Users\Grant\AppData\Roaming\Douh\syoni.exe (Sysinternals - www.sysinternals.com)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)
O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F8D922B9-429C-4042-98BE-07997DD4065E}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.05.31 15:23:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013.05.31 13:31:52 | 000,000,000 | ---D | C] -- C:\Users\Grant\AppData\Roaming\Malwarebytes
[2013.05.31 13:31:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.05.31 13:31:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.05.31 13:31:18 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.05.31 13:31:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.05.31 13:31:01 | 000,000,000 | ---D | C] -- C:\Users\Grant\AppData\Local\Programs
[2013.05.31 13:29:58 | 010,285,040 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Grant\Desktop\mbam-setup-1.75.0.1300.exe
[2013.05.31 12:11:56 | 000,000,000 | ---D | C] -- C:\Users\Grant\Desktop\Kristin
[2013.05.31 11:56:40 | 000,000,000 | ---D | C] -- C:\Users\Grant\AppData\Local\Macromedia
[2013.05.31 11:56:13 | 000,000,000 | ---D | C] -- C:\Users\Grant\AppData\Local\Mozilla
[2013.05.31 11:55:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013.05.29 17:09:34 | 000,000,000 | ---D | C] -- C:\Users\Grant\AppData\Local\Diagnostics
[2013.05.19 20:14:30 | 000,000,000 | ---D | C] -- C:\Users\Grant\AppData\Roaming\Xiin
[2013.05.19 20:14:30 | 000,000,000 | ---D | C] -- C:\Users\Grant\AppData\Roaming\Douh
[2013.05.19 20:14:30 | 000,000,000 | ---D | C] -- C:\Users\Grant\AppData\Roaming\Axwein
[2013.05.17 10:54:39 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.05.17 10:54:38 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.05.17 10:54:38 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.05.17 10:54:37 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.05.17 10:54:37 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.05.17 10:54:37 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.05.17 10:54:37 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.05.17 10:54:37 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.05.17 10:54:37 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.05.17 10:54:37 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.05.17 10:54:37 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.05.17 10:54:36 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.05.17 10:54:34 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.05.17 10:54:34 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.05.17 10:54:33 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.05.16 17:57:31 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013.05.16 17:57:31 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2013.05.16 17:57:11 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013.05.16 17:57:11 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013.05.16 17:57:06 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2013.05.16 17:57:05 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013.05.16 17:56:43 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.05.31 16:17:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.31 15:26:46 | 000,020,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.31 15:26:46 | 000,020,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.31 15:18:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.31 15:18:26 | 3197,915,136 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.31 13:31:31 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.05.31 13:30:19 | 010,285,040 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Grant\Desktop\mbam-setup-1.75.0.1300.exe
[2013.05.18 11:07:30 | 000,303,696 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.05.17 10:58:20 | 001,636,028 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.05.17 10:58:20 | 000,697,322 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.05.17 10:58:20 | 000,652,600 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.05.17 10:58:20 | 000,148,328 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.05.17 10:58:20 | 000,121,274 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.05.15 18:17:54 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.05.15 18:17:54 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.05.31 13:31:31 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.05.18 11:54:53 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll
[2012.05.18 10:25:58 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.03.14 06:53:13 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.03.14 06:53:13 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.03.14 06:53:13 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012.02.09 23:00:18 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2012.02.09 23:00:06 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2012.02.02 22:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

--- --- ---

und hier Extra.txt:

OTL Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 31.05.2013 16:41:06 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Grant\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,97 Gb Total Physical Memory | 2,69 Gb Available Physical Memory | 67,80% Memory free
7,94 Gb Paging File | 5,37 Gb Available in Paging File | 67,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448,76 Gb Total Space | 389,31 Gb Free Space | 86,75% Space Free | Partition Type: NTFS
 
Computer Name: GRANT-VAIO | User Name: Grant | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04BFF3BD-89EE-416D-BB3C-8B217EAFCFDD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{11A900DA-BDEA-43CE-8162-C50B0581CB11}" = lport=53 | protocol=17 | dir=in | app=c:\program files\sony\vaio smart network\wfda\dcdhcpservice.exe | 
"{11B99030-2F83-498C-B716-6A6CE568B247}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{15F0C6EE-90EA-481F-9A24-3609FC913E18}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{1BFF10F5-EBB7-47BB-8C64-82877D08C2E6}" = lport=80 | protocol=6 | dir=in | app=c:\program files\sony\vaio smart network\wfda\wifidirectapplication.exe | 
"{303A5049-3DC7-491F-A878-19D224B9FBBA}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{4485AB79-49D8-4760-A00D-57AB855D4B33}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{45A0BC0B-7614-404D-999D-F30242F5AC5A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{45DC1F87-FD8D-452C-80A5-B4D3FC72F9DE}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{49C7C457-492D-45F7-A56F-4F50964DBA09}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{64BBD864-1D29-4F4B-97D8-B0A393D7A026}" = lport=138 | protocol=17 | dir=in | app=system | 
"{652E15CC-BE7C-4C04-8704-C1B4442DA94A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{6AAAA9B2-A62B-496D-ADE1-3CA2F4BD96B8}" = lport=3880 | protocol=6 | dir=in | app=c:\program files (x86)\sony\vaio creations\vaio movie story\vmstory.exe | 
"{6B689053-DC45-4156-B75C-8B54C0D9433B}" = rport=137 | protocol=17 | dir=out | app=system | 
"{887BED6E-DF30-4997-9EA9-E73FB7AE8FBB}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{8917E33F-BD74-4D4A-A723-652A2A1AB092}" = lport=139 | protocol=6 | dir=in | app=system | 
"{8F02EEE8-D74D-4731-9224-EC975DD898CD}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{9273198C-101C-4AFD-A4FD-D9AAADA3EC8D}" = lport=445 | protocol=6 | dir=in | app=system | 
"{92915CB5-DD9C-4577-A3FB-0DAEF3A81BD9}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{95D1CD25-57F4-4A9D-9593-905E8737AE45}" = lport=137 | protocol=17 | dir=in | app=system | 
"{9B2E60D9-A4F4-4981-AFE9-2B61D985774C}" = lport=3888 | protocol=17 | dir=in | app=c:\program files (x86)\sony\vaio creations\vaio movie story\vmstory.exe | 
"{A11F788A-F336-4EB0-82EB-17723C485667}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{ACF65350-FCB0-4D30-902C-83185A6C0269}" = rport=138 | protocol=17 | dir=out | app=system | 
"{AF65C613-0527-4B76-B1CF-9027ADB827CE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{B6BB9FCC-4A5E-4FC6-A797-740BEB94645A}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{D36FFA39-2B00-4406-B6AD-B5EAA58A6DDA}" = rport=445 | protocol=6 | dir=out | app=system | 
"{D57429B6-C60D-425A-BE36-FEF40A796546}" = rport=139 | protocol=6 | dir=out | app=system | 
"{D9147A55-B09C-4860-B83A-83F49B88430C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{E5E532F9-E687-497C-AD25-3D4C192E7CDE}" = lport=3888 | protocol=6 | dir=in | app=c:\program files (x86)\sony\vaio creations\vaio movie story\vmstory.exe | 
"{FC9717BD-C878-4C4C-BED3-E2B26D7FB1C0}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1084576D-F7CB-460F-8AFA-A9842595F3BB}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{1987256B-3300-42A2-AB3A-D32A6061159F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{1A717705-7560-478F-93AB-67E4A6ED8385}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{1C659DF8-6930-4DEE-82C4-528488879057}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{22DB078D-C914-4DC1-AC21-715D99E5A0E1}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{249D725D-E4B1-48FF-8EBF-D29D16D9F8BC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{30B82BA9-A044-4217-BB25-CFA7E679E991}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{46D14136-6A20-459F-96A1-E8531CCF6338}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{4AA8002D-54FA-4C9C-BE9C-82CDC812D71F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{4C000AC5-1DD0-47F9-B2FD-DAE998F24F54}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{4F59CED2-779D-4AFD-A10B-D4113897465C}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{6028D16D-7C8A-4881-82DA-747997316DAB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{7B006E9D-BDFC-4741-A1A4-EF7D49899D82}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{83650959-FF0B-47E7-B149-69E558CFA9E3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{8373167D-4710-4CBF-9791-0A4AEFE567B4}" = protocol=6 | dir=out | app=system | 
"{87517343-99D1-4B5A-9762-855F6F948B11}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{9202289E-8067-4633-8061-890278DC53AB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{99281D29-F33D-486D-81D8-0975A7C3BC60}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{9B2E156E-68B8-44EF-BABE-146092E2321E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{9DC9351C-03A7-4612-8DDC-7B9F94D44841}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{B5982652-CD71-4B05-98BF-FACD85E2AEC7}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{B7259BB4-BFD7-492C-AC92-19B631FD765A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{C1B36B1A-4D21-43B9-A3D2-013E96741FA6}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{C2C7E3EF-1A40-4206-BAE7-0952DFBECFE2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{C3214E14-B62E-47CA-879E-C9B34E778AC7}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{CDC78245-34B8-44BE-BBD3-2372ED4F9B17}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{DBD51435-8F9E-4E6A-B243-C71E619FCCDF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{E7E931B3-DF54-4D8D-BA49-C9D90C857EA8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{EB799568-A0B9-4E3E-ADD7-D02CEB8D75F1}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe | 
"{FAB1592A-E444-4EB0-B2F5-42E5C703EF50}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{FC014ADD-E76F-40EC-8DDE-7EF52D97F7C1}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{FC46CA80-E923-4210-816F-8455F9F91302}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{0EB7792D-EFA2-42AB-9A22-F33D9458E974}" = Media Gallery
"{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Atheros Bluetooth Suite (64)
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{26A24AE4-039D-4CA4-87B4-2F86417001FF}" = Java(TM) 7 Update 1 (64-bit)
"{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{312395BC-7CC2-434C-A660-30250276A926}" = SSLx64
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{34EB42BE-F4D3-44C1-B28E-9740115DB72C}" = VAIO - Microsoft Visual C++ 2010 SP1 Runtime 10.0.40219.325
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{46261E1C-5E0D-484E-8CCC-7F770375FBA2}" = VU5x64
"{471F7C0A-CA3A-4F4C-8346-DE36AD5E23D1}" = VAIO Care
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources
"{4EFA8109-732B-4026-9F0C-B70ECF3F9293}" = Windows Live Remote Service Resources
"{4F31AC31-0A28-4F5A-8416-513972DA1F79}" = VSSTx64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{5212FB9D-C7A1-7BF4-9096-3DD48819F21D}" = McAfee Online Backup
"{549AD5FB-F52D-4307-864A-C0008FB35D96}" = VCCx64
"{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6CCD3595-D38B-4750-CF49-C6DDDAB5B355}" = ccc-utility64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75C95C84-264F-4CC7-8A7E-346444E6C7C1}" = VAIO Improvement Validation
"{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{886C0C18-F905-49B2-90BA-EFC0FEDF27C6}" = VAIO - PlayMemories Home Plug-in
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{9F672527-2BE4-47AB-B061-C057BDE30B30}" = Windows Live Remote Client Resources
"{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D55EAC07-7207-44BD-B524-0F063F327743}" = VIx64
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}" = VPMx64
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E743BA71-5955-420B-AA52-67508054AD66}" = VAIO Update Merge Module x64
"{EBF1529E-D2D5-47CF-97EC-7D90CEF0FE04}" = AMD Catalyst Install Manager
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{F2611404-06BF-4E67-A5B7-8DB2FFC1CBF6}" = VSNx64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{0363A571-BD40-C5E2-2573-92B60D93EE97}" = Catalyst Control Center InstallProxy
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{046885A1-B4AE-4459-A0D1-8C93706698D6}" = 
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{07441A52-E208-478A-92B7-5C337CA8C131}" = VAIO - Remote Play mit PlayStation®3
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti
"{0D4931AE-CD0A-B202-CA87-7E7DF1322D24}" = CCC Help Italian
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{0E710CBA-8571-7C5C-68BA-47E1C34A6745}" = CCC Help Dutch
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh
"{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{167A1F6A-9BF2-4B24-83DB-C6D659F680EA}" = Media Go
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
"{1B0545C4-620F-4661-A369-C4D113F24932}" = Windows Live Writer Resources
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21DD6041-7251-40FA-9D06-C5EB30268E0F}" = Qualcomm Atheros Direct Connect
"{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack
"{2303F9E7-6293-4A85-BC21-CA226FAD5CE4}" = Windows Live Mail
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{260E3D78-94E6-47EC-8E29-46301572BB1E}" = Control ActiveX Windows Live Mesh pentru conexiuni la distanță
"{26A24AE4-039D-4CA4-87B4-2F83217001FF}" = Java(TM) 7 Update 1
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{27C467F8-F8EF-4f68-BD72-D63632B2096C}" = McAfee Online Backup
"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2C8FBAB0-4564-47B8-AC4B-9C7401B94BF2}" = Основи Windows Live
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{2F41EF61-A066-4EBF-84F8-21C1B317A780}" = VAIO - TrackID™ mit BRAVIA
"{2F54E453-8C93-4B3B-936A-233C909E6CAC}" = Windows Live Messenger
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{3490653F-2789-46A1-B1BF-6BD4CF4131AB}" = FDUx86
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}" = ActiveX-kontroll för fjärranslutningar för Windows Live Mesh
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh
"{3A26D9BD-0F73-432D-B522-2BA18138F7EF}" = VAIO Improvement
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{443B561F-DE1B-4DEF-ADD9-484B684653C7}" = Windows Live Messenger
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{45191C61-3D04-4D03-B78A-592DF13264CC}" = Windows Live Messenger
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{45F41392-ED69-D133-4F2B-3236C0ABF088}" = CCC Help Russian
"{4601C392-2281-0E26-01C5-F6AD044A0AB9}" = CCC Help German
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4B744C85-DBB1-4038-B989-4721EB22C582}" = Windows Live Messenger
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{5156C9BF-1C27-430B-96D8-7129F11699A8}" = VAIO Data Restore Tool
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}" = VAIO Sample Contents
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{61438020-DDD4-42FA-99A2-50225441980A}" = ArcSoft Magic-i Visual Effects 2
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{6466EF6E-700E-470F-94CB-D0050302C84E}" = Remote Keyboard
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{692955F2-DE9F-4078-8FAA-858D6F3A1776}" = VAIO Gesture Control
"{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A67578E-095B-4661-88F7-0B199CEC3371}" = Windows Live Messenger
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6AC57EEF-2733-4DE6-81BB-E78ACB964C22}" = Windows Live Photo Common
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger
"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{6FD21053-829D-40E7-B04C-CAFB7D5CD025}" = KUx86
"{6FD7D12D-2E71-42F4-B0E9-3BD2010D6F07}" = Catalyst Control Center - Branding
"{70991E0A-1108-437E-BA7D-085702C670C0}" = 
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-sony" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}" = VAIO - Remote-Tastatur
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{77911750-3B45-9927-43CE-96153D2E16B3}" = Catalyst Control Center Localization All
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7BF004A9-25FA-331C-0995-8198C9A9EE07}" = CCC Help Portuguese
"{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E5A5CA6-B7D0-406E-A75E-157CAB47EB94}" = VMLx86
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{7F6B531E-0B45-6C2F-7649-B876E323B025}" = CCC Help French
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" = 
"{80651674-74AA-4155-AF2D-1339E628D187}" = Windows Live Movie Maker
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" = 
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83F937CA-5775-606B-C0D1-879C9458B25F}" = CCC Help Danish
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" = 
"{858B32BD-121C-4AC8-BD87-CE37C51C03E2}" = TrackID(TM) with BRAVIA
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{85C71DC0-F0FE-15EA-15E8-EE05059D04E9}" = CCC Help Thai
"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
"{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CE152BA-1D16-11E1-867D-984BE15F174E}" = Evernote v. 4.5.2
"{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E797841-A110-41FD-B17A-3ABC0641187A}" = VAIO Control Center
"{8FCDAAE0-130C-EB8B-6F9D-B7F802B38E43}" = CCC Help Chinese Standard
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{91AFB7F0-CF98-73B6-8FA9-958878EF65DE}" = CCC Help Chinese Traditional
"{91BD94FE-ADCA-49CC-BE96-97D4BBC36FAF}" = Windows Live Mesh
"{92280FD3-A119-41E6-A740-A62DBA4DFB53}" = Windows Live UX Platform Language Pack
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9306084B-53F6-33E3-3B6D-3C9485AB5C44}" = CCC Help Polish
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E536BEC-BD58-EA09-62B9-DC8BD889CBA6}" = CCC Help English
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A3389C72-1782-4BB4-BBAA-33345DE52E3F}" = Windows Live Messenger
"{A49A517F-5332-4665-922C-6D9AD31ADD4F}" = VSNx86
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ABA75682-3B03-F4EB-F755-F81272A9FB50}" = CCC Help Swedish
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AE5F3379-8B81-457E-8E09-7E61D941AFA4}" = VAIO Gate
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B24BB74E-8359-43AA-985A-8E80C9219C70}" = VSSTx86
"{B2E90616-C50D-4B89-A40D-92377AC669E5}" = Windows Live Messenger
"{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}" = ActiveX контрола на Windows Live Mesh за отдалечени връзки
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B8991D99-88FD-41F2-8C32-DB70278D5C30}" = VWSTx86
"{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}" = VAIO*CPU-Lüfterdiagnose
"{BD0C3887-64E6-41D8-9A38-BC6F34369352}" = Windows Live Messenger
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{BFC47A0B-D487-4DF0-889E-D6D392DF31E0}" = Windows Live Messenger
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C115A674-A398-49E5-9C6E-C0A541D3EA10}" = Фотоколекція Windows Live
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C63E7C86-2AB0-95C7-52E4-4AAFDAE83B1B}" = CCC Help Finnish
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO-Handbuch
"{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}" = ArcSoft WebCam Companion 4
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C8544A9A-76BE-4F82-811E-979799AE493B}" = VAIO Gesture Control
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CBFD061C-4B27-4A89-ADD8-210316EEFA11}" = Windows Live Messenger
"{CCB26B62-5219-9E89-E5EC-17CFAEA9E5E3}" = CCC Help Korean
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D06D3E90-8881-014E-D9A0-64CF95AB21BB}" = Catalyst Control Center Graphics Previews Common
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}" = VIx86
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D52EDEF4-068C-0F6C-374C-A3D87418F027}" = CCC Help Greek
"{D56DA747-5FDB-4AD5-9A6A-3481C0ED44BD}" = Remote Play with PlayStation(R)3
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DB1A3EA7-0C25-4BEC-A108-176195190369}" = VHD
"{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{DF184496-1CA2-4D07-92E7-0BD251D7DEF0}" = VCCx86
"{E03CD71A-F595-49DF-9ADC-0CFC93B1B211}" = PlayMemories Home
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E33F7934-F129-EC39-2EF6-6C3414B94594}" = CCC Help Spanish
"{E3D6D7E5-5C24-DAC0-E268-4A08098201E6}" = CCC Help Hungarian
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E6757A5B-EE7E-4D72-82B7-D1B2991DF55E}" = PYV_x86
"{E682702C-609C-4017-99E7-3129C163955F}" = VAIO - Remote-Tastatur mit PlayStation®3
"{E727B31A-8B24-4C1C-934A-69634E0D2C0B}" = Qualcomm Atheros WiFi Driver Installation
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EF9A2D34-4261-AE03-C9A7-ED54EA8F9A70}" = CCC Help Japanese
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F28C98E9-BAC1-41FF-81F2-8885925CCB48}" = Windows Live Writer
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F35DC85A-E96B-496B-ABE7-F04192824856}" = Windows Live Messenger
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F613796A-D87D-4576-0F6B-A7770FBAAC52}" = CCC Help Czech
"{F67E566E-7B97-3599-D353-06B7532851C9}" = CCC Help Turkish
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" = 
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FBC5861D-E773-18D2-7C71-2CEB8CE3939D}" = CCC Help Norwegian
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEEB8EEC-CC21-0CFF-6C5C-E86BDF9323CE}" = Catalyst Control Center
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"{FFFA0584-8E3D-4195-8283-CCA3AD73C746}" = Windows Live Messenger
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"MSC" = McAfee Internet Security
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"VAIO Help and Support" = 
"WildTangent sony Master Uninstall" = WildTangent-Spiele
"WinLiveSuite" = Windows Live Essentials
"WTA-09beb6a5-90b6-48da-964a-3fc0898d85ce" = Aloha TriPeaks
"WTA-0f74b24e-3fb2-4979-9cc6-b08d131de3f7" = Bejeweled 3
"WTA-15d517e0-7b34-434b-a28e-a3ee2b017269" = Mahjongg Artifacts
"WTA-254e659b-d80b-436f-9b3a-b364132239fb" = Mystery of Mortlake Mansion
"WTA-310b3777-4db2-4186-a8a1-3485584a0743" = Plants vs. Zombies - Game of the Year
"WTA-55498580-54b9-4fa6-afad-af31113e60c3" = The Hidden Object Game Show
"WTA-55e8223b-c6d1-45df-a2a6-88b89442478b" = Mystery P.I. - The London Caper
"WTA-6a1ae185-dba4-44e5-a1a4-2f620582651e" = Jewel Quest Solitaire 2
"WTA-74a71482-d727-42d7-8e9b-6abe4481fd5f" = Chuzzle Deluxe
"WTA-867535d5-2017-47c5-97d2-2bc053d38306" = Build-a-lot 2
"WTA-a9245125-14f3-460a-9881-71d90c61a8e9" = Cake Mania
"WTA-d5b41776-5590-40fe-8d4a-637ca42262b5" = Polar Bowler
"WTA-df8397f6-0ff5-432e-985e-f783eef3d029" = Insaniquarium Deluxe
"WTA-e068061a-fdbb-4f47-af4a-34ed4ea6960b" = Agatha Christie - Death on the Nile
"WTA-fba33170-35af-4b86-b83c-8aa9a7389a05" = Fishdom (TM) 2
"WTA-ff461241-bfcf-4075-afa1-392761cbe37e" = Virtual Villagers 4 - The Tree of Life
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 25.04.2013 09:19:52 | Computer Name = Grant-VAIO | Source = WinMgmt | ID = 10
Description = 
 
Error - 25.04.2013 09:20:41 | Computer Name = Grant-VAIO | Source = VSS | ID = 8194
Description = 
 
Error - 25.04.2013 10:08:24 | Computer Name = Grant-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 25.04.2013 10:08:24 | Computer Name = Grant-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9392
 
Error - 25.04.2013 10:08:24 | Computer Name = Grant-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9392
 
Error - 27.04.2013 09:25:20 | Computer Name = Grant-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 27.04.2013 09:25:20 | Computer Name = Grant-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 130439144
 
Error - 27.04.2013 09:25:20 | Computer Name = Grant-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 130439144
 
Error - 27.04.2013 09:29:40 | Computer Name = Grant-VAIO | Source = WinMgmt | ID = 10
Description = 
 
Error - 27.04.2013 09:30:40 | Computer Name = Grant-VAIO | Source = VSS | ID = 8194
Description = 
 
[ System Events ]
Error - 09.02.2013 07:03:57 | Computer Name = Grant-VAIO | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
 lautet: 10.
 
Error - 09.02.2013 07:03:57 | Computer Name = Grant-VAIO | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
 lautet: 10.
 
Error - 09.02.2013 07:03:57 | Computer Name = Grant-VAIO | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
 lautet: 10.
 
Error - 09.02.2013 07:03:57 | Computer Name = Grant-VAIO | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
 lautet: 10.
 
Error - 11.02.2013 08:06:08 | Computer Name = Grant-VAIO | Source = iaStor | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
 geantwortet.
 
Error - 21.02.2013 14:33:22 | Computer Name = Grant-VAIO | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
 lautet: 10.
 
Error - 21.02.2013 14:33:22 | Computer Name = Grant-VAIO | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
 lautet: 10.
 
Error - 22.02.2013 15:05:22 | Computer Name = Grant-VAIO | Source = iaStor | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
 geantwortet.
 
Error - 07.03.2013 13:10:47 | Computer Name = Grant-VAIO | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst ZAtheros Bt&Wlan Coex Agent erreicht.
 
Error - 17.03.2013 10:30:54 | Computer Name = Grant-VAIO | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst defragsvc erreicht.
 
 
< End of report >

--- --- ---

cosinus · 31.05.2013, 19:55

Ja, poste die trotzdem mal, ich wissen ob die DBs aktuell waren

Grant · 31.05.2013, 20:40

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16576
Grant :: GRANT-VAIO [Administrator]

Schutz: Aktiviert

31.05.2013 13:33:51
mbam-log-2013-05-31 (13-33-51).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 215787
Laufzeit: 13 Minute(n), 19 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

cosinus · 31.05.2013, 20:50

Die Logs bitte in CODE-Tags

Dann bitte jetzt Combofix ausführen:

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Grant · 31.05.2013, 21:51

Hier die Logfile von Combofix. Bevor ich Combofix gestartet habe, hatte ich McAffee und Malwarebytes deaktivert und die Internetverbrindung getrennt. Bevor ich nun wieder online gegangen bin, habe ich sie wieder aktiviert.

Code:

ATTFilter

ComboFix 13-05-31.02 - Grant 31.05.2013  22:04:40.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4066.2714 [GMT 2:00]
ausgeführt von:: c:\users\Grant\Desktop\ComboFix.exe
AV: McAfee  Anti-Virus und Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee  Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee  Anti-Virus und Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Grant\AppData\Roaming\Douh
c:\users\Grant\AppData\Roaming\Douh\syoni.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-04-28 bis 2013-05-31  ))))))))))))))))))))))))))))))
.
.
2013-05-31 20:16 . 2013-05-31 20:16	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-05-31 11:31 . 2013-05-31 11:31	--------	d-----w-	c:\users\Grant\AppData\Roaming\Malwarebytes
2013-05-31 11:31 . 2013-05-31 11:31	--------	d-----w-	c:\programdata\Malwarebytes
2013-05-31 11:31 . 2013-04-04 12:50	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-05-31 11:31 . 2013-05-31 11:31	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2013-05-31 11:31 . 2013-05-31 11:31	--------	d-----w-	c:\users\Grant\AppData\Local\Programs
2013-05-31 09:56 . 2013-05-31 09:56	--------	d-----w-	c:\users\Grant\AppData\Local\Macromedia
2013-05-31 09:56 . 2013-05-31 09:56	--------	d-----w-	c:\users\Grant\AppData\Local\Mozilla
2013-05-31 09:46 . 2013-05-03 14:15	75016696	----a-w-	c:\windows\system32\MRT.exe
2013-05-29 15:09 . 2013-05-29 15:09	--------	d-----w-	c:\users\Grant\AppData\Local\Diagnostics
2013-05-19 18:14 . 2013-05-31 19:39	--------	d-----w-	c:\users\Grant\AppData\Roaming\Axwein
2013-05-19 18:14 . 2013-05-19 18:14	--------	d-----w-	c:\users\Grant\AppData\Roaming\Xiin
2013-05-16 15:57 . 2013-04-10 06:01	265064	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2013-05-16 15:57 . 2013-04-10 06:01	983400	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2013-05-16 15:57 . 2011-02-03 11:25	144384	----a-w-	c:\windows\system32\cdd.dll
2013-05-16 15:57 . 2013-02-27 05:52	14172672	----a-w-	c:\windows\system32\shell32.dll
2013-05-16 15:57 . 2013-02-27 05:52	197120	----a-w-	c:\windows\system32\shdocvw.dll
2013-05-16 15:57 . 2013-02-27 05:48	1930752	----a-w-	c:\windows\system32\authui.dll
2013-05-16 15:57 . 2013-02-27 06:02	111448	----a-w-	c:\windows\system32\consent.exe
2013-05-16 15:57 . 2013-02-27 05:47	70144	----a-w-	c:\windows\system32\appinfo.dll
2013-05-16 15:57 . 2013-02-27 04:49	1796096	----a-w-	c:\windows\SysWow64\authui.dll
2013-05-16 15:56 . 2013-03-19 05:53	230400	----a-w-	c:\windows\system32\wwansvc.dll
2013-05-16 15:56 . 2013-03-19 05:53	48640	----a-w-	c:\windows\system32\wwanprotdim.dll
2013-05-16 15:56 . 2013-04-10 03:30	3153920	----a-w-	c:\windows\system32\win32k.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 16:17 . 2012-05-18 08:51	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-15 16:17 . 2012-05-18 08:51	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-10 13:51 . 2011-03-28 16:36	22240	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-01 08:11 . 2013-05-01 08:11	73728	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-05-01 08:11 . 2013-05-01 08:11	719360	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-05-01 08:11 . 2013-05-01 08:11	523264	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-05-01 08:11 . 2013-05-01 08:11	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-05-01 08:11 . 2013-05-01 08:11	38400	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-05-01 08:11 . 2013-05-01 08:11	226304	----a-w-	c:\windows\system32\elshyph.dll
2013-05-01 08:11 . 2013-05-01 08:11	185344	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-05-01 08:11 . 2013-05-01 08:11	158720	----a-w-	c:\windows\SysWow64\msls31.dll
2013-05-01 08:11 . 2013-05-01 08:11	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-05-01 08:11 . 2013-05-01 08:11	138752	----a-w-	c:\windows\SysWow64\wextract.exe
2013-05-01 08:11 . 2013-05-01 08:11	137216	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-05-01 08:11 . 2013-05-01 08:11	12800	----a-w-	c:\windows\SysWow64\mshta.exe
2013-05-01 08:11 . 2013-05-01 08:11	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-05-01 08:11 . 2013-05-01 08:11	1054720	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-05-01 08:11 . 2013-05-01 08:11	97280	----a-w-	c:\windows\system32\mshtmled.dll
2013-05-01 08:11 . 2013-05-01 08:11	92160	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-05-01 08:11 . 2013-05-01 08:11	905728	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-05-01 08:11 . 2013-05-01 08:11	81408	----a-w-	c:\windows\system32\icardie.dll
2013-05-01 08:11 . 2013-05-01 08:11	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-05-01 08:11 . 2013-05-01 08:11	762368	----a-w-	c:\windows\system32\ieapfltr.dll
2013-05-01 08:11 . 2013-05-01 08:11	62976	----a-w-	c:\windows\system32\pngfilt.dll
2013-05-01 08:11 . 2013-05-01 08:11	61952	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-05-01 08:11 . 2013-05-01 08:11	599552	----a-w-	c:\windows\system32\vbscript.dll
2013-05-01 08:11 . 2013-05-01 08:11	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-05-01 08:11 . 2013-05-01 08:11	51200	----a-w-	c:\windows\system32\imgutil.dll
2013-05-01 08:11 . 2013-05-01 08:11	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-05-01 08:11 . 2013-05-01 08:11	452096	----a-w-	c:\windows\system32\dxtmsft.dll
2013-05-01 08:11 . 2013-05-01 08:11	441856	----a-w-	c:\windows\system32\html.iec
2013-05-01 08:11 . 2013-05-01 08:11	361984	----a-w-	c:\windows\SysWow64\html.iec
2013-05-01 08:11 . 2013-05-01 08:11	281600	----a-w-	c:\windows\system32\dxtrans.dll
2013-05-01 08:11 . 2013-05-01 08:11	27648	----a-w-	c:\windows\system32\licmgr10.dll
2013-05-01 08:11 . 2013-05-01 08:11	270848	----a-w-	c:\windows\system32\iedkcs32.dll
2013-05-01 08:11 . 2013-05-01 08:11	247296	----a-w-	c:\windows\system32\webcheck.dll
2013-05-01 08:11 . 2013-05-01 08:11	235008	----a-w-	c:\windows\system32\url.dll
2013-05-01 08:11 . 2013-05-01 08:11	23040	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-05-01 08:11 . 2013-05-01 08:11	216064	----a-w-	c:\windows\system32\msls31.dll
2013-05-01 08:11 . 2013-05-01 08:11	197120	----a-w-	c:\windows\system32\msrating.dll
2013-05-01 08:11 . 2013-05-01 08:11	173568	----a-w-	c:\windows\system32\ieUnatt.exe
2013-05-01 08:11 . 2013-05-01 08:11	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-05-01 08:11 . 2013-05-01 08:11	1509376	----a-w-	c:\windows\system32\inetcpl.cpl
2013-05-01 08:11 . 2013-05-01 08:11	149504	----a-w-	c:\windows\system32\occache.dll
2013-05-01 08:11 . 2013-05-01 08:11	144896	----a-w-	c:\windows\system32\wextract.exe
2013-05-01 08:11 . 2013-05-01 08:11	1441280	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2013-05-01 08:11 . 2013-05-01 08:11	1400416	----a-w-	c:\windows\system32\ieapfltr.dat
2013-05-01 08:11 . 2013-05-01 08:11	13824	----a-w-	c:\windows\system32\mshta.exe
2013-05-01 08:11 . 2013-05-01 08:11	136192	----a-w-	c:\windows\system32\iepeers.dll
2013-05-01 08:11 . 2013-05-01 08:11	135680	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-05-01 08:11 . 2013-05-01 08:11	12800	----a-w-	c:\windows\system32\msfeedssync.exe
2013-05-01 08:11 . 2013-05-01 08:11	102912	----a-w-	c:\windows\system32\inseng.dll
2013-04-13 05:49 . 2013-05-16 15:57	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-16 15:57	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-16 15:57	308736	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-16 15:57	111104	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-16 15:57	474624	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-16 15:57	2176512	----a-w-	c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 14:08	1656680	----a-w-	c:\windows\system32\drivers\ntfs.sys
2013-03-25 09:53 . 2013-03-25 09:53	0	----a-w-	c:\windows\SysWow64\sho96CB.tmp
2013-03-19 06:04 . 2013-04-10 13:44	5550424	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 13:44	43520	----a-w-	c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 13:44	3968856	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 13:44	3913560	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 13:44	6656	----a-w-	c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 13:44	112640	----a-w-	c:\windows\system32\smss.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-02-10 343168]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-29 284440]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-22 291608]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-21 1675160]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-09-20 60552]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe" [2012-02-21 693608]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-12-12 152544]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-02-08 2429544]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2012-02-23 36000]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys [2012-02-23 51872]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2012-02-23 339616]
R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2012-02-23 110752]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys [2012-02-23 167584]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2012-02-23 68256]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys [2012-02-23 280992]
R3 BTATH_VDP;Bluetooth VDP Driver;c:\windows\system32\drivers\btath_vdp.sys [2012-02-23 421664]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2012-02-23 550560]
R3 DCDhcpService;DCDhcpService;c:\program files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [2012-03-21 112256]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 lehidmini;Bluetooth Low Energy Hid Device;c:\windows\system32\drivers\leath_hid.sys [2012-02-23 36128]
R3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe [2011-01-28 225216]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-02-22 100912]
R3 SmbDrv;SmbDrv;c:\windows\system32\drivers\Smb_driver.sys [2012-03-13 21264]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2012-01-06 138392]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2012-01-06 74904]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-12-01 289952]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
R3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2012-01-10 535688]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-12-29 960160]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-12-21 550128]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-12-21 382720]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-08-26 101600]
R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\drivers\iusb3hcs.sys [2012-02-22 16152]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-02-22 289664]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2012-02-22 75936]
S1 MOBK649Filter;MOBK649Filter;c:\windows\system32\DRIVERS\MOBK649.sys [2011-04-18 66040]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-03-13 235520]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2012-02-23 106144]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-29 13592]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-02 628448]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-03-13 128280]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-03-13 161560]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-05-25 210616]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-05-25 162224]
S2 MOBK649backup;McAfee Online Backup Service;c:\program files (x86)\McAfee Online Backup\MOBK649backup.exe [2011-04-18 223544]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-02-21 473960]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-11-30 260768]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-02-23 105024]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-03-13 363800]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2012-03-26 978056]
S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2012-02-23 158880]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-03-13 95248]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys [2012-02-23 30368]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-02-22 65264]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\drivers\iusb3hub.sys [2012-02-22 356120]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\drivers\iusb3xhc.sys [2012-02-22 787736]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 25928]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-02-22 487296]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2012-02-08 339048]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-02-13 675432]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2012-01-16 14336]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2012-01-20 54432]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2012-01-13 1256040]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - mfeavfk01
.
Inhalt des "geplante Tasks" Ordners
.
2013-05-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-18 16:17]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK649]
@="{7d7a9cff-a4c1-f2b8-7421-c722f7eac08a}"
[HKEY_CLASSES_ROOT\CLSID\{7d7a9cff-a4c1-f2b8-7421-c722f7eac08a}]
2011-04-18 20:00	4734264	----a-w-	c:\program files (x86)\McAfee Online Backup\MOBK649shell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK6492]
@="{658e5c17-2ba4-ed79-d884-37ebe15e7b9b}"
[HKEY_CLASSES_ROOT\CLSID\{658e5c17-2ba4-ed79-d884-37ebe15e7b9b}]
2011-04-18 20:00	4734264	----a-w-	c:\program files (x86)\McAfee Online Backup\MOBK649shell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK6493]
@="{22f1b264-d4dd-ef46-08eb-3eb0c80441ba}"
[HKEY_CLASSES_ROOT\CLSID\{22f1b264-d4dd-ef46-08eb-3eb0c80441ba}]
2011-04-18 20:00	4734264	----a-w-	c:\program files (x86)\McAfee Online Backup\MOBK649shell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-03-13 1156712]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2012-02-23 1020576]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2012-02-23 800416]
"McAfeeWrapperApplication"="c:\program files (x86)\McAfeeMOBK\WrapperTrayIcon.exe" [2010-12-07 453344]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.bild.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>;*.local
TCP: DhcpNameServer = 192.168.1.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-Adteipad - c:\users\Grant\AppData\Roaming\Douh\syoni.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"&_\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 &_ Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-05-31  22:44:31
ComboFix-quarantined-files.txt  2013-05-31 20:44
.
Vor Suchlauf: 11 Verzeichnis(se), 417.891.971.072 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 418.122.014.720 Bytes frei
.
- - End Of File - - DB1E83BF56C7C2F9A9ED3A1A4F6EA839

cosinus · 31.05.2013, 22:02

Rootkitscan mit GMER

Bitte lade dir

GMER herunter: (Dateiname zufällig)

Schließe alle anderen Programme, deaktiviere deinen Virenscanner und trenne den Rechner vom Internet bevor du GMER startest.
Sollte sich nach dem Start ein Fenster mit folgender Warnung öffnen:
WARNING !!!
GMER has found system modification, which might have been caused by ROOTKIT activity.
Do you want to fully scan your system ?

Unbedingt auf "No" klicken.
Entferne rechts den Haken bei: IAT/EAT und Show All
Setze den Haken bei Quickscan und entferne ihn bei allen anderen Laufwerken.
Starte den Scan mit "Scan".
Mache nichts am Computer während der Scan läuft.
Wenn der Scan fertig ist klicke auf Save und speichere die Logfile unter Gmer.txt auf deinem Desktop. Mit "Ok" wird GMER beendet.

Antiviren-Programm und sonstige Scanner wieder einschalten, bevor Du ins Netz gehst!

Tauchen Probleme auf?

Probiere alternativ den abgesicherten Modus.
Erhältst du einen Bluescreen, dann entferne den Haken vor Devices.

Anschließend bitte MBAR ausführen:

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Grant · 31.05.2013, 22:27

Hey Cosinus,
hier ist schon mal die Logdatei von Gmer:

Code:

ATTFilter

GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-05-31 23:24:15
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.JE3O 465,76GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Grant\AppData\Local\Temp\fgtyypog.sys


---- Kernel code sections - GMER 2.1 ----

INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 560                                                                         fffff800035fe000 45 bytes [00, 00, 13, 02, 46, 69, 6C, ...]
INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 607                                                                         fffff800035fe02f 16 bytes [00, 00, 00, 00, 00, 00, 00, ...]

---- User code sections - GMER 2.1 ----

.text     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2052] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69            0000000076861465 2 bytes [86, 76]
.text     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2052] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155           00000000768614bb 2 bytes [86, 76]
.text     ...                                                                                                                                        * 2
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\SysWOW64\ntdll.dll!NtCreateUserProcess      00000000771e08fc 4 bytes [68, A0, CF, 25]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\SysWOW64\ntdll.dll!NtCreateUserProcess + 5  00000000771e0901 1 byte [C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\SysWOW64\ntdll.dll!NtdllDefWindowProc_W     00000000771f25fd 6 bytes [68, BD, 57, 26, 00, C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\SysWOW64\ntdll.dll!LdrLoadDll               00000000771fc45a 6 bytes [68, CB, D0, 25, 00, C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\SysWOW64\ntdll.dll!NtdllDefWindowProc_A     0000000077202a63 6 bytes [68, 03, 58, 26, 00, C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\SysWOW64\ntdll.dll!NtdllDialogWndProc_W     0000000077224128 6 bytes [68, 49, 58, 26, 00, C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\SysWOW64\ntdll.dll!NtdllDialogWndProc_A     000000007722e659 6 bytes [68, 8F, 58, 26, 00, C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\KERNEL32.dll!GetFileAttributesExW  000000007659455c 6 bytes [68, 34, D3, 25, 00, C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\KERNEL32.dll!ExitProcess           00000000765979f8 6 bytes [68, F3, D2, 25, 00, C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!GetDC                   00000000762172c4 4 bytes [68, 92, 18, 25]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!GetDC + 5               00000000762172c9 1 byte [C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!ReleaseDC               0000000076217446 6 bytes [68, 10, 19, 25, 00, C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!TranslateMessage        0000000076217809 6 bytes [68, A5, 5D, 26, 00, C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!GetMessageW             00000000762178e2 6 bytes [68, 22, DE, 25, 00, C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!GetMessageA             0000000076217bd3 6 bytes [68, 4A, DE, 25, 00, C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!GetWindowDC             0000000076218048 4 bytes [68, D1, 18, 25]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!GetWindowDC + 5         000000007621804d 1 byte [C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!RegisterClassW          0000000076218a65 6 bytes [68, C1, 5A, 26, 00, C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!RegisterClassExW        000000007621b17d 6 bytes [68, 5B, 5B, 26, 00, C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!RegisterClassExA        000000007621db98 6 bytes [68, AD, 5B, 26, 00, C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!PeekMessageW            00000000762205ba 6 bytes [68, 72, DE, 25, 00, C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!CallWindowProcW         0000000076220d32 6 bytes [68, F3, 59, 26, 00, C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!GetCursorPos            0000000076221218 6 bytes [68, 55, DC, 25, 00, C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!EndPaint                0000000076221341 4 bytes [68, F7, 17, 25]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!EndPaint + 5            0000000076221346 1 byte [C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!BeginPaint              0000000076221361 4 bytes [68, 87, 17, 25]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!BeginPaint + 5          0000000076221366 1 byte [C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!GetMessagePos           0000000076222a8d 6 bytes [68, 23, DC, 25, 00, C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!GetCapture              0000000076222aac 6 bytes [68, 83, DD, 25, 00, C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!GetDCEx                 0000000076223391 4 bytes [68, 37, 18, 25]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!GetDCEx + 5             0000000076223396 1 byte [C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!RegisterClassA          000000007622434b 6 bytes [68, 0E, 5B, 26, 00, C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!PeekMessageA            0000000076225f74 6 bytes [68, 9D, DE, 25, 00, C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!GetUpdateRgn            0000000076226222 6 bytes [68, E3, 19, 25, 00, C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!CallWindowProcA         000000007622792f 6 bytes [68, 3C, 5A, 26, 00, C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!DefFrameProcA           0000000076227fbb 6 bytes [68, 1E, 59, 26, 00, C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!DefMDIChildProcA        000000007622810c 6 bytes [68, AD, 59, 26, 00, C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!DefFrameProcW           00000000762285c1 6 bytes [68, D5, 58, 26, 00, C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!DefMDIChildProcW        00000000762286b4 6 bytes [68, 67, 59, 26, 00, C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!GetUpdateRect           000000007623d41f 6 bytes [68, 50, 19, 25, 00, C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!ReleaseCapture          000000007623ed49 6 bytes [68, 33, DD, 25, 00, C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!SetCapture              000000007623ed56 4 bytes [68, D9, DC, 25]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!SetCapture + 5          000000007623ed5b 1 byte [C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!SwitchDesktop           0000000076259854 6 bytes [68, 9F, 57, 26, 00, C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!SetCursorPos            0000000076259cfd 6 bytes [68, 9C, DC, 25, 00, C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!GetClipboardData        0000000076259f1d 6 bytes [68, 54, 5F, 26, 00, C3]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!OpenInputDesktop        00000000762787cb 4 bytes [68, 4F, 57, 26]
.text     C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[4260] C:\Windows\syswow64\USER32.dll!OpenInputDesktop + 5    00000000762787d0 1 byte [C3]
.text     C:\Program Files (x86)\iTunes\iTunesHelper.exe[5012] C:\Windows\SysWOW64\ntdll.dll!NtCreateUserProcess                                     00000000771e08fc 4 bytes [68, A0, CF, 06]
.text     C:\Program Files (x86)\iTunes\iTunesHelper.exe[5012] C:\Windows\SysWOW64\ntdll.dll!NtCreateUserProcess + 5                                 00000000771e0901 1 byte [C3]
.text     C:\Program Files (x86)\iTunes\iTunesHelper.exe[5012] C:\Windows\SysWOW64\ntdll.dll!NtdllDefWindowProc_W                                    00000000771f25fd 6 bytes [68, BD, 57, 07, 00, C3]
.text     C:\Program Files (x86)\iTunes\iTunesHelper.exe[5012] C:\Windows\SysWOW64\ntdll.dll!LdrLoadDll                                              00000000771fc45a 6 bytes [68, CB, D0, 06, 00, C3]
.text     C:\Program Files (x86)\iTunes\iTunesHelper.exe[5012] C:\Windows\SysWOW64\ntdll.dll!NtdllDefWindowProc_A                                    0000000077202a63 6 bytes [68, 03, 58, 07, 00, C3]
.text     C:\Program Files (x86)\iTunes\iTunesHelper.exe[5012] C:\Windows\SysWOW64\ntdll.dll!NtdllDialogWndProc_W                                    0000000077224128 6 bytes [68, 49, 58, 07, 00, C3]
.text     C:\Program Files (x86)\iTunes\iTunesHelper.exe[5012] C:\Windows\SysWOW64\ntdll.dll!NtdllDialogWndProc_A                                    000000007722e659 6 bytes [68, 8F, 58, 07, 00, C3]
.text     C:\Program Files (x86)\iTunes\iTunesHelper.exe[5012] C:\Windows\syswow64\kernel32.dll!GetFileAttributesExW                                 000000007659455c 6 bytes [68, 34, D3, 06, 00, C3]
.text     C:\Program Files (x86)\iTunes\iTunesHelper.exe[5012] C:\Windows\syswow64\kernel32.dll!ExitProcess                                          00000000765979f8 6 bytes [68, F3, D2, 06, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\SysWOW64\ntdll.dll!NtCreateUserProcess                                       00000000771e08fc 4 bytes [68, A0, CF, 43]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\SysWOW64\ntdll.dll!NtCreateUserProcess + 5                                   00000000771e0901 1 byte [C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\SysWOW64\ntdll.dll!NtdllDefWindowProc_W                                      00000000771f25fd 6 bytes [68, BD, 57, 44, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\SysWOW64\ntdll.dll!LdrLoadDll                                                00000000771fc45a 6 bytes [68, CB, D0, 43, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\SysWOW64\ntdll.dll!NtdllDefWindowProc_A                                      0000000077202a63 6 bytes [68, 03, 58, 44, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\SysWOW64\ntdll.dll!NtdllDialogWndProc_W                                      0000000077224128 6 bytes [68, 49, 58, 44, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\SysWOW64\ntdll.dll!NtdllDialogWndProc_A                                      000000007722e659 6 bytes [68, 8F, 58, 44, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\kernel32.dll!GetFileAttributesExW                                   000000007659455c 6 bytes [68, 34, D3, 43, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\kernel32.dll!ExitProcess                                            00000000765979f8 6 bytes [68, F3, D2, 43, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!GetDC                                                    00000000762172c4 4 bytes [68, 92, 18, 43]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!GetDC + 5                                                00000000762172c9 1 byte [C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!ReleaseDC                                                0000000076217446 6 bytes [68, 10, 19, 43, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!TranslateMessage                                         0000000076217809 6 bytes [68, A5, 5D, 44, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!GetMessageW                                              00000000762178e2 6 bytes [68, 22, DE, 43, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!GetMessageA                                              0000000076217bd3 6 bytes [68, 4A, DE, 43, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!GetWindowDC                                              0000000076218048 4 bytes [68, D1, 18, 43]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!GetWindowDC + 5                                          000000007621804d 1 byte [C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!RegisterClassW                                           0000000076218a65 6 bytes [68, C1, 5A, 44, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!RegisterClassExW                                         000000007621b17d 6 bytes [68, 5B, 5B, 44, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!RegisterClassExA                                         000000007621db98 6 bytes [68, AD, 5B, 44, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!PeekMessageW                                             00000000762205ba 6 bytes [68, 72, DE, 43, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!CallWindowProcW                                          0000000076220d32 6 bytes [68, F3, 59, 44, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!GetCursorPos                                             0000000076221218 6 bytes [68, 55, DC, 43, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!EndPaint                                                 0000000076221341 4 bytes [68, F7, 17, 43]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!EndPaint + 5                                             0000000076221346 1 byte [C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!BeginPaint                                               0000000076221361 4 bytes [68, 87, 17, 43]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!BeginPaint + 5                                           0000000076221366 1 byte [C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!GetMessagePos                                            0000000076222a8d 6 bytes [68, 23, DC, 43, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!GetCapture                                               0000000076222aac 6 bytes [68, 83, DD, 43, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!GetDCEx                                                  0000000076223391 4 bytes [68, 37, 18, 43]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!GetDCEx + 5                                              0000000076223396 1 byte [C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!RegisterClassA                                           000000007622434b 6 bytes [68, 0E, 5B, 44, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!PeekMessageA                                             0000000076225f74 6 bytes [68, 9D, DE, 43, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!GetUpdateRgn                                             0000000076226222 6 bytes [68, E3, 19, 43, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!CallWindowProcA                                          000000007622792f 6 bytes [68, 3C, 5A, 44, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!DefFrameProcA                                            0000000076227fbb 6 bytes [68, 1E, 59, 44, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!DefMDIChildProcA                                         000000007622810c 6 bytes [68, AD, 59, 44, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!DefFrameProcW                                            00000000762285c1 6 bytes [68, D5, 58, 44, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!DefMDIChildProcW                                         00000000762286b4 6 bytes [68, 67, 59, 44, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!GetUpdateRect                                            000000007623d41f 6 bytes [68, 50, 19, 43, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!ReleaseCapture                                           000000007623ed49 6 bytes [68, 33, DD, 43, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!SetCapture                                               000000007623ed56 4 bytes [68, D9, DC, 43]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!SetCapture + 5                                           000000007623ed5b 1 byte [C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!SwitchDesktop                                            0000000076259854 6 bytes [68, 9F, 57, 44, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!SetCursorPos                                             0000000076259cfd 6 bytes [68, 9C, DC, 43, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!GetClipboardData                                         0000000076259f1d 6 bytes [68, 54, 5F, 44, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!OpenInputDesktop                                         00000000762787cb 4 bytes [68, 4F, 57, 44]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\USER32.dll!OpenInputDesktop + 5                                     00000000762787d0 1 byte [C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\ADVAPI32.dll!CreateProcessAsUserW                                   000000007591c592 6 bytes [68, B1, D3, 43, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\ADVAPI32.dll!CreateProcessAsUserA                                   0000000075952538 6 bytes [68, 9A, D3, 43, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\WS2_32.dll!closesocket                                              0000000075c83918 6 bytes [68, 27, E3, 43, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\WS2_32.dll!getaddrinfo                                              0000000075c84296 6 bytes [68, 38, DF, 43, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\WS2_32.dll!WSASend                                                  0000000075c84406 6 bytes [68, 80, E3, 43, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\WS2_32.dll!send                                                     0000000075c86f01 6 bytes [68, 5F, E3, 43, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\WS2_32.dll!gethostbyname                                            0000000075c97673 6 bytes [68, C8, DE, 43, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\CRYPT32.dll!PFXImportCertStore                                      0000000075db1224 6 bytes [68, 89, 7E, 43, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\WININET.dll!InternetCloseHandle                                     0000000076053cc2 6 bytes [68, DC, 08, 44, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\WININET.dll!HttpQueryInfoA                                          0000000076056ab7 6 bytes [68, 7C, 0A, 44, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\WININET.dll!HttpSendRequestW                                        00000000760576e6 6 bytes [68, 62, 06, 44, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\WININET.dll!HttpOpenRequestW                                        0000000076057e1d 6 bytes [68, DA, 05, 44, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\WININET.dll!InternetQueryDataAvailable                              00000000760aa1ad 6 bytes [68, 50, 0A, 44, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\WININET.dll!InternetReadFile                                        00000000760aa5ef 6 bytes [68, 49, 09, 44, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\WININET.dll!InternetReadFileExA                                     00000000760b1aa2 6 bytes [68, 77, 09, 44, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\WININET.dll!HttpSendRequestExW                                      00000000760ba74d 6 bytes [68, 0C, 07, 44, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\WININET.dll!HttpEndRequestA                                         00000000760bad40 6 bytes [68, 46, 08, 44, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\WININET.dll!InternetSetFilePointer                                  00000000760dad1d 6 bytes [68, F6, 09, 44, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\WININET.dll!HttpEndRequestW                                         00000000761256ed 6 bytes [68, 91, 08, 44, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\WININET.dll!HttpSendRequestExA                                      00000000761257a6 6 bytes [68, A9, 07, 44, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\WININET.dll!HttpSendRequestA                                        0000000076125876 6 bytes [68, B7, 06, 44, 00, C3]
.text     C:\Program Files\Sony\VAIO Care\listener.exe[2180] C:\Windows\syswow64\WININET.dll!HttpOpenRequestA                                        0000000076125b15 6 bytes [68, 1E, 06, 44, 00, C3]

---- Registry - GMER 2.1 ----

Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\08edb9b5b596                                                                
Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\08edb9b9519a                                                                
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\08edb9b5b596 (not active ControlSet)                                            
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\08edb9b9519a (not active ControlSet)                                            

---- EOF - GMER 2.1 ----

Ich führe jetzt dann noch MBAR aus.

Bei MBAR wurde nichts "bösartiges" gefunden, so die Meldung...
Hier die Logdatei:

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.06.0.1003
www.malwarebytes.org

Database version: v2013.05.31.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16576
Grant :: GRANT-VAIO [administrator]

31.05.2013 23:33:33
mbar-log-2013-05-31 (23-33-33).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: Deep Anti-Rootkit Scan | PUP
Objects scanned: 247465
Time elapsed: 31 minute(s), 15 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

cosinus · 01.06.2013, 00:49

aswMBR

Downloade dir bitte

aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe - (aswMBR.exe Anleitung)
Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS-Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

TDSS-Killer

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Grant · 01.06.2013, 10:46

Guten Morgen!
Hier die Logdatei von aswMBR:

Code:

ATTFilter

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-06-01 11:26:00
-----------------------------
11:26:00.322    OS Version: Windows x64 6.1.7601 Service Pack 1
11:26:00.322    Number of processors: 2 586 0x2A07
11:26:00.322    ComputerName: GRANT-VAIO  UserName: Grant
11:26:01.679    Initialize success
11:27:14.752    AVAST engine defs: 13053101
11:28:58.589    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
11:28:58.589    Disk 0 Vendor: Hitachi_ JE3O Size: 476940MB BusType: 3
11:28:58.714    Disk 0 MBR read successfully
11:28:58.714    Disk 0 MBR scan
11:28:58.729    Disk 0 Windows 7 default MBR code
11:28:58.729    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        17058 MB offset 2048
11:28:58.745    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS          350 MB offset 34936832
11:28:58.760    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       459530 MB offset 35653632
11:28:59.072    Disk 0 scanning C:\Windows\system32\drivers
11:29:13.331    Service scanning
11:29:50.396    Modules scanning
11:29:50.412    Disk 0 trace - called modules:
11:29:50.459    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll 
11:29:50.474    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007180060]
11:29:50.490    3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004af6050]
11:29:51.754    AVAST engine scan C:\Windows
11:29:55.607    AVAST engine scan C:\Windows\system32
11:32:42.465    AVAST engine scan C:\Windows\system32\drivers
11:32:58.408    AVAST engine scan C:\Users\Grant
11:40:27.348    AVAST engine scan C:\ProgramData
11:42:40.011    Scan finished successfully
11:43:30.930    Disk 0 MBR has been saved successfully to "C:\Users\Grant\Desktop\MBR.dat"
11:43:30.930    The log file has been saved successfully to "C:\Users\Grant\Desktop\aswMBR.txt"

Und hier TDSS-Killer:

Code:

ATTFilter

11:49:11.0015 2976  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:49:13.0027 2976  ============================================================
11:49:13.0027 2976  Current date / time: 2013/06/01 11:49:13.0027
11:49:13.0027 2976  SystemInfo:
11:49:13.0027 2976  
11:49:13.0027 2976  OS Version: 6.1.7601 ServicePack: 1.0
11:49:13.0027 2976  Product type: Workstation
11:49:13.0027 2976  ComputerName: GRANT-VAIO
11:49:13.0027 2976  UserName: Grant
11:49:13.0027 2976  Windows directory: C:\Windows
11:49:13.0027 2976  System windows directory: C:\Windows
11:49:13.0027 2976  Running under WOW64
11:49:13.0027 2976  Processor architecture: Intel x64
11:49:13.0027 2976  Number of processors: 2
11:49:13.0027 2976  Page size: 0x1000
11:49:13.0027 2976  Boot type: Normal boot
11:49:13.0027 2976  ============================================================
11:49:13.0745 2976  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:49:13.0760 2976  ============================================================
11:49:13.0760 2976  \Device\Harddisk0\DR0:
11:49:13.0776 2976  MBR partitions:
11:49:13.0776 2976  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2151800, BlocksNum 0xAF000
11:49:13.0776 2976  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2200800, BlocksNum 0x38185030
11:49:13.0776 2976  ============================================================
11:49:13.0823 2976  C: <-> \Device\Harddisk0\DR0\Partition2
11:49:13.0823 2976  ============================================================
11:49:13.0823 2976  Initialize success
11:49:13.0823 2976  ============================================================
11:50:06.0521 8944  ============================================================
11:50:06.0521 8944  Scan started
11:50:06.0521 8944  Mode: Manual; SigCheck; TDLFS; 
11:50:06.0521 8944  ============================================================
11:50:06.0692 8944  ================ Scan system memory ========================
11:50:06.0692 8944  System memory - ok
11:50:06.0692 8944  ================ Scan services =============================
11:50:07.0004 8944  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:50:07.0207 8944  1394ohci - ok
11:50:07.0316 8944  [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
11:50:07.0363 8944  ACDaemon - ok
11:50:07.0410 8944  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:50:07.0441 8944  ACPI - ok
11:50:07.0488 8944  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:50:07.0582 8944  AcpiPmi - ok
11:50:07.0706 8944  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:50:07.0738 8944  AdobeFlashPlayerUpdateSvc - ok
11:50:07.0800 8944  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
11:50:07.0847 8944  adp94xx - ok
11:50:07.0878 8944  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
11:50:07.0909 8944  adpahci - ok
11:50:07.0940 8944  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
11:50:07.0956 8944  adpu320 - ok
11:50:07.0987 8944  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:50:08.0128 8944  AeLookupSvc - ok
11:50:08.0174 8944  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
11:50:08.0252 8944  AFD - ok
11:50:08.0284 8944  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
11:50:08.0299 8944  agp440 - ok
11:50:08.0330 8944  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
11:50:08.0377 8944  ALG - ok
11:50:08.0408 8944  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:50:08.0424 8944  aliide - ok
11:50:08.0471 8944  [ 3BCC907366522A9E051B517678C2D4F9 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
11:50:08.0518 8944  AMD External Events Utility - ok
11:50:08.0549 8944  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
11:50:08.0564 8944  amdide - ok
11:50:08.0611 8944  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
11:50:08.0689 8944  AmdK8 - ok
11:50:08.0939 8944  [ 616B6715B90445402138389E6C024203 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
11:50:09.0251 8944  amdkmdag - ok
11:50:09.0282 8944  [ EBFD5E4723D51B69C9BD907168C6F5C1 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
11:50:09.0313 8944  amdkmdap - ok
11:50:09.0344 8944  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
11:50:09.0407 8944  AmdPPM - ok
11:50:09.0438 8944  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:50:09.0454 8944  amdsata - ok
11:50:09.0500 8944  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
11:50:09.0532 8944  amdsbs - ok
11:50:09.0563 8944  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:50:09.0578 8944  amdxata - ok
11:50:09.0610 8944  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
11:50:09.0766 8944  AppID - ok
11:50:09.0812 8944  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:50:09.0875 8944  AppIDSvc - ok
11:50:09.0922 8944  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
11:50:10.0000 8944  Appinfo - ok
11:50:10.0078 8944  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:50:10.0109 8944  Apple Mobile Device - ok
11:50:10.0156 8944  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
11:50:10.0202 8944  arc - ok
11:50:10.0202 8944  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
11:50:10.0234 8944  arcsas - ok
11:50:10.0265 8944  [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
11:50:10.0280 8944  ArcSoftKsUFilter - ok
11:50:10.0358 8944  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:50:10.0421 8944  aspnet_state - ok
11:50:10.0452 8944  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:50:10.0530 8944  AsyncMac - ok
11:50:10.0561 8944  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
11:50:10.0577 8944  atapi - ok
11:50:10.0608 8944  [ BCC09E0B0362741D0C084828A1B950F3 ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
11:50:10.0670 8944  AthBTPort - ok
11:50:10.0733 8944  [ 4119870B90E1B5E7797D6433D21F9216 ] ATHDFU          C:\Windows\System32\Drivers\AthDfu.sys
11:50:10.0811 8944  ATHDFU - ok
11:50:10.0873 8944  [ 1FDE0AAAEA06519AAE98CCF24715B765 ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
11:50:10.0904 8944  AtherosSvc ( UnsignedFile.Multi.Generic ) - warning
11:50:10.0904 8944  AtherosSvc - detected UnsignedFile.Multi.Generic (1)
11:50:11.0014 8944  [ 237EE0B7A65D55E08EB7530F77423480 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
11:50:11.0076 8944  athr - ok
11:50:11.0138 8944  [ 2B3B05C0A7768BF033217EB8F33F9C35 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
11:50:11.0138 8944  AtiHDAudioService - ok
11:50:11.0185 8944  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:50:11.0263 8944  AudioEndpointBuilder - ok
11:50:11.0279 8944  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:50:11.0326 8944  AudioSrv - ok
11:50:11.0357 8944  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:50:11.0450 8944  AxInstSV - ok
11:50:11.0497 8944  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
11:50:11.0544 8944  b06bdrv - ok
11:50:11.0591 8944  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:50:11.0622 8944  b57nd60a - ok
11:50:11.0684 8944  [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
11:50:11.0700 8944  BBSvc - ok
11:50:11.0747 8944  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:50:11.0809 8944  BDESVC - ok
11:50:11.0840 8944  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:50:11.0918 8944  Beep - ok
11:50:11.0965 8944  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
11:50:12.0043 8944  BFE - ok
11:50:12.0074 8944  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
11:50:12.0152 8944  BITS - ok
11:50:12.0184 8944  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
11:50:12.0246 8944  blbdrive - ok
11:50:12.0324 8944  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:50:12.0355 8944  Bonjour Service - ok
11:50:12.0371 8944  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:50:12.0449 8944  bowser - ok
11:50:12.0480 8944  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
11:50:12.0558 8944  BrFiltLo - ok
11:50:12.0574 8944  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
11:50:12.0589 8944  BrFiltUp - ok
11:50:12.0652 8944  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
11:50:12.0714 8944  BridgeMP - ok
11:50:12.0808 8944  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
11:50:12.0901 8944  Browser - ok
11:50:12.0917 8944  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:50:12.0979 8944  Brserid - ok
11:50:13.0026 8944  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:50:13.0057 8944  BrSerWdm - ok
11:50:13.0073 8944  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:50:13.0104 8944  BrUsbMdm - ok
11:50:13.0135 8944  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:50:13.0166 8944  BrUsbSer - ok
11:50:13.0198 8944  [ 9455A8F85BE24514E50AFE90D4C976DB ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
11:50:13.0244 8944  BTATH_A2DP - ok
11:50:13.0244 8944  [ 2D27F7A831657D63AFC78E5E78DCA83F ] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys
11:50:13.0291 8944  btath_avdt - ok
11:50:13.0322 8944  [ E6B734A37ADE36FE1A77035F4E484C8C ] BTATH_BUS       C:\Windows\system32\drivers\btath_bus.sys
11:50:13.0369 8944  BTATH_BUS - ok
11:50:13.0416 8944  [ FB3833E63FF602B69C2FF085846DCF43 ] BTATH_HCRP      C:\Windows\system32\drivers\btath_hcrp.sys
11:50:13.0463 8944  BTATH_HCRP - ok
11:50:13.0494 8944  [ 371A11C1333BA526263A987A93ACDE3D ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
11:50:13.0525 8944  BTATH_LWFLT - ok
11:50:13.0556 8944  [ ABCD3C16CA850A7594CEB9AD5D966810 ] BTATH_RCP       C:\Windows\system32\drivers\btath_rcp.sys
11:50:13.0619 8944  BTATH_RCP - ok
11:50:13.0681 8944  [ 680BE9ED6431DAFA844F5F7B61B11F9A ] BTATH_VDP       C:\Windows\system32\drivers\btath_vdp.sys
11:50:13.0728 8944  BTATH_VDP - ok
11:50:13.0775 8944  [ EA92CE309DD24F489FDB149847AE6835 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
11:50:13.0837 8944  BtFilter - ok
11:50:13.0868 8944  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
11:50:13.0946 8944  BthEnum - ok
11:50:13.0978 8944  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
11:50:14.0024 8944  BTHMODEM - ok
11:50:14.0040 8944  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
11:50:14.0087 8944  BthPan - ok
11:50:14.0134 8944  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
11:50:14.0180 8944  BTHPORT - ok
11:50:14.0212 8944  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
11:50:14.0258 8944  bthserv - ok
11:50:14.0290 8944  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
11:50:14.0321 8944  BTHUSB - ok
11:50:14.0336 8944  catchme - ok
11:50:14.0368 8944  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:50:14.0430 8944  cdfs - ok
11:50:14.0461 8944  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
11:50:14.0477 8944  cdrom - ok
11:50:14.0508 8944  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
11:50:14.0539 8944  CertPropSvc - ok
11:50:14.0586 8944  [ 274CE03459896006F7A5069266E0469E ] cfwids          C:\Windows\system32\drivers\cfwids.sys
11:50:14.0617 8944  cfwids - ok
11:50:14.0648 8944  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
11:50:14.0695 8944  circlass - ok
11:50:14.0726 8944  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
11:50:14.0758 8944  CLFS - ok
11:50:14.0820 8944  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:50:14.0851 8944  clr_optimization_v2.0.50727_32 - ok
11:50:14.0914 8944  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:50:14.0960 8944  clr_optimization_v2.0.50727_64 - ok
11:50:15.0038 8944  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:50:15.0132 8944  clr_optimization_v4.0.30319_32 - ok
11:50:15.0179 8944  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:50:15.0210 8944  clr_optimization_v4.0.30319_64 - ok
11:50:15.0241 8944  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
11:50:15.0272 8944  CmBatt - ok
11:50:15.0304 8944  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:50:15.0319 8944  cmdide - ok
11:50:15.0366 8944  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
11:50:15.0397 8944  CNG - ok
11:50:15.0428 8944  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
11:50:15.0444 8944  Compbatt - ok
11:50:15.0491 8944  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
11:50:15.0522 8944  CompositeBus - ok
11:50:15.0538 8944  COMSysApp - ok
11:50:15.0584 8944  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
11:50:15.0600 8944  crcdisk - ok
11:50:15.0616 8944  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:50:15.0662 8944  CryptSvc - ok
11:50:15.0772 8944  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
11:50:15.0818 8944  cvhsvc - ok
11:50:15.0928 8944  [ 461A0688205D088D2A2EBEEDEE81622E ] DCDhcpService   C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
11:50:15.0959 8944  DCDhcpService - ok
11:50:16.0006 8944  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:50:16.0068 8944  DcomLaunch - ok
11:50:16.0099 8944  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
11:50:16.0162 8944  defragsvc - ok
11:50:16.0208 8944  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:50:16.0318 8944  DfsC - ok
11:50:16.0364 8944  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:50:16.0427 8944  Dhcp - ok
11:50:16.0442 8944  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
11:50:16.0489 8944  discache - ok
11:50:16.0520 8944  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
11:50:16.0536 8944  Disk - ok
11:50:16.0567 8944  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:50:16.0676 8944  Dnscache - ok
11:50:16.0692 8944  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:50:16.0723 8944  dot3svc - ok
11:50:16.0739 8944  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
11:50:16.0786 8944  DPS - ok
11:50:16.0832 8944  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:50:16.0879 8944  drmkaud - ok
11:50:16.0957 8944  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:50:16.0988 8944  DXGKrnl - ok
11:50:17.0035 8944  [ 50AD8FC1DC800FF36087994C8F7FDFF2 ] e1yexpress      C:\Windows\system32\DRIVERS\e1y60x64.sys
11:50:17.0082 8944  e1yexpress - ok
11:50:17.0113 8944  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
11:50:17.0191 8944  EapHost - ok
11:50:17.0285 8944  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
11:50:17.0410 8944  ebdrv - ok
11:50:17.0441 8944  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
11:50:17.0503 8944  EFS - ok
11:50:17.0566 8944  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:50:17.0628 8944  ehRecvr - ok
11:50:17.0659 8944  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
11:50:17.0690 8944  ehSched - ok
11:50:17.0737 8944  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
11:50:17.0768 8944  elxstor - ok
11:50:17.0784 8944  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:50:17.0831 8944  ErrDev - ok
11:50:17.0862 8944  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
11:50:17.0924 8944  EventSystem - ok
11:50:17.0956 8944  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
11:50:17.0987 8944  exfat - ok
11:50:18.0002 8944  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:50:18.0049 8944  fastfat - ok
11:50:18.0096 8944  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
11:50:18.0158 8944  Fax - ok
11:50:18.0158 8944  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
11:50:18.0205 8944  fdc - ok
11:50:18.0221 8944  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
11:50:18.0268 8944  fdPHost - ok
11:50:18.0268 8944  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:50:18.0330 8944  FDResPub - ok
11:50:18.0346 8944  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:50:18.0361 8944  FileInfo - ok
11:50:18.0377 8944  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:50:18.0424 8944  Filetrace - ok
11:50:18.0455 8944  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
11:50:18.0470 8944  flpydisk - ok
11:50:18.0486 8944  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:50:18.0502 8944  FltMgr - ok
11:50:18.0548 8944  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
11:50:18.0611 8944  FontCache - ok
11:50:18.0720 8944  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:50:18.0751 8944  FontCache3.0.0.0 - ok
11:50:18.0798 8944  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:50:18.0829 8944  FsDepends - ok
11:50:18.0860 8944  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:50:18.0892 8944  Fs_Rec - ok
11:50:18.0907 8944  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:50:18.0938 8944  fvevol - ok
11:50:18.0970 8944  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
11:50:18.0985 8944  gagp30kx - ok
11:50:19.0048 8944  [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
11:50:19.0079 8944  GamesAppService - ok
11:50:19.0126 8944  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:50:19.0141 8944  GEARAspiWDM - ok
11:50:19.0188 8944  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
11:50:19.0250 8944  gpsvc - ok
11:50:19.0282 8944  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:50:19.0344 8944  hcw85cir - ok
11:50:19.0391 8944  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:50:19.0484 8944  HdAudAddService - ok
11:50:19.0516 8944  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
11:50:19.0531 8944  HDAudBus - ok
11:50:19.0547 8944  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
11:50:19.0578 8944  HidBatt - ok
11:50:19.0594 8944  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
11:50:19.0625 8944  HidBth - ok
11:50:19.0656 8944  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
11:50:19.0672 8944  HidIr - ok
11:50:19.0687 8944  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
11:50:19.0750 8944  hidserv - ok
11:50:19.0781 8944  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
11:50:19.0796 8944  HidUsb - ok
11:50:19.0828 8944  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:50:19.0859 8944  hkmsvc - ok
11:50:19.0890 8944  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:50:19.0937 8944  HomeGroupListener - ok
11:50:19.0968 8944  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:50:20.0015 8944  HomeGroupProvider - ok
11:50:20.0046 8944  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:50:20.0077 8944  HpSAMD - ok
11:50:20.0108 8944  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:50:20.0155 8944  HTTP - ok
11:50:20.0171 8944  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:50:20.0171 8944  hwpolicy - ok
11:50:20.0218 8944  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
11:50:20.0249 8944  i8042prt - ok
11:50:20.0280 8944  [ C224331A54571C8C9162F7714400BBBD ] iaStor          C:\Windows\system32\drivers\iaStor.sys
11:50:20.0296 8944  iaStor - ok
11:50:20.0389 8944  [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
11:50:20.0420 8944  IAStorDataMgrSvc - ok
11:50:20.0452 8944  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:50:20.0545 8944  iaStorV - ok
11:50:20.0639 8944  [ 3CC7B3BB1A9EA201A040883EDFAA67A0 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
11:50:20.0717 8944  IconMan_R - ok
11:50:20.0764 8944  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:50:20.0842 8944  idsvc - ok
11:50:20.0873 8944  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
11:50:20.0888 8944  iirsp - ok
11:50:20.0920 8944  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
11:50:20.0998 8944  IKEEXT - ok
11:50:21.0154 8944  [ 602788BF364D43E5878AA1B4F85C232B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:50:21.0325 8944  IntcAzAudAddService - ok
11:50:21.0372 8944  [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel(R) Capability Licensing Service Interface c:\Program Files\Intel\iCLS Client\HeciServer.exe
11:50:21.0403 8944  Intel(R) Capability Licensing Service Interface - ok
11:50:21.0450 8944  [ 9571D8BDB56EBC52280E8020574508E6 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
11:50:21.0481 8944  Intel(R) ME Service - ok
11:50:21.0497 8944  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
11:50:21.0512 8944  intelide - ok
11:50:21.0544 8944  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
11:50:21.0590 8944  intelppm - ok
11:50:21.0637 8944  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:50:21.0684 8944  IPBusEnum - ok
11:50:21.0715 8944  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:50:21.0762 8944  IpFilterDriver - ok
11:50:21.0778 8944  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:50:21.0856 8944  iphlpsvc - ok
11:50:21.0887 8944  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:50:21.0980 8944  IPMIDRV - ok
11:50:22.0027 8944  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:50:22.0074 8944  IPNAT - ok
11:50:22.0136 8944  [ 0F261EC4F514926177C70C1832374231 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
11:50:22.0183 8944  iPod Service - ok
11:50:22.0214 8944  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:50:22.0261 8944  IRENUM - ok
11:50:22.0277 8944  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:50:22.0292 8944  isapnp - ok
11:50:22.0324 8944  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:50:22.0339 8944  iScsiPrt - ok
11:50:22.0386 8944  [ 6BCEF45131C8B8E1C558BE540B190B3C ] iusb3hcs        C:\Windows\system32\drivers\iusb3hcs.sys
11:50:22.0386 8944  iusb3hcs - ok
11:50:22.0417 8944  [ F080EADA8715F811B58BD35BB774F2F9 ] iusb3hub        C:\Windows\system32\drivers\iusb3hub.sys
11:50:22.0433 8944  iusb3hub - ok
11:50:22.0480 8944  [ 0F1756D9396740F053221FA6260FCE66 ] iusb3xhc        C:\Windows\system32\drivers\iusb3xhc.sys
11:50:22.0511 8944  iusb3xhc - ok
11:50:22.0542 8944  [ DBD76BC1D498FE368F2C8CB76C3E00A4 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
11:50:22.0558 8944  jhi_service - ok
11:50:22.0573 8944  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
11:50:22.0604 8944  kbdclass - ok
11:50:22.0651 8944  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
11:50:22.0698 8944  kbdhid - ok
11:50:22.0714 8944  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
11:50:22.0729 8944  KeyIso - ok
11:50:22.0760 8944  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:50:22.0776 8944  KSecDD - ok
11:50:22.0807 8944  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:50:22.0854 8944  KSecPkg - ok
11:50:22.0901 8944  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:50:22.0979 8944  ksthunk - ok
11:50:23.0026 8944  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:50:23.0072 8944  KtmRm - ok
11:50:23.0135 8944  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
11:50:23.0213 8944  LanmanServer - ok
11:50:23.0244 8944  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:50:23.0291 8944  LanmanWorkstation - ok
11:50:23.0338 8944  [ 6CE0F55287EB8E8E472656E84DDCF4EA ] lehidmini       C:\Windows\system32\drivers\leath_hid.sys
11:50:23.0400 8944  lehidmini - ok
11:50:23.0431 8944  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:50:23.0494 8944  lltdio - ok
11:50:23.0540 8944  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:50:23.0634 8944  lltdsvc - ok
11:50:23.0650 8944  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:50:23.0712 8944  lmhosts - ok
11:50:23.0743 8944  [ 86E4CC39C953D11EF57CF54C4DC78238 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:50:23.0759 8944  LMS - ok
11:50:23.0790 8944  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
11:50:23.0806 8944  LSI_FC - ok
11:50:23.0852 8944  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
11:50:23.0884 8944  LSI_SAS - ok
11:50:23.0899 8944  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
11:50:23.0899 8944  LSI_SAS2 - ok
11:50:23.0915 8944  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
11:50:23.0930 8944  LSI_SCSI - ok
11:50:23.0962 8944  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
11:50:24.0008 8944  luafv - ok
11:50:24.0055 8944  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
11:50:24.0086 8944  MBAMProtector - ok
11:50:24.0149 8944  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
11:50:24.0180 8944  MBAMScheduler - ok
11:50:24.0227 8944  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
11:50:24.0305 8944  MBAMService - ok
11:50:24.0367 8944  [ ACB01BF1A905356AB7F978C7FE852209 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:50:24.0414 8944  McAfee SiteAdvisor Service - ok
11:50:24.0461 8944  [ F48571922079BBAB289C57BAFEFE88F3 ] McAWFwk         c:\PROGRA~1\mcafee\msc\mcawfwk.exe
11:50:24.0492 8944  McAWFwk - ok
11:50:24.0492 8944  [ ACB01BF1A905356AB7F978C7FE852209 ] McMPFSvc        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:50:24.0523 8944  McMPFSvc - ok
11:50:24.0539 8944  [ ACB01BF1A905356AB7F978C7FE852209 ] mcmscsvc        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:50:24.0570 8944  mcmscsvc - ok
11:50:24.0570 8944  [ ACB01BF1A905356AB7F978C7FE852209 ] McNaiAnn        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:50:24.0586 8944  McNaiAnn - ok
11:50:24.0601 8944  [ ACB01BF1A905356AB7F978C7FE852209 ] McNASvc         C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:50:24.0617 8944  McNASvc - ok
11:50:24.0664 8944  [ DD2321925274F2902929D76CE2B0EB45 ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe
11:50:24.0695 8944  McODS - ok
11:50:24.0726 8944  [ ACB01BF1A905356AB7F978C7FE852209 ] McOobeSv        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:50:24.0742 8944  McOobeSv - ok
11:50:24.0742 8944  [ ACB01BF1A905356AB7F978C7FE852209 ] McProxy         C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:50:24.0757 8944  McProxy - ok
11:50:24.0788 8944  [ 597C77235621E7DDD32A68574FDE6464 ] McShield        C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
11:50:24.0835 8944  McShield - ok
11:50:24.0866 8944  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:50:24.0913 8944  Mcx2Svc - ok
11:50:24.0944 8944  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
11:50:24.0960 8944  megasas - ok
11:50:25.0007 8944  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
11:50:25.0069 8944  MegaSR - ok
11:50:25.0100 8944  [ 6B01B7414A105B9E51652089A03027CF ] MEIx64          C:\Windows\system32\drivers\HECIx64.sys
11:50:25.0163 8944  MEIx64 - ok
11:50:25.0210 8944  [ 01884CB7655C8908B43FF5E364FE6FD2 ] mfeapfk         C:\Windows\system32\drivers\mfeapfk.sys
11:50:25.0225 8944  mfeapfk - ok
11:50:25.0241 8944  [ DAB9A9CDFB04E4D68924492AA043019D ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
11:50:25.0256 8944  mfeavfk - ok
11:50:25.0303 8944  mfeavfk01 - ok
11:50:25.0319 8944  [ 134BB16F93A07C2C89B0B9C399382BDB ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
11:50:25.0381 8944  mfefire - ok
11:50:25.0412 8944  [ CE9A3680675C0907ADE16404CA967B49 ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys
11:50:25.0428 8944  mfefirek - ok
11:50:25.0475 8944  [ 60CF67458DD29CD17E77F2327B1A9A54 ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
11:50:25.0537 8944  mfehidk - ok
11:50:25.0584 8944  [ A8129CFB919347F8533C934B365E9202 ] mfenlfk         C:\Windows\system32\DRIVERS\mfenlfk.sys
11:50:25.0615 8944  mfenlfk - ok
11:50:25.0678 8944  [ 5041FA2BD2B3A2693B015771BFBF6DCA ] mferkdet        C:\Windows\system32\drivers\mferkdet.sys
11:50:25.0709 8944  mferkdet - ok
11:50:25.0709 8944  [ 4D0ECD05ABB518EA323F651F4AB8458F ] mfevtp          C:\Windows\system32\mfevtps.exe
11:50:25.0740 8944  mfevtp - ok
11:50:25.0756 8944  [ 919C56DB14A0E1E2AB6DA5D2821DC26E ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
11:50:25.0771 8944  mfewfpk - ok
11:50:25.0802 8944  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
11:50:25.0834 8944  MMCSS - ok
11:50:25.0880 8944  [ DB033326180514B9A45612CE14324F5C ] MOBK649backup   C:\Program Files (x86)\McAfee Online Backup\MOBK649backup.exe
11:50:25.0912 8944  MOBK649backup - ok
11:50:25.0943 8944  [ 3C69AA906EE867ADE4437ACD8460B43D ] MOBK649Filter   C:\Windows\system32\DRIVERS\MOBK649.sys
11:50:26.0005 8944  MOBK649Filter - ok
11:50:26.0036 8944  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
11:50:26.0083 8944  Modem - ok
11:50:26.0099 8944  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:50:26.0130 8944  monitor - ok
11:50:26.0161 8944  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
11:50:26.0161 8944  mouclass - ok
11:50:26.0224 8944  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\drivers\mouhid.sys
11:50:26.0255 8944  mouhid - ok
11:50:26.0286 8944  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:50:26.0302 8944  mountmgr - ok
11:50:26.0317 8944  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:50:26.0333 8944  mpio - ok
11:50:26.0348 8944  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:50:26.0380 8944  mpsdrv - ok
11:50:26.0426 8944  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:50:26.0489 8944  MpsSvc - ok
11:50:26.0520 8944  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:50:26.0536 8944  MRxDAV - ok
11:50:26.0551 8944  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:50:26.0598 8944  mrxsmb - ok
11:50:26.0614 8944  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:50:26.0629 8944  mrxsmb10 - ok
11:50:26.0645 8944  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:50:26.0660 8944  mrxsmb20 - ok
11:50:26.0676 8944  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:50:26.0692 8944  msahci - ok
11:50:26.0723 8944  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:50:26.0738 8944  msdsm - ok
11:50:26.0754 8944  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
11:50:26.0785 8944  MSDTC - ok
11:50:26.0816 8944  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:50:26.0863 8944  Msfs - ok
11:50:26.0879 8944  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:50:26.0926 8944  mshidkmdf - ok
11:50:26.0941 8944  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:50:26.0957 8944  msisadrv - ok
11:50:26.0988 8944  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:50:27.0035 8944  MSiSCSI - ok
11:50:27.0035 8944  msiserver - ok
11:50:27.0066 8944  [ ACB01BF1A905356AB7F978C7FE852209 ] MSK80Service    C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:50:27.0082 8944  MSK80Service - ok
11:50:27.0113 8944  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:50:27.0175 8944  MSKSSRV - ok
11:50:27.0191 8944  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:50:27.0222 8944  MSPCLOCK - ok
11:50:27.0238 8944  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:50:27.0269 8944  MSPQM - ok
11:50:27.0300 8944  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:50:27.0316 8944  MsRPC - ok
11:50:27.0347 8944  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
11:50:27.0362 8944  mssmbios - ok
11:50:27.0394 8944  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:50:27.0440 8944  MSTEE - ok
11:50:27.0440 8944  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
11:50:27.0456 8944  MTConfig - ok
11:50:27.0472 8944  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
11:50:27.0518 8944  Mup - ok
11:50:27.0550 8944  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
11:50:27.0612 8944  napagent - ok
11:50:27.0659 8944  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:50:27.0721 8944  NativeWifiP - ok
11:50:27.0768 8944  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:50:27.0799 8944  NDIS - ok
11:50:27.0830 8944  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:50:27.0877 8944  NdisCap - ok
11:50:27.0908 8944  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:50:27.0986 8944  NdisTapi - ok
11:50:28.0018 8944  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:50:28.0064 8944  Ndisuio - ok
11:50:28.0096 8944  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:50:28.0142 8944  NdisWan - ok
11:50:28.0174 8944  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:50:28.0220 8944  NDProxy - ok
11:50:28.0252 8944  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:50:28.0298 8944  NetBIOS - ok
11:50:28.0314 8944  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:50:28.0361 8944  NetBT - ok
11:50:28.0392 8944  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
11:50:28.0408 8944  Netlogon - ok
11:50:28.0439 8944  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
11:50:28.0501 8944  Netman - ok
11:50:28.0548 8944  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:50:28.0564 8944  NetMsmqActivator - ok
11:50:28.0564 8944  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:50:28.0579 8944  NetPipeActivator - ok
11:50:28.0610 8944  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
11:50:28.0657 8944  netprofm - ok
11:50:28.0673 8944  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:50:28.0688 8944  NetTcpActivator - ok
11:50:28.0688 8944  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:50:28.0704 8944  NetTcpPortSharing - ok
11:50:28.0751 8944  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
11:50:28.0766 8944  nfrd960 - ok
11:50:28.0813 8944  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:50:28.0907 8944  NlaSvc - ok
11:50:28.0938 8944  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:50:28.0985 8944  Npfs - ok
11:50:29.0000 8944  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
11:50:29.0047 8944  nsi - ok
11:50:29.0047 8944  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:50:29.0094 8944  nsiproxy - ok
11:50:29.0172 8944  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:50:29.0219 8944  Ntfs - ok
11:50:29.0234 8944  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
11:50:29.0297 8944  Null - ok
11:50:29.0546 8944  [ DD81FBC57AB9134CDDC5CE90880BFD80 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:50:29.0905 8944  nvlddmkm - ok
11:50:29.0921 8944  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:50:29.0936 8944  nvraid - ok
11:50:29.0968 8944  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:50:29.0983 8944  nvstor - ok
11:50:29.0999 8944  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:50:30.0014 8944  nv_agp - ok
11:50:30.0030 8944  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:50:30.0046 8944  ohci1394 - ok
11:50:30.0077 8944  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:50:30.0092 8944  ose - ok
11:50:30.0233 8944  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:50:30.0420 8944  osppsvc - ok
11:50:30.0451 8944  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:50:30.0482 8944  p2pimsvc - ok
11:50:30.0529 8944  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
11:50:30.0560 8944  p2psvc - ok
11:50:30.0607 8944  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
11:50:30.0623 8944  Parport - ok
11:50:30.0654 8944  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:50:30.0670 8944  partmgr - ok
11:50:30.0701 8944  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:50:30.0732 8944  PcaSvc - ok
11:50:30.0763 8944  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
11:50:30.0779 8944  pci - ok
11:50:30.0810 8944  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
11:50:30.0826 8944  pciide - ok
11:50:30.0841 8944  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
11:50:30.0872 8944  pcmcia - ok
11:50:30.0872 8944  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:50:30.0888 8944  pcw - ok
11:50:30.0904 8944  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:50:30.0950 8944  PEAUTH - ok
11:50:31.0044 8944  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:50:31.0091 8944  PerfHost - ok
11:50:31.0153 8944  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
11:50:31.0216 8944  pla - ok
11:50:31.0278 8944  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:50:31.0340 8944  PlugPlay - ok
11:50:31.0450 8944  [ 9C4D0DE187CBC24F658C52EFC93B1C73 ] PMBDeviceInfoProvider c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
11:50:31.0496 8944  PMBDeviceInfoProvider - ok
11:50:31.0512 8944  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:50:31.0543 8944  PNRPAutoReg - ok
11:50:31.0574 8944  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:50:31.0590 8944  PNRPsvc - ok
11:50:31.0606 8944  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:50:31.0668 8944  PolicyAgent - ok
11:50:31.0684 8944  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
11:50:31.0730 8944  Power - ok
11:50:31.0777 8944  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:50:31.0824 8944  PptpMiniport - ok
11:50:31.0855 8944  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
11:50:31.0871 8944  Processor - ok
11:50:31.0902 8944  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:50:31.0933 8944  ProfSvc - ok
11:50:31.0949 8944  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:50:31.0964 8944  ProtectedStorage - ok
11:50:31.0980 8944  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:50:32.0042 8944  Psched - ok
11:50:32.0105 8944  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
11:50:32.0152 8944  ql2300 - ok
11:50:32.0167 8944  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
11:50:32.0183 8944  ql40xx - ok
11:50:32.0214 8944  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
11:50:32.0230 8944  QWAVE - ok
11:50:32.0245 8944  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:50:32.0276 8944  QWAVEdrv - ok
11:50:32.0292 8944  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:50:32.0339 8944  RasAcd - ok
11:50:32.0370 8944  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:50:32.0401 8944  RasAgileVpn - ok
11:50:32.0417 8944  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
11:50:32.0464 8944  RasAuto - ok
11:50:32.0479 8944  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:50:32.0526 8944  Rasl2tp - ok
11:50:32.0557 8944  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
11:50:32.0588 8944  RasMan - ok
11:50:32.0620 8944  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:50:32.0666 8944  RasPppoe - ok
11:50:32.0698 8944  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:50:32.0744 8944  RasSstp - ok
11:50:32.0760 8944  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:50:32.0807 8944  rdbss - ok
11:50:32.0838 8944  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
11:50:32.0854 8944  rdpbus - ok
11:50:32.0869 8944  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:50:32.0916 8944  RDPCDD - ok
11:50:32.0932 8944  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:50:32.0978 8944  RDPENCDD - ok
11:50:32.0994 8944  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:50:33.0041 8944  RDPREFMP - ok
11:50:33.0056 8944  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:50:33.0103 8944  RDPWD - ok
11:50:33.0150 8944  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:50:33.0181 8944  rdyboost - ok
11:50:33.0228 8944  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:50:33.0290 8944  RemoteAccess - ok
11:50:33.0322 8944  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:50:33.0400 8944  RemoteRegistry - ok
11:50:33.0431 8944  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
11:50:33.0462 8944  RFCOMM - ok
11:50:33.0493 8944  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:50:33.0556 8944  RpcEptMapper - ok
11:50:33.0587 8944  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
11:50:33.0602 8944  RpcLocator - ok
11:50:33.0634 8944  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
11:50:33.0665 8944  RpcSs - ok
11:50:33.0712 8944  [ 9BD6DEBC9862FBE0C0467F0633B34962 ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
11:50:33.0743 8944  RSPCIESTOR - ok
11:50:33.0774 8944  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:50:33.0821 8944  rspndr - ok
11:50:33.0868 8944  [ EB8EA1C4C5E076D9EA61FB59960C5830 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
11:50:33.0914 8944  RTL8167 - ok
11:50:33.0930 8944  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
11:50:33.0946 8944  SamSs - ok
11:50:33.0961 8944  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:50:33.0977 8944  sbp2port - ok
11:50:33.0992 8944  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:50:34.0039 8944  SCardSvr - ok
11:50:34.0070 8944  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:50:34.0117 8944  scfilter - ok
11:50:34.0148 8944  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
11:50:34.0226 8944  Schedule - ok
11:50:34.0242 8944  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:50:34.0273 8944  SCPolicySvc - ok
11:50:34.0304 8944  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
11:50:34.0398 8944  sdbus - ok
11:50:34.0414 8944  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:50:34.0445 8944  SDRSVC - ok
11:50:34.0523 8944  [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort         C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
11:50:34.0554 8944  SeaPort - ok
11:50:34.0585 8944  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:50:34.0648 8944  secdrv - ok
11:50:34.0663 8944  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
11:50:34.0726 8944  seclogon - ok
11:50:34.0741 8944  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
11:50:34.0788 8944  SENS - ok
11:50:34.0835 8944  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:50:34.0944 8944  SensrSvc - ok
11:50:34.0960 8944  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
11:50:35.0022 8944  Serenum - ok
11:50:35.0069 8944  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
11:50:35.0116 8944  Serial - ok
11:50:35.0162 8944  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
11:50:35.0178 8944  sermouse - ok
11:50:35.0209 8944  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
11:50:35.0256 8944  SessionEnv - ok
11:50:35.0287 8944  [ 85D0F874734C105D02280B39BF0AD23F ] SFEP            C:\Windows\system32\drivers\SFEP.sys
11:50:35.0318 8944  SFEP - ok
11:50:35.0350 8944  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:50:35.0381 8944  sffdisk - ok
11:50:35.0412 8944  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:50:35.0443 8944  sffp_mmc - ok
11:50:35.0459 8944  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:50:35.0490 8944  sffp_sd - ok
11:50:35.0506 8944  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
11:50:35.0537 8944  sfloppy - ok
11:50:35.0599 8944  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
11:50:35.0662 8944  Sftfs - ok
11:50:35.0724 8944  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
11:50:35.0755 8944  sftlist - ok
11:50:35.0771 8944  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
11:50:35.0786 8944  Sftplay - ok
11:50:35.0818 8944  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
11:50:35.0833 8944  Sftredir - ok
11:50:35.0849 8944  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
11:50:35.0864 8944  Sftvol - ok
11:50:35.0896 8944  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
11:50:35.0911 8944  sftvsa - ok
11:50:35.0942 8944  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:50:36.0005 8944  SharedAccess - ok
11:50:36.0020 8944  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:50:36.0083 8944  ShellHWDetection - ok
11:50:36.0114 8944  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
11:50:36.0114 8944  SiSRaid2 - ok
11:50:36.0130 8944  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
11:50:36.0145 8944  SiSRaid4 - ok
11:50:36.0208 8944  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
11:50:36.0239 8944  SkypeUpdate - ok
11:50:36.0270 8944  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:50:36.0317 8944  Smb - ok
11:50:36.0348 8944  [ AA17A14DA3B572C886D8064C72E9CC50 ] SmbDrv          C:\Windows\system32\drivers\Smb_driver.sys
11:50:36.0379 8944  SmbDrv - ok
11:50:36.0410 8944  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:50:36.0426 8944  SNMPTRAP - ok
11:50:36.0504 8944  [ 4AEA7A1C3CA06D95D6966C34D13C0D8B ] SOHCImp         C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
11:50:36.0535 8944  SOHCImp - ok
11:50:36.0551 8944  [ 16FD95781117E13107D477AE36219E6F ] SOHDs           C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
11:50:36.0566 8944  SOHDs - ok
11:50:36.0598 8944  [ C03E480E63A80D73FABE28D24D3B6B47 ] SpfService      C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
11:50:36.0629 8944  SpfService - ok
11:50:36.0644 8944  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:50:36.0660 8944  spldr - ok
11:50:36.0707 8944  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
11:50:36.0738 8944  Spooler - ok
11:50:36.0847 8944  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
11:50:37.0003 8944  sppsvc - ok
11:50:37.0034 8944  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:50:37.0066 8944  sppuinotify - ok
11:50:37.0097 8944  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:50:37.0128 8944  srv - ok
11:50:37.0144 8944  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:50:37.0190 8944  srv2 - ok
11:50:37.0206 8944  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:50:37.0222 8944  srvnet - ok
11:50:37.0268 8944  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:50:37.0315 8944  SSDPSRV - ok
11:50:37.0315 8944  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:50:37.0362 8944  SstpSvc - ok
11:50:37.0378 8944  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
11:50:37.0393 8944  stexstor - ok
11:50:37.0440 8944  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
11:50:37.0518 8944  stisvc - ok
11:50:37.0549 8944  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
11:50:37.0565 8944  swenum - ok
11:50:37.0596 8944  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
11:50:37.0690 8944  swprv - ok
11:50:37.0736 8944  [ 321EA1320771419C0956DE50F270C3E5 ] SynTP           C:\Windows\system32\drivers\SynTP.sys
11:50:37.0768 8944  SynTP - ok
11:50:37.0814 8944  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
11:50:37.0877 8944  SysMain - ok
11:50:37.0892 8944  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:50:37.0939 8944  TabletInputService - ok
11:50:37.0955 8944  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:50:38.0002 8944  TapiSrv - ok
11:50:38.0017 8944  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
11:50:38.0064 8944  TBS - ok
11:50:38.0142 8944  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:50:38.0204 8944  Tcpip - ok
11:50:38.0314 8944  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:50:38.0360 8944  TCPIP6 - ok
11:50:38.0392 8944  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:50:38.0407 8944  tcpipreg - ok
11:50:38.0438 8944  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:50:38.0470 8944  TDPIPE - ok
11:50:38.0485 8944  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:50:38.0501 8944  TDTCP - ok
11:50:38.0532 8944  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:50:38.0579 8944  tdx - ok
11:50:38.0610 8944  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
11:50:38.0626 8944  TermDD - ok
11:50:38.0657 8944  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
11:50:38.0719 8944  TermService - ok
11:50:38.0735 8944  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
11:50:38.0750 8944  Themes - ok
11:50:38.0782 8944  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
11:50:38.0813 8944  THREADORDER - ok
11:50:38.0844 8944  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
11:50:38.0891 8944  TrkWks - ok
11:50:38.0969 8944  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:50:39.0062 8944  TrustedInstaller - ok
11:50:39.0094 8944  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:50:39.0203 8944  tssecsrv - ok
11:50:39.0218 8944  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:50:39.0312 8944  TsUsbFlt - ok
11:50:39.0328 8944  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
11:50:39.0390 8944  TsUsbGD - ok
11:50:39.0406 8944  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:50:39.0499 8944  tunnel - ok
11:50:39.0515 8944  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
11:50:39.0530 8944  uagp35 - ok
11:50:39.0608 8944  [ 1FE69F3C1CA1CF4B7EC7E2E9090FFFDC ] uCamMonitor     C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
11:50:39.0624 8944  uCamMonitor - ok
11:50:39.0655 8944  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:50:39.0702 8944  udfs - ok
11:50:39.0733 8944  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:50:39.0749 8944  UI0Detect - ok
11:50:39.0796 8944  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:50:39.0811 8944  uliagpkx - ok
11:50:39.0842 8944  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
11:50:39.0874 8944  umbus - ok
11:50:39.0889 8944  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
11:50:39.0936 8944  UmPass - ok
11:50:40.0030 8944  [ D80B1075B69B57A3AB78F750CE463ECE ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
11:50:40.0076 8944  UNS - ok
11:50:40.0092 8944  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
11:50:40.0154 8944  upnphost - ok
11:50:40.0186 8944  [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
11:50:40.0201 8944  USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
11:50:40.0201 8944  USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
11:50:40.0232 8944  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
11:50:40.0279 8944  usbccgp - ok
11:50:40.0295 8944  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:50:40.0326 8944  usbcir - ok
11:50:40.0342 8944  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
11:50:40.0357 8944  usbehci - ok
11:50:40.0388 8944  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
11:50:40.0420 8944  usbhub - ok
11:50:40.0451 8944  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
11:50:40.0466 8944  usbohci - ok
11:50:40.0498 8944  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:50:40.0529 8944  usbprint - ok
11:50:40.0544 8944  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:50:40.0591 8944  USBSTOR - ok
11:50:40.0622 8944  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
11:50:40.0654 8944  usbuhci - ok
11:50:40.0685 8944  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
11:50:40.0778 8944  usbvideo - ok
11:50:40.0794 8944  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
11:50:40.0856 8944  UxSms - ok
11:50:40.0888 8944  [ 203FD19D70549A2939E1AE3A36608151 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
11:50:40.0903 8944  VAIO Event Service - ok
11:50:40.0997 8944  [ 59308CD511A5F3EE33595FFD46F76B31 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
11:50:41.0044 8944  VAIO Power Management - ok
11:50:41.0075 8944  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
11:50:41.0090 8944  VaultSvc - ok
11:50:41.0153 8944  [ ADD5A5BA64D0710E1C764A8D4DAD510E ] VCFw            C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
11:50:41.0215 8944  VCFw - ok
11:50:41.0278 8944  [ EEE5AD6FB40B35F7867C3A49B98BB4EF ] VcmIAlzMgr      C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
11:50:41.0309 8944  VcmIAlzMgr - ok
11:50:41.0356 8944  [ FD5BD55C1854208BC9C51DBCFC3C1941 ] VcmINSMgr       C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
11:50:41.0371 8944  VcmINSMgr - ok
11:50:41.0418 8944  [ 9BC1F203C5604C24F345BCFCD6956BAE ] VcmXmlIfHelper  C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
11:50:41.0418 8944  VcmXmlIfHelper - ok
11:50:41.0465 8944  [ D076011ECD0D1310E879F32EBF3B4886 ] VCService       C:\Program Files\Sony\VAIO Care\VCService.exe
11:50:41.0480 8944  VCService - ok
11:50:41.0496 8944  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:50:41.0527 8944  vdrvroot - ok
11:50:41.0558 8944  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
11:50:41.0605 8944  vds - ok
11:50:41.0636 8944  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:50:41.0668 8944  vga - ok
11:50:41.0683 8944  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:50:41.0730 8944  VgaSave - ok
11:50:41.0777 8944  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:50:41.0792 8944  vhdmp - ok
11:50:41.0808 8944  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:50:41.0824 8944  viaide - ok
11:50:41.0855 8944  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:50:41.0855 8944  volmgr - ok
11:50:41.0886 8944  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:50:41.0948 8944  volmgrx - ok
11:50:41.0980 8944  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:50:42.0011 8944  volsnap - ok
11:50:42.0042 8944  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
11:50:42.0058 8944  vsmraid - ok
11:50:42.0120 8944  [ 596E65BDEE804CC6658A39756CC61849 ] VSNService      C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
11:50:42.0167 8944  VSNService - ok
11:50:42.0245 8944  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
11:50:42.0307 8944  VSS - ok
11:50:42.0385 8944  [ FB4A1695D2D74F9C92CA5E84795CDBE1 ] VUAgent         C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
11:50:42.0432 8944  VUAgent - ok
11:50:42.0463 8944  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
11:50:42.0479 8944  vwifibus - ok
11:50:42.0510 8944  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:50:42.0541 8944  vwififlt - ok
11:50:42.0588 8944  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
11:50:42.0619 8944  W32Time - ok
11:50:42.0650 8944  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
11:50:42.0697 8944  WacomPen - ok
11:50:42.0744 8944  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:50:42.0822 8944  WANARP - ok
11:50:42.0822 8944  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:50:42.0853 8944  Wanarpv6 - ok
11:50:42.0916 8944  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
11:50:42.0978 8944  wbengine - ok
11:50:42.0978 8944  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:50:43.0009 8944  WbioSrvc - ok
11:50:43.0040 8944  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:50:43.0072 8944  wcncsvc - ok
11:50:43.0087 8944  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:50:43.0150 8944  WcsPlugInService - ok
11:50:43.0181 8944  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
11:50:43.0228 8944  Wd - ok
11:50:43.0259 8944  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:50:43.0290 8944  Wdf01000 - ok
11:50:43.0306 8944  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:50:43.0571 8944  WdiServiceHost - ok
11:50:43.0602 8944  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:50:43.0633 8944  WdiSystemHost - ok
11:50:43.0649 8944  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
11:50:43.0696 8944  WebClient - ok
11:50:43.0711 8944  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:50:43.0742 8944  Wecsvc - ok
11:50:43.0774 8944  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:50:43.0820 8944  wercplsupport - ok
11:50:43.0852 8944  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:50:43.0883 8944  WerSvc - ok
11:50:43.0930 8944  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:50:43.0961 8944  WfpLwf - ok
11:50:43.0976 8944  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:50:43.0992 8944  WIMMount - ok
11:50:44.0008 8944  WinDefend - ok
11:50:44.0023 8944  WinHttpAutoProxySvc - ok
11:50:44.0086 8944  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:50:44.0132 8944  Winmgmt - ok
11:50:44.0195 8944  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
11:50:44.0273 8944  WinRM - ok
11:50:44.0335 8944  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:50:44.0413 8944  Wlansvc - ok
11:50:44.0444 8944  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:50:44.0460 8944  wlcrasvc - ok
11:50:44.0569 8944  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:50:44.0616 8944  wlidsvc - ok
11:50:44.0632 8944  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
11:50:44.0663 8944  WmiAcpi - ok
11:50:44.0694 8944  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:50:44.0725 8944  wmiApSrv - ok
11:50:44.0741 8944  WMPNetworkSvc - ok
11:50:44.0772 8944  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:50:44.0803 8944  WPCSvc - ok
11:50:44.0819 8944  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:50:44.0850 8944  WPDBusEnum - ok
11:50:44.0866 8944  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:50:44.0912 8944  ws2ifsl - ok
11:50:44.0928 8944  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
11:50:45.0022 8944  wscsvc - ok
11:50:45.0022 8944  WSearch - ok
11:50:45.0115 8944  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:50:45.0178 8944  wuauserv - ok
11:50:45.0209 8944  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:50:45.0256 8944  WudfPf - ok
11:50:45.0318 8944  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:50:45.0349 8944  WUDFRd - ok
11:50:45.0380 8944  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:50:45.0412 8944  wudfsvc - ok
11:50:45.0443 8944  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:50:45.0505 8944  WwanSvc - ok
11:50:45.0568 8944  [ A5B25E310678175F4779499FFF7D0994 ] ZAtheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
11:50:45.0599 8944  ZAtheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - warning
11:50:45.0599 8944  ZAtheros Bt&Wlan Coex Agent - detected UnsignedFile.Multi.Generic (1)
11:50:45.0614 8944  ================ Scan global ===============================
11:50:45.0630 8944  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:50:45.0661 8944  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:50:45.0677 8944  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:50:45.0724 8944  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:50:45.0739 8944  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:50:45.0739 8944  [Global] - ok
11:50:45.0755 8944  ================ Scan MBR ==================================
11:50:45.0770 8944  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:50:46.0238 8944  \Device\Harddisk0\DR0 - ok
11:50:46.0238 8944  ================ Scan VBR ==================================
11:50:46.0285 8944  [ 5152EB8AEADE6E753C97A2CE6CF4A450 ] \Device\Harddisk0\DR0\Partition1
11:50:46.0285 8944  \Device\Harddisk0\DR0\Partition1 - ok
11:50:46.0301 8944  [ 2612FEFE1753526836D521B6D56C9787 ] \Device\Harddisk0\DR0\Partition2
11:50:46.0301 8944  \Device\Harddisk0\DR0\Partition2 - ok
11:50:46.0301 8944  ============================================================
11:50:46.0301 8944  Scan finished
11:50:46.0301 8944  ============================================================
11:50:46.0316 8672  Detected object count: 3
11:50:46.0316 8672  Actual detected object count: 3
11:51:45.0677 8672  AtherosSvc ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:45.0677 8672  AtherosSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:45.0677 8672  USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:45.0677 8672  USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:45.0692 8672  ZAtheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:45.0692 8672  ZAtheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - User select action: Skip

31.05.2013, 14:47	#4
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	"Sparkassentrojaner" Schau da mal nach was genau wo gefunden wurde. __________________ Logfiles bitte immer in CODE-Tags posten

31.05.2013, 19:55	#8
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	"Sparkassentrojaner" Ja, poste die trotzdem mal, ich wissen ob die DBs aktuell waren __________________ Logfiles bitte immer in CODE-Tags posten

"Sparkassentrojaner"

Plagegeister aller Art und deren Bekämpfung: "Sparkassentrojaner"