| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
08.06.2013, 21:23
| #1 |
 |  Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun? Hallo liebes Team, habe vor zwei Tagen nach Computerstart eine Meldung der Benutzerkontensteuerung bekommen, in der ich wssAAA.tmp von Perion Network Ltd. ausführen sollte, was ich natürlich nicht gemacht habe. Mir fiel auf, dass diese Meldung immer nach Neustart wiederkam, welche ich weiterhin nicht bestätigte. Als ich auf Facebook meine Nachrichten aufrufen wollte, schlug mein Virenprogramm (avast! Free-antivirus) Alarm. Die Objekte sowie Infektionen hatten immer andere Namen. Die Windows-Firewall meldete gleichzeitig das avast ausgeschaltet wäre, obwohl dieses, bei jedem Versuch die Facebook-Nachrichten aufzurufen, wie wild schrie. Ich probierte alles aus, was mir als nicht-Spezi möglich war..... Virenscanner negativ, Anti-Maleware negativ, da suchte ich wieder bei avast. Dort wollte ich unter Updates alles manuell aktualisieren. Doch nach kurzer Prüfung hieß es, das das Modul beschädigt sei. Sowohl bei der Datenbank als auch beim Programm, also avast neu runtergeladen, deinstalliert und neu drauf gespielt. Schon konnte ich bei Facebook wieder die völlig harmlosen Nachrichten abrufen. Doch die Perion-Meldung war immer noch nach Neustart da...... Heute passierte genau dasselbe wieder. Wieder meldete die Firewall, dass avast ausgeschaltet wäre, und die Meldung von Perion kam auf den Bildschirm. Ich sah, dass der Name sich geändert hatte und schrieb schnell wssBC9C.tmp auf. Doch als ich wieder auf den Bildschirm sah, drückte ich Trottel auf ausführen !!!!!! Der Rechner lief danach noch ca. 1 std und dann wurde der Bildschirm fast völlig dunkel, als ich gerade hier schreiben wollte. Man sah nur noch schemenhaft die Schrift im Hintergrund. Nach mehreren Versuchen den Rechner neu zu starten, konnte ich das Windows-Reparatur-Tool starten (musste mehrmals hart runterfahren), welches mir zumindest das System wiederherstellte. Dann habe ich Anti-Maleware nochmal scannen lassen und das fand 3 Infektion, die ich auch von dem Programm entfernen ließ. Ich bin mir jetzt nicht sicher, ob das alles richtig war. Ich hoffe, ich habe keine wichtige Info vergessen und einer von euch kann und möchte mir helfen..... Vielen lieben Dank jetzt schonmal Lg Sweeby PS. Jetzt gerade, wo ich kurz vorm abschicken dieser Nachricht bin, kommt die Meldung mit wieder neuem Namen. Diesmal heisst sie wss14F7.tmp !!!!! Jetzt bin ich mir sicher, dass da immer noch was böses aufm Rechner ist  |
|
08.06.2013, 21:26
| #2 |
| /// Malware-holic   | Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun?__________________
__________________ |
|
08.06.2013, 21:51
| #3 |
| | Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun? der eben ausgeführte quick-scan
__________________dazu der quick-scan mit den drei Funden |
|
08.06.2013, 22:12
| #4 |
| /// Malware-holic | Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun? Hi Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
08.06.2013, 22:55
| #5 |
| | Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun? Danke für die schnellen Antworten, leider weiss ich nicht wie ich die Logs in so einem Kasten poste. Ich habe durch die Vorrecherche OTL schon runtergeladen und einmal laufen lassen, doch jetzt bei dem zweiten Lauf habe ich diese Extra-log nicht bekommen?! Hab ich da was falsch gemacht? Ich schick mal die erste mit..... Zweiter Scan nach eurer AnweisungOTL Logfile: Code:
ATTFilter OTL logfile created on: 08.06.2013 23:20:15 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Luzifer\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,97 Gb Total Physical Memory | 1,91 Gb Available Physical Memory | 64,47% Memory free 6,14 Gb Paging File | 5,00 Gb Available in Paging File | 81,57% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 217,86 Gb Total Space | 139,35 Gb Free Space | 63,96% Space Free | Partition Type: NTFS Drive D: | 70,83 Gb Total Space | 70,65 Gb Free Space | 99,75% Space Free | Partition Type: NTFS Drive G: | 70,93 Gb Total Space | 59,57 Gb Free Space | 83,98% Space Free | Partition Type: NTFS Computer Name: LUZIFER-PC | User Name: Luzifer | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.06.08 19:01:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Luzifer\Downloads\OTL.exe PRC - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013.05.09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe PRC - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe PRC - [2012.08.15 20:08:34 | 000,231,768 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009.02.26 18:36:46 | 000,030,040 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe PRC - [2008.11.22 04:33:20 | 000,303,104 | ---- | M] (Sony Corporation) -- C:\Programme\sony\Network Utility\NSUService.exe PRC - [2008.11.22 04:33:20 | 000,270,336 | ---- | M] (Sony Corporation) -- C:\Programme\sony\Network Utility\LANUtil.exe PRC - [2008.11.05 18:32:28 | 000,203,624 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Event Service\VESMgr.exe PRC - [2008.11.05 18:32:28 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Event Service\VESMgrSub.exe PRC - [2008.10.17 19:16:54 | 000,415,584 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Power Management\SPMService.exe PRC - [2008.10.17 12:28:57 | 000,102,400 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RTKAUDIOSERVICE.EXE PRC - [2008.10.14 17:07:30 | 000,776,744 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe PRC - [2008.09.30 02:04:57 | 000,122,880 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\Apoint\Apoint.exe PRC - [2008.09.30 02:04:57 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\Apoint\ApntEx.exe PRC - [2008.09.30 02:04:55 | 000,050,472 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\Apoint\ApMsgFwd.exe PRC - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Programme\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe PRC - [2008.09.11 19:28:26 | 000,446,464 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe PRC - [2008.09.08 09:59:54 | 000,192,512 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe PRC - [2008.09.08 09:59:52 | 000,279,848 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe PRC - [2008.09.05 12:54:58 | 001,771,360 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Power Management\SPMgr.exe PRC - [2008.08.28 20:21:36 | 000,870,240 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Update 4\VAIOUpdt.exe PRC - [2008.08.20 16:38:30 | 000,860,160 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe PRC - [2008.08.20 16:08:02 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe PRC - [2008.06.11 23:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Programme\Adobe\Acrobat 9.0\Acrobat\acrotray.exe PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe PRC - [2008.01.21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe PRC - [2007.09.11 00:45:04 | 000,124,832 | ---- | M] () -- c:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe PRC - [2007.01.04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) -- c:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe ========== Modules (No Company Name) ========== MOD - [2013.05.16 09:08:33 | 001,071,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\eb525a947a47b0e41bfabf91855e7459\System.IdentityModel.ni.dll MOD - [2013.05.16 09:08:30 | 017,404,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\93c9e616b0bf994a9fe885dd4f460218\System.ServiceModel.ni.dll MOD - [2013.05.16 09:08:08 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\3da65115bf9debbf564861f6b123a2e4\System.Configuration.ni.dll MOD - [2013.05.16 09:03:42 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e9ea3e70247b4aa4a8b260426db3aa6b\System.Windows.Forms.ni.dll MOD - [2013.02.14 15:08:03 | 011,820,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\421cb77e6a4c21f94e3c5ddf766de23b\System.Web.ni.dll MOD - [2013.01.10 04:36:41 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\f300bbe8b18d4a04933422f241aa1428\System.IdentityModel.Selectors.ni.dll MOD - [2013.01.10 04:36:18 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\9b2eef59d0cfc5aff182d0951de5f040\Accessibility.ni.dll MOD - [2013.01.10 04:36:16 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll MOD - [2013.01.10 04:36:04 | 002,346,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\895899bb8c1772f2043de17305d7eb35\System.Runtime.Serialization.ni.dll MOD - [2013.01.10 04:35:57 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\bb8af3cf69f1337efda4e810b6751b89\SMDiagnostics.ni.dll MOD - [2013.01.10 04:35:56 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll MOD - [2013.01.10 04:35:32 | 001,593,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll MOD - [2013.01.10 04:34:36 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll MOD - [2013.01.10 04:34:29 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll MOD - [2012.08.05 09:55:00 | 001,687,552 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3120.40644__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll MOD - [2012.08.05 09:55:00 | 000,270,336 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3120.40600__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll MOD - [2012.08.05 09:55:00 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3120.40658__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll MOD - [2012.08.05 09:55:00 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3120.40816__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll MOD - [2012.08.05 09:55:00 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3120.40636__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll MOD - [2012.08.05 09:55:00 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3120.40744__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll MOD - [2012.08.05 09:55:00 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3120.40622__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll MOD - [2012.08.05 09:54:59 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3120.40847__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll MOD - [2012.08.05 09:54:59 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3120.40780__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll MOD - [2012.08.05 09:54:43 | 000,348,160 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3120.40788__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll MOD - [2012.08.05 09:54:43 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3120.40854__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll MOD - [2012.08.05 09:54:43 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3120.40794__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll MOD - [2012.08.05 09:54:43 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3120.40615__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll MOD - [2012.08.05 09:54:43 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3120.40787__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll MOD - [2012.08.05 09:54:42 | 000,806,912 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3120.40747__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll MOD - [2012.08.05 09:54:42 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3120.40806__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll MOD - [2012.08.05 09:54:42 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3120.40664__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll MOD - [2012.08.05 09:54:42 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3120.40762__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll MOD - [2012.08.05 09:54:42 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3120.40746__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll MOD - [2012.08.05 09:54:42 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3120.40761__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll MOD - [2012.08.05 09:54:41 | 000,585,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3120.40669__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll MOD - [2012.08.05 09:54:41 | 000,450,560 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3120.40739__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll MOD - [2012.08.05 09:54:41 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3120.40623__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll MOD - [2012.08.05 09:54:41 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3120.40774__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll MOD - [2012.08.05 09:54:41 | 000,376,832 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3120.40745__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll MOD - [2012.08.05 09:54:41 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3120.40675__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll MOD - [2012.08.05 09:54:41 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3120.40744__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll MOD - [2012.08.05 09:54:41 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3120.40675__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll MOD - [2012.08.05 09:54:41 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3120.40745__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll MOD - [2012.08.05 09:54:41 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3120.40773__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll MOD - [2012.08.05 09:54:41 | 000,008,192 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3120.40587__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll MOD - [2012.08.05 09:54:41 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3120.40582__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll MOD - [2012.08.05 09:54:41 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll MOD - [2012.08.05 09:54:41 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3120.40845__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll MOD - [2012.08.05 09:54:41 | 000,006,144 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3120.40587__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll MOD - [2012.08.05 09:54:41 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3120.40600__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll MOD - [2012.08.05 09:54:41 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3120.40588__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll MOD - [2012.08.05 09:54:40 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3120.40816__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll MOD - [2012.08.05 09:54:40 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3120.40581__90ba9c70f846762e\CLI.Foundation.dll MOD - [2012.08.05 09:54:40 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3120.40583__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll MOD - [2012.08.05 09:54:40 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3120.40786__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll MOD - [2012.08.05 09:54:40 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3120.40746__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll MOD - [2012.08.05 09:54:40 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll MOD - [2012.08.05 09:54:40 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3120.40846__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll MOD - [2012.08.05 09:54:40 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3120.40837__90ba9c70f846762e\CLI.Foundation.XManifest.dll MOD - [2012.08.05 09:54:40 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3120.40621__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll MOD - [2012.08.05 09:54:40 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3120.40761__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll MOD - [2012.08.05 09:54:40 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3120.40583__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll MOD - [2012.08.05 09:54:40 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3120.40583__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll MOD - [2012.08.05 09:54:40 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3120.40599__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll MOD - [2012.08.05 09:54:40 | 000,019,968 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3120.40580__90ba9c70f846762e\LOG.Foundation.dll MOD - [2012.08.05 09:54:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll MOD - [2012.08.05 09:54:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll MOD - [2012.08.05 09:54:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3120.40636__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll MOD - [2012.08.05 09:54:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3120.40614__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll MOD - [2012.08.05 09:54:40 | 000,015,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3120.40582__90ba9c70f846762e\NEWAEM.Foundation.dll MOD - [2012.08.05 09:54:40 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3120.40582__90ba9c70f846762e\CLI.Component.Client.Shared.dll MOD - [2012.08.05 09:54:40 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3120.40598__90ba9c70f846762e\DEM.OS.I0602.dll MOD - [2012.08.05 09:54:40 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3120.40599__90ba9c70f846762e\DEM.Graphics.dll MOD - [2012.08.05 09:54:40 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3120.40584__90ba9c70f846762e\MOM.Foundation.dll MOD - [2012.08.05 09:54:40 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3120.40585__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll MOD - [2012.08.05 09:54:40 | 000,005,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3120.40599__90ba9c70f846762e\DEM.OS.dll MOD - [2012.08.05 09:54:39 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3120.40745__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll MOD - [2012.08.05 09:54:39 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3120.40642__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll MOD - [2012.08.05 09:54:39 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3120.40780__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll MOD - [2012.08.05 09:54:39 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3120.40621__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll MOD - [2012.08.05 09:54:39 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3120.40621__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll MOD - [2012.08.05 09:54:39 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3120.40642__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll MOD - [2012.08.05 09:54:39 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll MOD - [2012.08.05 09:54:39 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3120.40582__90ba9c70f846762e\APM.Foundation.dll MOD - [2012.08.05 09:54:39 | 000,006,144 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3120.40589__90ba9c70f846762e\AEM.Server.Shared.dll MOD - [2012.08.05 09:54:35 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory.resources\2.0.3120.40592_de_90ba9c70f846762e\CLI.Component.SkinFactory.resources.dll MOD - [2012.08.05 09:54:34 | 000,005,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.3120.40829_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll MOD - [2012.08.05 09:54:33 | 000,417,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3120.40829__90ba9c70f846762e\CLI.Component.Systemtray.dll MOD - [2012.08.05 09:54:33 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3120.40629__90ba9c70f846762e\CLI.Component.Wizard.dll MOD - [2012.08.05 09:54:33 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3120.40837__90ba9c70f846762e\MOM.Implementation.dll MOD - [2012.08.05 09:54:33 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3120.40836__90ba9c70f846762e\LOG.Foundation.Implementation.dll MOD - [2012.08.05 09:54:33 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3120.40592__90ba9c70f846762e\CLI.Component.SkinFactory.dll MOD - [2012.08.05 09:54:33 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3120.40591__90ba9c70f846762e\CLI.Component.Runtime.dll MOD - [2012.08.05 09:54:33 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3120.40587__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll MOD - [2012.08.05 09:54:33 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3120.40867__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll MOD - [2012.08.05 09:54:33 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3120.40586__90ba9c70f846762e\CLI.Foundation.Private.dll MOD - [2012.08.05 09:54:33 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3120.40585__90ba9c70f846762e\LOG.Foundation.Private.dll MOD - [2012.08.05 09:54:33 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3120.40584__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll MOD - [2012.08.05 09:54:33 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll MOD - [2012.08.05 09:54:33 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll MOD - [2012.08.05 09:54:33 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3120.40629__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll MOD - [2012.08.05 09:54:33 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3120.40878__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll MOD - [2012.08.05 09:54:33 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3120.40588__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll MOD - [2012.08.05 09:54:33 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3120.40591__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll MOD - [2012.08.05 09:54:32 | 000,995,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3120.40608__90ba9c70f846762e\CLI.Component.Dashboard.dll MOD - [2012.08.05 09:54:32 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3120.40599__90ba9c70f846762e\ATIDEMOS.dll MOD - [2012.08.05 09:54:32 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3120.40590__90ba9c70f846762e\APM.Server.dll MOD - [2012.08.05 09:54:32 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3120.40589__90ba9c70f846762e\AEM.Server.dll MOD - [2012.08.05 09:54:32 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3120.40607__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll MOD - [2012.08.05 09:54:32 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll MOD - [2012.08.05 09:54:32 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3120.40837__90ba9c70f846762e\CCC.Implementation.dll MOD - [2012.08.05 09:54:32 | 000,010,240 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3120.40607__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll MOD - [2012.08.05 09:54:32 | 000,008,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3120.40650__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll MOD - [2009.12.09 08:54:50 | 000,495,616 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_de_b77a5c561934e089\System.ServiceModel.resources.dll MOD - [2009.03.30 06:42:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll MOD - [2009.03.30 06:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2008.11.25 14:41:44 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\SPMDam\3.1.0.6020__1b3c579b6925895f\SPMDam.dll MOD - [2008.11.25 14:41:39 | 000,086,016 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\SPMCommon\3.1.0.6020__e3c7096ba83f9295\SPMCommon.dll MOD - [2008.10.14 16:56:08 | 000,126,976 | ---- | M] () -- C:\Programme\WIDCOMM\Bluetooth Software\BTKeyInd.dll MOD - [2008.09.25 02:44:18 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll MOD - [2008.08.26 11:41:42 | 000,016,384 | R--- | M] () -- c:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll ========== Services (SafeList) ========== SRV - [2013.05.24 16:21:59 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.05.16 10:47:09 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011.07.20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2009.02.26 18:36:22 | 000,064,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service) SRV - [2008.11.25 14:40:16 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2008.11.22 04:33:20 | 000,303,104 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\sony\Network Utility\NSUService.exe -- (NSUService) SRV - [2008.11.05 18:32:28 | 000,203,624 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service) SRV - [2008.10.21 10:52:38 | 000,353,568 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\sony\VAIO Media plus\SOHDms.exe -- (SOHDms) SRV - [2008.10.21 10:52:38 | 000,062,752 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\sony\VAIO Media plus\SOHDs.exe -- (SOHDs) SRV - [2008.10.21 10:52:36 | 000,103,712 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\sony\VAIO Media plus\SOHCImp.exe -- (SOHCImp) SRV - [2008.10.17 19:16:54 | 000,415,584 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management) SRV - [2008.10.17 12:28:57 | 000,102,400 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Windows\RTKAUDIOSERVICE.EXE -- (RtkAudioService) SRV - [2008.10.01 18:18:48 | 000,369,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr) SRV - [2008.09.19 10:06:22 | 000,083,232 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper) SRV - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Programme\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor) SRV - [2008.09.11 19:28:26 | 000,446,464 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw) SRV - [2008.09.08 09:59:56 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service) SRV - [2008.09.08 09:59:54 | 000,192,512 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc) SRV - [2008.09.08 09:59:52 | 000,279,848 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw) SRV - [2008.08.20 16:38:30 | 000,860,160 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV - [2008.08.20 16:08:02 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV - [2008.05.20 01:51:34 | 000,077,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV) SRV - [2008.05.20 01:49:04 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV) SRV - [2008.05.20 01:29:06 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR) SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007.09.11 00:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- c:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0) SRV - [2007.01.04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- c:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr) SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | Disabled | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | Boot | Stopped] -- System32\drivers\aynl.sys -- (jgwlhdkr) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - [2013.05.09 10:59:10 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2013.05.09 10:59:10 | 000,368,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2013.05.09 10:59:10 | 000,174,664 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm) DRV - [2013.05.09 10:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2013.05.09 10:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt) DRV - [2013.05.09 10:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2013.05.09 10:59:09 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr) DRV - [2013.05.09 10:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2008.10.24 02:06:27 | 000,150,560 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService) DRV - [2008.10.23 02:02:23 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\risdptsk.sys -- (risdptsk) DRV - [2008.10.23 02:02:02 | 000,068,608 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2008.09.30 02:04:57 | 000,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2008.09.25 02:44:13 | 003,847,168 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2008.08.28 23:48:46 | 003,664,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) DRV - [2008.08.22 17:22:42 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall) DRV - [2008.08.22 02:06:22 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP) DRV - [2008.06.07 02:02:55 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr) DRV - [2008.04.24 14:06:40 | 000,017,920 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter) DRV - [2008.01.25 04:14:25 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio) DRV - [2007.04.17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com IE - HKLM\..\URLSearchHook: {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Programme\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {E0775E9E-5DDC-4C12-B58D-79B2B5918CE9} IE - HKLM\..\SearchScopes\{E0775E9E-5DDC-4C12-B58D-79B2B5918CE9}: "URL" = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta= IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7SNYK_de&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb201/?search={searchTerms}&loc=IB_DS&a=6PQWYvjB0G&i=26 IE - HKCU\..\SearchScopes\{E0775E9E-5DDC-4C12-B58D-79B2B5918CE9}: "URL" = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta= IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\ [2013.01.12 17:03:31 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\IB Updater\Firefox FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.06.05 23:01:41 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.01.26 16:25:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Luzifer\AppData\Roaming\mozilla\Extensions [2013.01.26 17:16:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Luzifer\AppData\Roaming\mozilla\Firefox\Profiles\jjzm6vcr.default\extensions [2013.06.08 20:57:08 | 000,002,120 | ---- | M] () -- C:\Users\Luzifer\AppData\Roaming\mozilla\firefox\profiles\jjzm6vcr.default\searchplugins\MyStart.xml [2013.05.24 16:22:01 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions [2013.05.24 16:22:01 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (DVDVideoSoftTB DE Toolbar) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Programme\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (DVDVideoSoftTB DE Toolbar) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files\DVDVideoSoftTB_DE\prxtbDVDV.dll̀ File not found O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB DE Toolbar) - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - C:\Programme\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [AML] C:\Program Files\Sony\VAIO Launcher\AML.exe (Sony) O4 - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [NSUFloatingUI] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation) O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra 'Tools' menuitem : Sun Java-Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 10.21.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 80.69.100.102 80.69.100.230 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E7565BAE-1A92-4F12-BE98-17C4C25E307B}: DhcpNameServer = 80.69.100.102 80.69.100.230 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation) O24 - Desktop WallPaper: C:\Users\Luzifer\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Luzifer\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2013.06.08 18:34:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\jmdp [2013.06.08 18:34:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\ARFC [2013.06.08 18:34:35 | 000,000,000 | ---D | C] -- C:\Windows\System32\WNLT [2013.06.05 23:02:12 | 000,368,944 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys [2013.06.05 23:02:12 | 000,049,760 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys [2013.06.05 23:02:12 | 000,029,816 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2013.06.05 23:02:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2013.06.05 23:02:11 | 000,056,080 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys [2013.06.05 23:02:10 | 000,765,736 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys [2013.06.05 23:02:09 | 000,066,336 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2013.06.05 23:01:27 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2013.06.05 23:00:52 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2013.06.02 13:42:16 | 000,000,000 | ---D | C] -- C:\Users\Luzifer\AppData\Roaming\TS3Client [2013.06.02 13:41:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client [2013.06.02 13:40:58 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client [2013.05.26 13:26:34 | 000,000,000 | ---D | C] -- C:\Users\Luzifer\AppData\Local\ArcSoft [2013.05.24 16:21:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox ========== Files - Modified Within 30 Days ========== [2013.06.08 23:17:22 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013.06.08 23:17:22 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013.06.08 22:47:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.06.08 21:17:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.06.08 21:17:14 | 3186,663,424 | -HS- | M] () -- C:\hiberfil.sys [2013.06.08 21:15:38 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2013.06.08 20:02:12 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2013.06.06 18:23:22 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.06.06 18:23:22 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.06.06 18:23:22 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.06.06 18:23:22 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.06.05 23:02:12 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2013.06.02 13:41:03 | 000,000,959 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk [2013.05.21 15:28:38 | 000,027,136 | ---- | M] () -- C:\Windows\System32\ImHttpComm.dll [2013.05.16 09:00:57 | 000,412,592 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2013.06.08 20:38:19 | 3186,663,424 | -HS- | C] () -- C:\hiberfil.sys [2013.06.08 18:34:36 | 000,027,136 | ---- | C] () -- C:\Windows\System32\ImHttpComm.dll [2013.06.05 23:02:12 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2013.06.05 23:02:10 | 000,174,664 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys [2013.06.05 23:02:09 | 000,049,376 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys [2013.06.02 13:41:03 | 000,000,959 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk [2013.01.26 14:36:34 | 000,721,397 | ---- | C] () -- C:\Windows\unins000.exe [2013.01.26 14:36:34 | 000,068,042 | ---- | C] () -- C:\Windows\unins000.dat [2013.01.25 18:19:39 | 000,000,001 | R--- | C] () -- C:\Users\Luzifer\serverport [2012.12.04 18:39:54 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll [2012.11.07 10:10:44 | 000,014,336 | ---- | C] () -- C:\Users\Luzifer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.09.20 16:20:58 | 000,000,000 | ---- | C] () -- C:\Users\Luzifer\AppData\Roaming\wklnhst.dat [2012.08.08 16:14:08 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2012.08.08 16:14:08 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2012.08.05 11:39:00 | 000,001,356 | ---- | C] () -- C:\Users\Luzifer\AppData\Local\d3d9caps.dat [2012.08.05 10:34:53 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI [2012.08.05 10:25:50 | 000,344,064 | ---- | C] () -- C:\Windows\System32\SSMSIppCustom.dll [2012.08.05 09:36:34 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI ========== ZeroAccess Check ========== [2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2012.08.27 08:16:26 | 000,000,000 | ---D | M] -- C:\Users\Luzifer\AppData\Roaming\Artogon [2013.01.12 17:03:22 | 000,000,000 | ---D | M] -- C:\Users\Luzifer\AppData\Roaming\DVDVideoSoft [2013.01.12 17:03:38 | 000,000,000 | ---D | M] -- C:\Users\Luzifer\AppData\Roaming\DVDVideoSoftIEHelpers [2013.01.22 16:17:36 | 000,000,000 | ---D | M] -- C:\Users\Luzifer\AppData\Roaming\InterVideo [2012.12.01 19:06:08 | 000,000,000 | ---D | M] -- C:\Users\Luzifer\AppData\Roaming\OpenCandy [2012.08.30 15:51:30 | 000,000,000 | ---D | M] -- C:\Users\Luzifer\AppData\Roaming\ScreenSeven [2012.08.28 12:41:53 | 000,000,000 | ---D | M] -- C:\Users\Luzifer\AppData\Roaming\Settlement. Colossus [2012.08.31 05:45:14 | 000,000,000 | ---D | M] -- C:\Users\Luzifer\AppData\Roaming\SprillRichiEng [2013.06.02 16:51:27 | 000,000,000 | ---D | M] -- C:\Users\Luzifer\AppData\Roaming\TS3Client [2012.12.01 19:06:55 | 000,000,000 | ---D | M] -- C:\Users\Luzifer\AppData\Roaming\TuneUp Software [2012.08.28 12:36:19 | 000,000,000 | ---D | M] -- C:\Users\Luzifer\AppData\Roaming\VampireSaga ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2012.08.05 11:42:11 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin [2012.08.15 20:03:53 | 000,000,000 | -HSD | M] -- C:\Boot [2012.08.05 10:34:57 | 000,000,000 | ---D | M] -- C:\Documentation [2006.11.02 15:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2012.08.05 11:33:47 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2012.08.05 10:09:40 | 000,000,000 | RH-D | M] -- C:\MSOCache [2008.01.21 04:32:31 | 000,000,000 | ---D | M] -- C:\PerfLogs [2013.06.05 23:00:52 | 000,000,000 | R--D | M] -- C:\Program Files [2013.04.06 15:03:17 | 000,000,000 | -H-D | M] -- C:\ProgramData [2012.08.05 11:33:47 | 000,000,000 | -HSD | M] -- C:\Programme [2013.06.08 23:22:31 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2012.08.05 11:38:41 | 000,000,000 | R--D | M] -- C:\Users [2013.06.05 23:01:27 | 000,000,000 | ---D | M] -- C:\Windows < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < C:\Windows\system32\*.tsp > [2006.11.02 11:44:49 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp [2006.11.02 11:44:49 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp [2006.11.02 11:44:49 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp [2006.11.02 11:44:49 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp [2009.04.11 08:27:17 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp [2006.11.02 15:01:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2006.11.02 15:01:49 | 000,032,578 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012.08.19 12:50:04 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job < MD5 for: AGP440.SYS > [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: ATAPI.SYS > [2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys [2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys < MD5 for: CNGAUDIT.DLL > [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: EXPLORER.EXE > [2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe [2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe [2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe [2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe [2008.01.21 04:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe < MD5 for: IASTOR.SYS > [2008.10.17 04:16:55 | 000,327,192 | ---- | M] (Intel Corporation) MD5=8EF427C54497C5F8A7A645990E4278C7 -- C:\Windows\Drivers\INF\SATA Driver (Intel) (Non-RAID)\IaStor.sys [2008.10.17 04:16:55 | 000,327,192 | ---- | M] (Intel Corporation) MD5=8EF427C54497C5F8A7A645990E4278C7 -- C:\Windows\System32\drivers\iaStor.sys [2008.10.17 04:16:55 | 000,327,192 | ---- | M] (Intel Corporation) MD5=8EF427C54497C5F8A7A645990E4278C7 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_3c4af4a0\iaStor.sys [2008.10.17 04:16:55 | 000,327,192 | ---- | M] (Intel Corporation) MD5=8EF427C54497C5F8A7A645990E4278C7 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_976b5a8f\iaStor.sys < MD5 for: IASTORV.SYS > [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll [2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll < MD5 for: NVSTOR.SYS > [2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys < MD5 for: SCECLI.DLL > [2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll [2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll < MD5 for: USER32.DLL > [2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll [2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll [2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll < MD5 for: USERINIT.EXE > [2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe [2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe < MD5 for: WINLOGON.EXE > [2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe < MD5 for: WS2IFSL.SYS > [2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys [2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > [2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\system32\*.dll /lockedfiles > [2008.09.25 02:44:10 | 000,421,888 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\system32\ATIDEMGX.dll < %USERPROFILE%\*.* > [2013.06.08 23:21:24 | 002,097,152 | -HS- | M] () -- C:\Users\Luzifer\ntuser.dat [2013.06.08 23:21:24 | 000,262,144 | -H-- | M] () -- C:\Users\Luzifer\ntuser.dat.LOG1 [2012.08.05 11:39:03 | 000,000,000 | -H-- | M] () -- C:\Users\Luzifer\ntuser.dat.LOG2 [2013.06.08 21:15:37 | 000,065,536 | -HS- | M] () -- C:\Users\Luzifer\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf [2013.06.08 21:15:37 | 000,524,288 | -HS- | M] () -- C:\Users\Luzifer\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms [2012.08.05 14:01:01 | 000,524,288 | -HS- | M] () -- C:\Users\Luzifer\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms [2008.01.21 03:42:57 | 000,000,020 | -HS- | M] () -- C:\Users\Luzifer\ntuser.ini [2013.01.26 00:22:59 | 000,000,001 | R--- | M] () -- C:\Users\Luzifer\serverport < %USERPROFILE%\Local Settings\Temp\*.exe > < %USERPROFILE%\Local Settings\Temp\*.dll > < %USERPROFILE%\Application Data\*.exe > < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 < > < End of report > Erster Scan, Extra-Datei vor euren AnweisungOTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 08.06.2013 19:19:51 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Luzifer\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,97 Gb Total Physical Memory | 1,46 Gb Available Physical Memory | 49,36% Memory free
6,13 Gb Paging File | 4,56 Gb Available in Paging File | 74,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 217,86 Gb Total Space | 139,64 Gb Free Space | 64,10% Space Free | Partition Type: NTFS
Drive D: | 70,83 Gb Total Space | 70,65 Gb Free Space | 99,75% Space Free | Partition Type: NTFS
Drive G: | 70,93 Gb Total Space | 59,57 Gb Free Space | 83,98% Space Free | Partition Type: NTFS
Computer Name: LUZIFER-PC | User Name: Luzifer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1322557523-2006374409-1625639609-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{11BB58CC-E14E-436F-BA7F-B75D1C3B9E9B}" = rport=137 | protocol=17 | dir=out | app=system |
"{16BE3345-E9DC-4718-B9E3-A7883C320D94}" = lport=139 | protocol=6 | dir=in | app=system |
"{1F0CECBC-7A21-400B-BDCC-455FCC69F064}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{21C1FE20-B052-4ECE-B99F-1DB94CB210EF}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{266F0778-5AB6-49D7-8766-3A03C4D8C4D2}" = rport=139 | protocol=6 | dir=out | app=system |
"{4AFD6186-1BBA-4ACA-87E1-D44225CEA82C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4F6EF5B1-8589-4822-95EE-CAC9FBCA49ED}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{529ADDD5-367D-4A2A-89B8-A6C66CA76045}" = lport=138 | protocol=17 | dir=in | app=system |
"{553FAC7A-8284-49B8-9523-3082515AA207}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{7939121E-70A1-4A41-BA77-DB7EA5A9FCF3}" = lport=137 | protocol=17 | dir=in | app=system |
"{878C590F-BF1C-40F3-92F7-7A0A6197E685}" = rport=138 | protocol=17 | dir=out | app=system |
"{8E47A0A1-0DF4-4587-8461-491DDA2E83BB}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{900A59C0-1CC4-49FB-B987-612A38F99D23}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9238B44F-B087-4B1D-91C2-7860DE153F3F}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{9552AE6D-A591-4562-A09E-B9834AC17C1B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A6BC3AD4-6ACE-48E2-8AB7-DAA23C1C55B6}" = lport=445 | protocol=6 | dir=in | app=system |
"{B811DD6B-1994-4330-8527-115716F30431}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C8048B9E-1955-4893-8EE9-5AA31A99CE6E}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{D8312AAB-CC4B-4338-AB80-C5C4A4A64668}" = rport=445 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{064380B3-9A59-4BDF-93C4-ADA64BC3F198}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{13E831AF-F860-4961-936D-0B824A1E6E89}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{2853E22D-F23D-49F7-B553-061F2A76F983}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{39CDD2B8-7572-43BD-BFBD-623DF39CB946}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{3CBB65AE-DFEB-43A7-AC71-AE0137D6966E}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{3E57570F-B7E6-48B7-BB4C-89601F00B43A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{43ECF99D-F702-4A03-B970-1EECC9E57271}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{48B9F099-20F0-4688-8C28-67E0B5A96B70}" = protocol=6 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{4A3255F4-0056-4D1E-B3C5-11AE48E1FA69}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{4C613E03-9FF0-465E-834F-A668782B8AA6}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{67D0FC26-6C07-4B9D-9112-18BCE5FF1C7D}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{71DA052F-FA6D-445C-9D98-E5ABF9ED645A}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{8FBE1AD2-3E56-44F7-8CA4-E549495F595E}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{908C4F3E-1EBC-4AED-B77E-A23A93461F1F}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe |
"{934EEDA2-78D2-4078-8B0F-1812739C76B2}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{94ACB65F-B338-4949-9CC1-6418A59D648E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{994BF859-FA90-4517-ADAE-F16AABC09560}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe |
"{A43DE983-5726-4D59-844D-5385E421F606}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A47F399B-28F9-4AF0-AA94-D6B168CEAC08}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{CB8A933B-1A6F-4158-93B5-4892BF277BCE}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{D5A86384-1294-496E-966B-169D98D015DA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{D6D5EF51-4540-46F6-843C-ED90642ECF21}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{E5004AF1-4513-4109-B056-AE8273E6ACE5}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{FA6B13DC-66E5-47DF-822E-BC59F54164C4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{FB3E8ACF-77F1-4DD2-A299-446C95AE107E}" = protocol=17 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{FCFFFE9C-A218-4CE4-9545-A96DED0774ED}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"TCP Query User{54A6C59D-A593-444F-8E5E-F70D9EB9D207}C:\users\luzifer\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light" = protocol=6 | dir=in | app=c:\users\luzifer\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light |
"TCP Query User{6E7D4B6C-701B-499E-941D-5CFBE7A97C13}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{DE619FF4-8963-42ED-9584-8C0866BF1CBF}C:\users\luzifer\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light" = protocol=17 | dir=in | app=c:\users\luzifer\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light |
"UDP Query User{F118C519-5B1B-4EDC-9773-74F1E70531BB}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{018F8F57-B46B-B9B9-C452-DE8F5618434F}" = Catalyst Control Center Graphics Full Existing
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07C93E59-2DE3-1565-28A9-8C848B26D0F5}" = CCC Help German
"{088C7311-A3BB-43C5-B046-C114D2F9728C}" = VAIO Media plus
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{0A6F9244-8C79-1296-3A43-097F67EB666A}" = Catalyst Control Center Localization Dutch
"{0E3C2706-59A3-426E-A0EA-65BFF05048C7}" = VAIO Content Metadata Intelligent Analyzing Manager
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{1790FDA2-938F-C886-8988-1ECB74E45517}" = Catalyst Control Center Localization Norwegian
"{1C815731-19F3-0770-8776-D78D6BEBC291}" = Catalyst Control Center Localization Hungarian
"{1EC06E70-BE43-DAAA-A217-E5C98869B1F8}" = Catalyst Control Center Localization Greek
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{2018C019-30D9-4240-8C01-0865C10DCF5A}" = Unterstützung für VAIO-Präsentation
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{252E50FD-F27C-C8DD-C9E2-D2845A2DC399}" = ATI Catalyst Install Manager
"{25BA8D5A-228A-7192-6FA1-890D9F1C679F}" = CCC Help Korean
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{327B75F0-92AF-420A-988F-FA596A218E0B}" = VAIO Content Folder Watcher
"{36557787-E9BE-40E0-8627-C6C3486FF1CF}" = VAIO Content Metadata Intelligent Analyzing Manager
"{36BDB1C2-CC66-41EB-B7DD-76339A7BB046}" = VAIO Edit Components
"{3B311FB9-5B6A-328C-D7AE-2445D639D886}" = CCC Help Norwegian
"{3B659FAD-E772-44A3-B7E7-560FF084669F}" = VAIO Smart Network
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D333C7C-102B-F474-9524-72AAA3F292B8}" = Catalyst Control Center Localization Danish
"{3E2C691B-B7E6-4053-B5C3-94B8BC407E7A}" = Adobe Premiere Elements 4.0
"{4529BC6B-16AE-6829-4946-36C33DBF8DD1}" = Catalyst Control Center Localization French
"{46D7A7FB-305B-F77D-60F8-8FAE1C432374}" = Catalyst Control Center InstallProxy
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox
"{527EB2A4-BF51-B1B6-3F09-2032A861548E}" = Catalyst Control Center Graphics Light
"{52A7C6A6-6B88-47D1-922E-9F8A7E089E6A}" = Intel(R) PROSet/Wireless WiFi-Software
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{55AF809F-BD6D-45AF-A2C2-833308FA432A}" = VAIO Content Metadata XML Interface Library
"{55C0F7C1-8B6D-CBBD-2B88-EE7261A87254}" = CCC Help Greek
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5C5EE8F2-0B38-4C13-AE4E-A87A237FE718}" =
"{5F5867F0-2D23-4338-A206-01A76C823924}" = VAIO Energie Verwaltung
"{629FD96D-5877-0832-2D31-0EFE781F870D}" = CCC Help Portuguese
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{6332AFF1-9D9A-429C-AA03-F82749FA4F49}" = SonicStage Mastering Studio
"{652C5DED-9B9F-93D0-5E94-931B8C38EF0E}" = Catalyst Control Center Localization Thai
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{69C8B1E3-2665-4A0F-B049-67746E5C4CE3}" = Software Info for Me&My VAIO
"{6A54CB6A-59D1-6A3A-08F3-E34ECF8905A9}" = Catalyst Control Center Graphics Previews Vista
"{6AA6EEA5-BF09-932B-AC25-0E9CCA4B709A}" = CCC Help Danish
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6C4EF0CA-A9DD-96CF-B722-CCDEB589DD26}" = Catalyst Control Center Localization Chinese Traditional
"{6D4673B7-A982-43E5-82E9-13E037681478}" = Click to Disc
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{711D43D7-24FE-A2B7-CC52-A48BCAAF3926}" = Catalyst Control Center Graphics Previews Common
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{73496381-83C9-7BE6-6EB6-4CF97C00E5FD}" = CCC Help Polish
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{75F52FAC-16CE-4A2A-B89A-9742F39A1864}" = VAIO Movie Story
"{76D7CCD6-8369-405C-B494-5F34FAE67249}" = Me&My VAIO
"{79BBD55C-9FF6-D496-8AE6-E2EC2829F974}" = Catalyst Control Center Localization Czech
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{7CC28423-465C-F4B9-9379-343DF715BE62}" = CCC Help Swedish
"{80828DF5-270E-F8E6-6274-55ACA4C7E229}" = Catalyst Control Center Localization Japanese
"{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}" = VAIO Update 4
"{84037798-D63A-F5CA-9FB2-829B362BF712}" = CCC Help Finnish
"{8470A1D9-536E-C7C1-AE2D-24B739B1665A}" = Catalyst Control Center Localization Russian
"{882683C6-8B60-5CBC-38A8-55ED185FD975}" = CCC Help Turkish
"{8843C5E1-51E5-DFA6-1AD8-757C8DCA7E37}" = CCC Help Russian
"{88C596E4-6882-8E76-EBEF-AB739F5A3B69}" = Catalyst Control Center Localization Italian
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C467DE1-6E04-0888-B281-172909C96F37}" = Skins
"{8C7FB08D-7A84-22E0-F553-F6B827023E17}" = CCC Help Chinese Traditional
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91F2D688-B8CB-4461-A92D-6B35279DAE8F}" = VAIO Content Folder Watcher
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{93F32124-BB54-C599-CF55-E1E57565BCE3}" = CCC Help Czech
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{96C951BB-47C8-8497-78F0-7D8D328B58E3}" = Catalyst Control Center Localization Portuguese
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music
"{9973498D-EA29-4A68-BE0B-C88D6E03E928}" = ArcSoft WebCam Companion 2
"{99D8CD4E-A5D2-A9DF-A152-B28EB5A71F85}" = Catalyst Control Center Localization German
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}" = SonicStage Mastering Studio Plugins
"{9EAC0E21-510E-4259-A9C6-F5D5B8969036}" = Catalyst Control Center - Branding
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A2052C95-48CC-4AC9-A8D4-FCD89DDD8F2C}" = VAIO Content Folder Watcher
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A939F952-1C7E-CBF8-EE77-CFBD9C6A4ECC}" = ccc-core-static
"{AA75988E-9EC1-EECE-CE00-D5D935974528}" = CCC Help Dutch
"{AC76BA86-1033-F400-BA7E-000000000004}" = Adobe Acrobat 9 Standard - English, Français, Deutsch
"{AC76BA86-1033-F400-BA7E-000000000004}{AC76BA86-1033-F400-BA7E-000000000004}" = Adobe Acrobat 9 Standard - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Deutsch
"{ACB5FD4A-6C58-972C-180C-9677C037E71D}" = Catalyst Control Center Localization Chinese Standard
"{ADBDB038-FF77-C672-04A1-7A0E67E8C73C}" = Catalyst Control Center Core Implementation
"{ADECE95F-585D-8B33-BF50-53C2BDA1E241}" = Catalyst Control Center Localization Korean
"{AE0FBCB5-3193-4583-C6CB-AA96F307EA70}" = ccc-utility
"{AFF10119-F154-4888-77F3-B149DE987976}" = Catalyst Control Center Localization Polish
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7C03E84-AF46-42F4-809D-D4127D9086D0}" = VAIO Edit Components 6.5
"{C1083DBC-C541-4E8C-91EA-D92397AB9A2C}" = OpenMG Secure Module 5.1.00
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C767EE67-9AA4-1CBF-8FD4-87F52CBB041D}" = CCC Help Italian
"{C8E57F8C-64FE-28D7-0F65-7BE87AF49745}" = Catalyst Control Center Graphics Full New
"{CAE07D54-A400-DAF9-912B-306DD941B61C}" = Catalyst Control Center Localization Finnish
"{CB6CF566-E06F-2556-55EF-EE149FC6EE7F}" = CCC Help French
"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Music Transfer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D035FBF6-FDEF-487D-89CA-6F9DD07B783F}" = Dolby Control Center
"{D355ECA7-DBF5-F22E-4E1A-BF69CFC5CED8}" = CCC Help Japanese
"{D44DF260-2D5A-3277-97D6-C97D1A806CF5}" = CCC Help Thai
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D5FBA9C1-21D3-4210-A604-CF9E38238F35}" = VAIO Entertainment Platform
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D7019E24-BF07-3690-18C7-3D0DE87D09AB}" = CCC Help Chinese Standard
"{D7FFE7EB-1A15-864C-B335-E768BF623B84}" = Catalyst Control Center Localization Swedish
"{DE1F799A-0A02-FF3B-8786-195E91D0DE94}" = CCC Help Spanish
"{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}" = SonicStage Mastering Studio Audio Filter
"{E31010F6-DE18-0E9F-E028-FC709306C6F1}" = Catalyst Control Center Localization Turkish
"{E3453B1B-C91B-4C48-B046-8DF635DD46F2}" = VAIO Content Metadata XML Interface Library
"{E464702F-5433-46EC-8F65-159276C0A54F}" = WIDCOMM Bluetooth Software 6.2.0.5800
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5BD6683-301D-B224-FB7C-320299CD51F9}" = CCC Help Hungarian
"{E9730C7A-E5DA-8222-45FE-2D71E810BE46}" = Catalyst Control Center Localization Spanish
"{EA39F1F5-D4A1-C02A-0865-7F6A95A33A56}" = CCC Help English
"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1
"{EADE97A7-E7AA-43FD-A042-92A68E0187A6}" = VAIO Content Metadata Manager Setting
"{EC37A846-53AC-4DA7-98FA-76A4E74AA900}" = Benutzerdefinierte Voreinstellungen für SonicStage Mastering Studio Audio Filter
"{ECB5774A-A39B-4419-A7D3-92F49C0FCAB3}" = VAIO Content Metadata Intelligent Analyzing Manager
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EDF6A69E-967B-4F17-B537-647CA205EC1D}" = VAIO Content Metadata Manager Setting
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2D7A126-9648-4588-9C3E-7C1E7FD22C23}" = SonicStage Mastering Studio
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F85C7118-F3DC-4ED9-AB27-3E7931EA3D88}" = Adobe Premiere Elements 4.0 Templates
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"avast" = avast! Free Antivirus
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"Converter_is1" = Converter version 0.1
"dt icon module" =
"DVDVideoSoftTB_DE Toolbar" = DVDVideoSoftTB DE Toolbar
"eMule" = eMule
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"Free YouTube Download_is1" = Free YouTube Download version 3.1.42.1212
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.36.1201
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"InstallShield_{C1083DBC-C541-4E8C-91EA-D92397AB9A2C}" = OpenMG Secure Module 5.1.00
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.5.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"MarketingTools" = VAIO Marketing Tools
"MFU Module" =
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Picasa2" = Picasa 2
"PremElem40" = Adobe Premiere Elements 4.0
"PremElem40Templates" = Adobe Premiere Elements 4.0 Templates
"ProInst" = Intel PROSet Wireless
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VAIO Help and Support" =
"VLC media player" = VLC media player 2.0.5
"WNLT" = IB Updater Service
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1322557523-2006374409-1625639609-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"RYL2NORTHPOLE" = RYL2NORTHPOLE
"RYL2NORTHPOLE v2025" = RYL2NORTHPOLE v2025
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 14.05.2013 11:14:47 | Computer Name = Luzifer-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
Error - 14.05.2013 11:14:49 | Computer Name = Luzifer-PC | Source = WinMgmt | ID = 10
Description =
Error - 15.05.2013 00:48:51 | Computer Name = Luzifer-PC | Source = WinMgmt | ID = 10
Description =
Error - 15.05.2013 00:48:52 | Computer Name = Luzifer-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
Error - 15.05.2013 00:52:14 | Computer Name = Luzifer-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 15.05.2013 00:52:14 | Computer Name = Luzifer-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 15.05.2013 00:52:14 | Computer Name = Luzifer-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 15.05.2013 00:52:14 | Computer Name = Luzifer-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 15.05.2013 10:48:22 | Computer Name = Luzifer-PC | Source = WinMgmt | ID = 10
Description =
Error - 15.05.2013 10:48:22 | Computer Name = Luzifer-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
[ System Events ]
Error - 06.06.2013 00:32:13 | Computer Name = Luzifer-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 06.06.2013 00:32:13 | Computer Name = Luzifer-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 06.06.2013 12:17:11 | Computer Name = Luzifer-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 06.06.2013 12:17:11 | Computer Name = Luzifer-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 07.06.2013 05:10:29 | Computer Name = Luzifer-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 07.06.2013 05:10:29 | Computer Name = Luzifer-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 07.06.2013 07:57:39 | Computer Name = Luzifer-PC | Source = iaStor | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 08.06.2013 12:29:55 | Computer Name = Luzifer-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 07.06.2013 um 20:28:17 unerwartet heruntergefahren.
Error - 08.06.2013 12:30:41 | Computer Name = Luzifer-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 08.06.2013 12:30:41 | Computer Name = Luzifer-PC | Source = Service Control Manager | ID = 7026
Description =
< End of report >
Wenn mir jemand sagt, wie ich eine neue Extra datei erstelle, mach ich das natürlich auch...... Hi markusg, sorry, ich will nicht hetzen, habe nächste woche spätschicht und traue mich kaum an den Rechner um irgendwas zu machen, da ich nicht weiss, was ich da aufm rechner habe. Warte auf sehnsüchtig auf weitere Anweisungen  |
|
09.06.2013, 18:26
| #6 |
| /// Malware-holic | Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun? Hi, das ist normal Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ --> Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun? |
|
09.06.2013, 19:58
| #7 |
| | Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun? ok, hier die TDSSlog 20:28:40.0111 1464 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 20:28:40.0228 1464 ============================================================ 20:28:40.0228 1464 Current date / time: 2013/06/09 20:28:40.0228 20:28:40.0228 1464 SystemInfo: 20:28:40.0228 1464 20:28:40.0228 1464 OS Version: 6.0.6002 ServicePack: 2.0 20:28:40.0228 1464 Product type: Workstation 20:28:40.0228 1464 ComputerName: LUZIFER-PC 20:28:40.0228 1464 UserName: Luzifer 20:28:40.0228 1464 Windows directory: C:\Windows 20:28:40.0228 1464 System windows directory: C:\Windows 20:28:40.0228 1464 Processor architecture: Intel x86 20:28:40.0228 1464 Number of processors: 2 20:28:40.0228 1464 Page size: 0x1000 20:28:40.0229 1464 Boot type: Normal boot 20:28:40.0229 1464 ============================================================ 20:28:40.0948 1464 Drive \Device\Harddisk0\DR0 - Size: 0x5D27216000 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 20:28:40.0961 1464 ============================================================ 20:28:40.0961 1464 \Device\Harddisk0\DR0: 20:28:40.0961 1464 MBR partitions: 20:28:40.0962 1464 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x19FB800, BlocksNum 0x1B3B77F8 20:28:40.0962 1464 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1CDB3000, BlocksNum 0x8DDDFF8 20:28:40.0992 1464 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x25B91800, BlocksNum 0x8DA7000 20:28:40.0992 1464 ============================================================ 20:28:41.0050 1464 C: <-> \Device\Harddisk0\DR0\Partition1 20:28:41.0093 1464 D: <-> \Device\Harddisk0\DR0\Partition3 20:28:41.0142 1464 G: <-> \Device\Harddisk0\DR0\Partition2 20:28:41.0143 1464 ============================================================ 20:28:41.0143 1464 Initialize success 20:28:41.0143 1464 ============================================================ 20:51:46.0396 3544 ============================================================ 20:51:46.0396 3544 Scan started 20:51:46.0396 3544 Mode: Manual; SigCheck; TDLFS; 20:51:46.0396 3544 ============================================================ 20:51:47.0176 3544 ================ Scan system memory ======================== 20:51:47.0176 3544 System memory - ok 20:51:47.0176 3544 ================ Scan services ============================= 20:51:47.0878 3544 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe 20:51:48.0112 3544 ACDaemon - ok 20:51:48.0845 3544 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys 20:51:48.0923 3544 ACPI - ok 20:51:49.0079 3544 [ E8FE4FCE23D2809BD88BCC1D0F8408CE ] AdobeActiveFileMonitor6.0 c:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe 20:51:49.0126 3544 AdobeActiveFileMonitor6.0 - ok 20:51:49.0251 3544 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe 20:51:49.0313 3544 AdobeARMservice - ok 20:51:49.0438 3544 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 20:51:49.0500 3544 AdobeFlashPlayerUpdateSvc - ok 20:51:49.0563 3544 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 20:51:49.0641 3544 adp94xx - ok 20:51:49.0703 3544 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys 20:51:49.0765 3544 adpahci - ok 20:51:49.0812 3544 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys 20:51:49.0875 3544 adpu160m - ok 20:51:49.0906 3544 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 20:51:49.0953 3544 adpu320 - ok 20:51:49.0984 3544 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 20:51:50.0077 3544 AeLookupSvc - ok 20:51:50.0140 3544 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys 20:51:50.0249 3544 AFD - ok 20:51:50.0296 3544 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys 20:51:50.0327 3544 agp440 - ok 20:51:50.0374 3544 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys 20:51:50.0389 3544 aic78xx - ok 20:51:50.0421 3544 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe 20:51:50.0467 3544 ALG - ok 20:51:50.0499 3544 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys 20:51:50.0530 3544 aliide - ok 20:51:50.0545 3544 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys 20:51:50.0561 3544 amdagp - ok 20:51:50.0577 3544 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys 20:51:50.0608 3544 amdide - ok 20:51:50.0623 3544 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys 20:51:50.0686 3544 AmdK7 - ok 20:51:50.0701 3544 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 20:51:50.0779 3544 AmdK8 - ok 20:51:50.0842 3544 [ 9325E49D555D8F12CE1735227DBB3D80 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys 20:51:50.0857 3544 ApfiltrService - ok 20:51:50.0904 3544 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll 20:51:50.0982 3544 Appinfo - ok 20:51:51.0013 3544 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys 20:51:51.0029 3544 arc - ok 20:51:51.0076 3544 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys 20:51:51.0107 3544 arcsas - ok 20:51:51.0138 3544 [ 857B48965A0503B7AB795D4BFE7CBD8B ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys 20:51:51.0169 3544 ArcSoftKsUFilter - ok 20:51:51.0201 3544 [ 4AF5F360BA1E8794D32B366E45A64A0A ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys 20:51:51.0232 3544 aswFsBlk - ok 20:51:51.0294 3544 [ 1F7094D4268D46F718C51286DC189791 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys 20:51:51.0310 3544 aswMonFlt - ok 20:51:51.0325 3544 [ 7B43265F92257A21CBFD88E7A651044C ] AswRdr C:\Windows\system32\drivers\AswRdr.sys 20:51:51.0341 3544 AswRdr - ok 20:51:51.0357 3544 [ B680134BA1813B78B47FDD1DFF223CA5 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys 20:51:51.0388 3544 aswRvrt - ok 20:51:51.0419 3544 [ 6CAB0A5991C5C0FC63F5E66593E71D7E ] aswSnx C:\Windows\system32\drivers\aswSnx.sys 20:51:51.0481 3544 aswSnx - ok 20:51:51.0528 3544 [ 99102F60F344BEBAF4F6114514FD28D3 ] aswSP C:\Windows\system32\drivers\aswSP.sys 20:51:51.0591 3544 aswSP - ok 20:51:51.0622 3544 [ 1F71F170D90E42EFDE9633D81D5E12DC ] aswTdi C:\Windows\system32\drivers\aswTdi.sys 20:51:51.0637 3544 aswTdi - ok 20:51:51.0653 3544 [ 16B8E3CD50A460EC32CA680C8210A0A9 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys 20:51:51.0669 3544 aswVmm - ok 20:51:51.0700 3544 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 20:51:51.0762 3544 AsyncMac - ok 20:51:51.0793 3544 [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi C:\Windows\system32\drivers\atapi.sys 20:51:51.0809 3544 atapi - ok 20:51:51.0887 3544 [ 6455100A6CDB1DEDC551E12FD41BC519 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe 20:51:51.0996 3544 Ati External Event Utility - ok 20:51:52.0480 3544 [ 9F66D1BA97911731133E46212539A08D ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys 20:51:52.0761 3544 atikmdag - ok 20:51:52.0823 3544 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 20:51:52.0917 3544 AudioEndpointBuilder - ok 20:51:52.0948 3544 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll 20:51:52.0995 3544 Audiosrv - ok 20:51:53.0057 3544 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe 20:51:53.0073 3544 avast! Antivirus - ok 20:51:53.0135 3544 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys 20:51:53.0229 3544 Beep - ok 20:51:53.0291 3544 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll 20:51:53.0400 3544 BFE - ok 20:51:53.0587 3544 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll 20:51:53.0743 3544 BITS - ok 20:51:53.0775 3544 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 20:51:53.0837 3544 blbdrive - ok 20:51:53.0899 3544 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys 20:51:53.0977 3544 bowser - ok 20:51:54.0024 3544 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys 20:51:54.0087 3544 BrFiltLo - ok 20:51:54.0102 3544 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys 20:51:54.0180 3544 BrFiltUp - ok 20:51:54.0243 3544 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll 20:51:54.0367 3544 Browser - ok 20:51:54.0882 3544 [ 013A330F16B1CECBDE5CB6F921689523 ] BrowserDefendert C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe 20:51:55.0038 3544 BrowserDefendert - ok 20:51:55.0069 3544 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys 20:51:55.0132 3544 Brserid - ok 20:51:55.0163 3544 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys 20:51:55.0319 3544 BrSerWdm - ok 20:51:55.0335 3544 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys 20:51:55.0428 3544 BrUsbMdm - ok 20:51:55.0444 3544 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys 20:51:55.0506 3544 BrUsbSer - ok 20:51:55.0537 3544 [ CCE53AFC28347CC18EA139972E5B5E5A ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys 20:51:55.0600 3544 BthEnum - ok 20:51:55.0631 3544 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 20:51:55.0725 3544 BTHMODEM - ok 20:51:55.0756 3544 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 20:51:55.0818 3544 BthPan - ok 20:51:55.0881 3544 [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys 20:51:55.0990 3544 BTHPORT - ok 20:51:56.0052 3544 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll 20:51:56.0115 3544 BthServ - ok 20:51:56.0146 3544 [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys 20:51:56.0224 3544 BTHUSB - ok 20:51:56.0271 3544 [ 14164C0CFD9D5A2704FDAB93A9688630 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys 20:51:56.0302 3544 btwaudio - ok 20:51:56.0333 3544 [ 94DC6E5F3F532C5054F078D845714129 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys 20:51:56.0349 3544 btwavdt - ok 20:51:56.0489 3544 [ C832A3622A35CA7C595EA8CA385BA813 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe 20:51:56.0536 3544 btwdins - ok 20:51:56.0583 3544 [ B9920FB30BCAFF10C111654909B275C9 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys 20:51:56.0598 3544 btwl2cap - ok 20:51:56.0614 3544 [ 61E29BA977B972C9BAA847CC11D48C3D ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys 20:51:56.0645 3544 btwrchid - ok 20:51:56.0692 3544 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 20:51:56.0770 3544 cdfs - ok 20:51:56.0801 3544 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 20:51:56.0863 3544 cdrom - ok 20:51:56.0941 3544 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll 20:51:57.0035 3544 CertPropSvc - ok 20:51:57.0051 3544 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys 20:51:57.0097 3544 circlass - ok 20:51:57.0160 3544 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys 20:51:57.0207 3544 CLFS - ok 20:51:57.0456 3544 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 20:51:57.0519 3544 clr_optimization_v2.0.50727_32 - ok 20:51:57.0597 3544 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 20:51:57.0643 3544 clr_optimization_v4.0.30319_32 - ok 20:51:57.0690 3544 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 20:51:57.0784 3544 CmBatt - ok 20:51:57.0815 3544 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys 20:51:57.0862 3544 cmdide - ok 20:51:57.0893 3544 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 20:51:57.0940 3544 Compbatt - ok 20:51:57.0955 3544 COMSysApp - ok 20:51:57.0971 3544 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 20:51:58.0018 3544 crcdisk - ok 20:51:58.0049 3544 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys 20:51:58.0127 3544 Crusoe - ok 20:51:58.0189 3544 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll 20:51:58.0283 3544 CryptSvc - ok 20:51:58.0423 3544 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll 20:51:58.0533 3544 DcomLaunch - ok 20:51:58.0626 3544 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys 20:51:58.0720 3544 DfsC - ok 20:51:59.0063 3544 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe 20:51:59.0297 3544 DFSR - ok 20:51:59.0391 3544 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll 20:51:59.0453 3544 Dhcp - ok 20:51:59.0484 3544 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys 20:51:59.0515 3544 disk - ok 20:51:59.0578 3544 [ F206E28ED74C491FD5D7C0A1119CE37F ] DMICall C:\Windows\system32\DRIVERS\DMICall.sys 20:51:59.0593 3544 DMICall - ok 20:51:59.0640 3544 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll 20:51:59.0687 3544 Dnscache - ok 20:51:59.0749 3544 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll 20:51:59.0843 3544 dot3svc - ok 20:51:59.0890 3544 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll 20:51:59.0999 3544 DPS - ok 20:52:00.0061 3544 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 20:52:00.0139 3544 drmkaud - ok 20:52:00.0295 3544 [ 5DE0FAEC9E5D1AAE74F8568897891A01 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 20:52:00.0405 3544 DXGKrnl - ok 20:52:00.0467 3544 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys 20:52:00.0514 3544 E1G60 - ok 20:52:00.0576 3544 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll 20:52:00.0639 3544 EapHost - ok 20:52:00.0748 3544 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys 20:52:00.0810 3544 Ecache - ok 20:52:00.0919 3544 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 20:52:00.0997 3544 ehRecvr - ok 20:52:01.0029 3544 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe 20:52:01.0107 3544 ehSched - ok 20:52:01.0122 3544 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll 20:52:01.0185 3544 ehstart - ok 20:52:01.0247 3544 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys 20:52:01.0325 3544 elxstor - ok 20:52:01.0497 3544 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll 20:52:01.0637 3544 EMDMgmt - ok 20:52:01.0684 3544 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys 20:52:01.0746 3544 ErrDev - ok 20:52:01.0840 3544 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll 20:52:01.0933 3544 EventSystem - ok 20:52:02.0136 3544 [ BA6063E3375F9BC11A9C8450A7F61E70 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 20:52:02.0230 3544 EvtEng ( UnsignedFile.Multi.Generic ) - warning 20:52:02.0230 3544 EvtEng - detected UnsignedFile.Multi.Generic (1) 20:52:02.0292 3544 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys 20:52:02.0401 3544 exfat - ok 20:52:02.0479 3544 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys 20:52:02.0573 3544 fastfat - ok 20:52:02.0620 3544 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys 20:52:02.0713 3544 fdc - ok 20:52:02.0776 3544 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll 20:52:02.0869 3544 fdPHost - ok 20:52:02.0885 3544 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll 20:52:03.0041 3544 FDResPub - ok 20:52:03.0088 3544 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 20:52:03.0135 3544 FileInfo - ok 20:52:03.0166 3544 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys 20:52:03.0275 3544 Filetrace - ok 20:52:03.0353 3544 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 20:52:03.0478 3544 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning 20:52:03.0478 3544 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1) 20:52:03.0540 3544 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 20:52:03.0649 3544 flpydisk - ok 20:52:03.0743 3544 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 20:52:03.0805 3544 FltMgr - ok 20:52:03.0915 3544 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll 20:52:03.0977 3544 FontCache - ok 20:52:04.0117 3544 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 20:52:04.0133 3544 FontCache3.0.0.0 - ok 20:52:04.0195 3544 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 20:52:04.0273 3544 Fs_Rec - ok 20:52:04.0320 3544 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 20:52:04.0336 3544 gagp30kx - ok 20:52:04.0398 3544 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll 20:52:04.0492 3544 gpsvc - ok 20:52:04.0632 3544 [ 649F407A844DDE2B97BC086AF97D663B ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 20:52:04.0679 3544 gusvc - ok 20:52:04.0726 3544 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 20:52:04.0804 3544 HdAudAddService - ok 20:52:04.0960 3544 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 20:52:05.0116 3544 HDAudBus - ok 20:52:05.0147 3544 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys 20:52:05.0287 3544 HidBth - ok 20:52:05.0334 3544 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys 20:52:05.0490 3544 HidIr - ok 20:52:05.0553 3544 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll 20:52:05.0631 3544 hidserv - ok 20:52:05.0677 3544 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 20:52:05.0771 3544 HidUsb - ok 20:52:05.0818 3544 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll 20:52:05.0927 3544 hkmsvc - ok 20:52:05.0989 3544 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys 20:52:06.0036 3544 HpCISSs - ok 20:52:06.0114 3544 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS 20:52:06.0177 3544 HSFHWAZL - ok 20:52:06.0239 3544 [ 7BC42C65B5C6281777C1A7605B253BA8 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys 20:52:06.0457 3544 HSF_DPV - ok 20:52:06.0520 3544 [ 9EBF2D102CCBB6BCDFBF1B7922F8BA2E ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys 20:52:06.0582 3544 HSXHWAZL - ok 20:52:06.0645 3544 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys 20:52:06.0754 3544 HTTP - ok 20:52:06.0816 3544 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys 20:52:06.0879 3544 i2omp - ok 20:52:06.0925 3544 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 20:52:07.0003 3544 i8042prt - ok 20:52:07.0113 3544 [ 8EF427C54497C5F8A7A645990E4278C7 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 20:52:07.0159 3544 iaStor - ok 20:52:07.0206 3544 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys 20:52:07.0269 3544 iaStorV - ok 20:52:07.0393 3544 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 20:52:07.0518 3544 idsvc - ok 20:52:07.0549 3544 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys 20:52:07.0581 3544 iirsp - ok 20:52:07.0627 3544 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll 20:52:07.0768 3544 IKEEXT - ok 20:52:07.0971 3544 [ 4A0F260DF9A5333C07F4AB40CA9D4F4B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys 20:52:08.0220 3544 IntcAzAudAddService - ok 20:52:08.0267 3544 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys 20:52:08.0314 3544 intelide - ok 20:52:08.0361 3544 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 20:52:08.0439 3544 intelppm - ok 20:52:08.0470 3544 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 20:52:08.0532 3544 IPBusEnum - ok 20:52:08.0548 3544 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 20:52:08.0610 3544 IpFilterDriver - ok 20:52:08.0641 3544 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 20:52:08.0688 3544 iphlpsvc - ok 20:52:08.0704 3544 IpInIp - ok 20:52:08.0719 3544 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys 20:52:08.0797 3544 IPMIDRV - ok 20:52:08.0829 3544 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys 20:52:08.0875 3544 IPNAT - ok 20:52:08.0891 3544 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 20:52:08.0922 3544 IRENUM - ok 20:52:08.0969 3544 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys 20:52:09.0000 3544 isapnp - ok 20:52:09.0031 3544 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys 20:52:09.0063 3544 iScsiPrt - ok 20:52:09.0078 3544 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys 20:52:09.0109 3544 iteatapi - ok 20:52:09.0141 3544 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys 20:52:09.0172 3544 iteraid - ok 20:52:09.0234 3544 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe 20:52:09.0250 3544 IviRegMgr - ok 20:52:09.0281 3544 jgwlhdkr - ok 20:52:09.0297 3544 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 20:52:09.0312 3544 kbdclass - ok 20:52:09.0343 3544 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 20:52:09.0390 3544 kbdhid - ok 20:52:09.0453 3544 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe 20:52:09.0515 3544 KeyIso - ok 20:52:09.0546 3544 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 20:52:09.0577 3544 KSecDD - ok 20:52:09.0640 3544 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll 20:52:09.0718 3544 KtmRm - ok 20:52:09.0780 3544 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll 20:52:09.0811 3544 LanmanServer - ok 20:52:09.0827 3544 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 20:52:09.0858 3544 LanmanWorkstation - ok 20:52:09.0905 3544 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 20:52:09.0952 3544 lltdio - ok 20:52:09.0999 3544 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll 20:52:10.0077 3544 lltdsvc - ok 20:52:10.0108 3544 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll 20:52:10.0201 3544 lmhosts - ok 20:52:10.0233 3544 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 20:52:10.0264 3544 LSI_FC - ok 20:52:10.0279 3544 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 20:52:10.0295 3544 LSI_SAS - ok 20:52:10.0311 3544 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 20:52:10.0342 3544 LSI_SCSI - ok 20:52:10.0357 3544 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys 20:52:10.0420 3544 luafv - ok 20:52:10.0467 3544 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 20:52:10.0529 3544 Mcx2Svc - ok 20:52:10.0576 3544 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys 20:52:10.0623 3544 mdmxsdk - ok 20:52:10.0654 3544 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys 20:52:10.0685 3544 megasas - ok 20:52:10.0732 3544 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys 20:52:10.0763 3544 MegaSR - ok 20:52:10.0857 3544 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe 20:52:10.0919 3544 Microsoft Office Groove Audit Service - ok 20:52:10.0950 3544 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll 20:52:11.0028 3544 MMCSS - ok 20:52:11.0059 3544 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys 20:52:11.0153 3544 Modem - ok 20:52:11.0184 3544 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 20:52:11.0262 3544 monitor - ok 20:52:11.0293 3544 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 20:52:11.0356 3544 mouclass - ok 20:52:11.0387 3544 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 20:52:11.0481 3544 mouhid - ok 20:52:11.0512 3544 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys 20:52:11.0559 3544 MountMgr - ok 20:52:11.0637 3544 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 20:52:11.0683 3544 MozillaMaintenance - ok 20:52:11.0730 3544 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys 20:52:11.0777 3544 mpio - ok 20:52:11.0808 3544 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 20:52:11.0902 3544 mpsdrv - ok 20:52:12.0058 3544 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll 20:52:12.0183 3544 MpsSvc - ok 20:52:12.0245 3544 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys 20:52:12.0307 3544 Mraid35x - ok 20:52:12.0354 3544 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 20:52:12.0448 3544 MRxDAV - ok 20:52:12.0479 3544 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 20:52:12.0573 3544 mrxsmb - ok 20:52:12.0635 3544 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 20:52:12.0713 3544 mrxsmb10 - ok 20:52:12.0775 3544 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 20:52:12.0822 3544 mrxsmb20 - ok 20:52:12.0853 3544 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys 20:52:12.0885 3544 msahci - ok 20:52:12.0963 3544 [ A99D2C7E30AD63EF920A894131CAF5F7 ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe 20:52:13.0025 3544 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - warning 20:52:13.0025 3544 MSCSPTISRV - detected UnsignedFile.Multi.Generic (1) 20:52:13.0056 3544 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys 20:52:13.0103 3544 msdsm - ok 20:52:13.0119 3544 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe 20:52:13.0181 3544 MSDTC - ok 20:52:13.0228 3544 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys 20:52:13.0290 3544 Msfs - ok 20:52:13.0353 3544 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 20:52:13.0399 3544 msisadrv - ok 20:52:13.0446 3544 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 20:52:13.0555 3544 MSiSCSI - ok 20:52:13.0571 3544 msiserver - ok 20:52:13.0618 3544 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 20:52:13.0711 3544 MSKSSRV - ok 20:52:13.0758 3544 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 20:52:13.0836 3544 MSPCLOCK - ok 20:52:13.0883 3544 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 20:52:13.0945 3544 MSPQM - ok 20:52:14.0055 3544 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 20:52:14.0117 3544 MsRPC - ok 20:52:14.0179 3544 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 20:52:14.0226 3544 mssmbios - ok 20:52:14.0257 3544 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 20:52:14.0351 3544 MSTEE - ok 20:52:14.0398 3544 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys 20:52:14.0460 3544 Mup - ok 20:52:14.0554 3544 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll 20:52:14.0663 3544 napagent - ok 20:52:14.0725 3544 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 20:52:14.0803 3544 NativeWifiP - ok 20:52:14.0975 3544 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys 20:52:15.0037 3544 NDIS - ok 20:52:15.0100 3544 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 20:52:15.0178 3544 NdisTapi - ok 20:52:15.0193 3544 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 20:52:15.0256 3544 Ndisuio - ok 20:52:15.0303 3544 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 20:52:15.0365 3544 NdisWan - ok 20:52:15.0381 3544 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 20:52:15.0427 3544 NDProxy - ok 20:52:15.0459 3544 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 20:52:15.0521 3544 NetBIOS - ok 20:52:15.0583 3544 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys 20:52:15.0677 3544 netbt - ok 20:52:15.0693 3544 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe 20:52:15.0739 3544 Netlogon - ok 20:52:15.0833 3544 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll 20:52:15.0958 3544 Netman - ok 20:52:15.0989 3544 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll 20:52:16.0114 3544 netprofm - ok 20:52:16.0176 3544 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 20:52:16.0239 3544 NetTcpPortSharing - ok 20:52:16.0707 3544 [ BA420E8EBFCAD35581FE8E4C64F71469 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys 20:52:17.0112 3544 NETw5v32 - ok 20:52:17.0159 3544 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 20:52:17.0221 3544 nfrd960 - ok 20:52:17.0284 3544 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll 20:52:17.0377 3544 NlaSvc - ok 20:52:17.0440 3544 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys 20:52:17.0502 3544 Npfs - ok 20:52:17.0549 3544 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll 20:52:17.0596 3544 nsi - ok 20:52:17.0611 3544 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 20:52:17.0674 3544 nsiproxy - ok 20:52:17.0799 3544 [ B30F5C423B45A6668EADAD883678E2D0 ] NSUService C:\Program Files\sony\Network Utility\NSUService.exe 20:52:17.0845 3544 NSUService ( UnsignedFile.Multi.Generic ) - warning 20:52:17.0845 3544 NSUService - detected UnsignedFile.Multi.Generic (1) 20:52:17.0939 3544 [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 20:52:18.0095 3544 Ntfs - ok 20:52:18.0157 3544 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys 20:52:18.0313 3544 ntrigdigi - ok 20:52:18.0345 3544 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys 20:52:18.0454 3544 Null - ok 20:52:18.0501 3544 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys 20:52:18.0563 3544 nvraid - ok 20:52:18.0579 3544 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys 20:52:18.0641 3544 nvstor - ok 20:52:18.0672 3544 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 20:52:18.0735 3544 nv_agp - ok 20:52:18.0750 3544 NwlnkFlt - ok 20:52:18.0766 3544 NwlnkFwd - ok 20:52:18.0937 3544 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 20:52:19.0000 3544 odserv - ok 20:52:19.0047 3544 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys 20:52:19.0125 3544 ohci1394 - ok 20:52:19.0187 3544 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 20:52:19.0234 3544 ose - ok 20:52:19.0359 3544 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll 20:52:19.0499 3544 p2pimsvc - ok 20:52:19.0561 3544 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll 20:52:19.0593 3544 p2psvc - ok 20:52:19.0655 3544 [ 41C33FB4FD929FED732A00D2DAEF5BE0 ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe 20:52:19.0702 3544 PACSPTISVR ( UnsignedFile.Multi.Generic ) - warning 20:52:19.0702 3544 PACSPTISVR - detected UnsignedFile.Multi.Generic (1) 20:52:19.0733 3544 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys 20:52:19.0795 3544 Parport - ok 20:52:19.0842 3544 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys 20:52:19.0873 3544 partmgr - ok 20:52:19.0889 3544 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys 20:52:19.0967 3544 Parvdm - ok 20:52:20.0014 3544 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll 20:52:20.0045 3544 PcaSvc - ok 20:52:20.0076 3544 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys 20:52:20.0092 3544 pci - ok 20:52:20.0107 3544 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys 20:52:20.0139 3544 pciide - ok 20:52:20.0170 3544 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 20:52:20.0201 3544 pcmcia - ok 20:52:20.0263 3544 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 20:52:20.0419 3544 PEAUTH - ok 20:52:20.0669 3544 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll 20:52:20.0856 3544 pla - ok 20:52:20.0903 3544 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll 20:52:20.0950 3544 PlugPlay - ok 20:52:20.0997 3544 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll 20:52:21.0028 3544 PNRPAutoReg - ok 20:52:21.0059 3544 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll 20:52:21.0121 3544 PNRPsvc - ok 20:52:21.0137 3544 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 20:52:21.0215 3544 PolicyAgent - ok 20:52:21.0246 3544 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 20:52:21.0309 3544 PptpMiniport - ok 20:52:21.0340 3544 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys 20:52:21.0387 3544 Processor - ok 20:52:21.0496 3544 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll 20:52:21.0652 3544 ProfSvc - ok 20:52:21.0667 3544 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe 20:52:21.0730 3544 ProtectedStorage - ok 20:52:21.0855 3544 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys 20:52:21.0901 3544 PSched - ok 20:52:21.0979 3544 [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys 20:52:21.0995 3544 PxHelp20 - ok 20:52:22.0260 3544 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 20:52:22.0416 3544 ql2300 - ok 20:52:22.0447 3544 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 20:52:22.0494 3544 ql40xx - ok 20:52:22.0525 3544 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll 20:52:22.0603 3544 QWAVE - ok 20:52:22.0650 3544 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 20:52:22.0697 3544 QWAVEdrv - ok 20:52:22.0713 3544 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 20:52:22.0822 3544 RasAcd - ok 20:52:22.0853 3544 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll 20:52:22.0931 3544 RasAuto - ok 20:52:22.0947 3544 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 20:52:23.0009 3544 Rasl2tp - ok 20:52:23.0087 3544 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll 20:52:23.0149 3544 RasMan - ok 20:52:23.0196 3544 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 20:52:23.0274 3544 RasPppoe - ok 20:52:23.0321 3544 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 20:52:23.0352 3544 RasSstp - ok 20:52:23.0399 3544 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 20:52:23.0430 3544 rdbss - ok 20:52:23.0461 3544 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 20:52:23.0524 3544 RDPCDD - ok 20:52:23.0555 3544 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys 20:52:23.0602 3544 rdpdr - ok 20:52:23.0617 3544 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 20:52:23.0664 3544 RDPENCDD - ok 20:52:23.0711 3544 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 20:52:23.0742 3544 RDPWD - ok 20:52:23.0773 3544 [ 001B4278407F4303EFC902A2B16F2453 ] regi C:\Windows\system32\drivers\regi.sys 20:52:23.0789 3544 regi - ok 20:52:23.0883 3544 [ 7EEEEC28A34516E66137F355DCC15BDB ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 20:52:23.0898 3544 RegSrvc ( UnsignedFile.Multi.Generic ) - warning 20:52:23.0898 3544 RegSrvc - detected UnsignedFile.Multi.Generic (1) 20:52:23.0945 3544 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll 20:52:23.0992 3544 RemoteAccess - ok 20:52:24.0039 3544 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll 20:52:24.0070 3544 RemoteRegistry - ok 20:52:24.0101 3544 [ 23F486726DA7A9B2F3EC7326421A9C36 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 20:52:24.0132 3544 RFCOMM - ok 20:52:24.0179 3544 [ F7D9ECF41EBD3CF6C65944368150F66B ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys 20:52:24.0226 3544 rimsptsk - ok 20:52:24.0241 3544 [ 1BE6C42767A7C67BA31AE32B293B37A3 ] risdptsk C:\Windows\system32\DRIVERS\risdptsk.sys 20:52:24.0273 3544 risdptsk - ok 20:52:24.0304 3544 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe 20:52:24.0351 3544 RpcLocator - ok 20:52:24.0397 3544 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll 20:52:24.0444 3544 RpcSs - ok 20:52:24.0444 3544 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 20:52:24.0507 3544 rspndr - ok 20:52:24.0585 3544 [ 065A51298212455584F1811B033B617E ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys 20:52:24.0600 3544 RTHDMIAzAudService - ok 20:52:24.0631 3544 [ DF1970AB067B4BA4221F0AD0AB9EBB30 ] RtkAudioService C:\Windows\RtkAudioService.exe 20:52:24.0678 3544 RtkAudioService ( UnsignedFile.Multi.Generic ) - warning 20:52:24.0678 3544 RtkAudioService - detected UnsignedFile.Multi.Generic (1) 20:52:24.0678 3544 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe 20:52:24.0709 3544 SamSs - ok 20:52:24.0741 3544 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 20:52:24.0756 3544 sbp2port - ok 20:52:24.0819 3544 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll 20:52:24.0865 3544 SCardSvr - ok 20:52:24.0912 3544 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll 20:52:25.0021 3544 Schedule - ok 20:52:25.0053 3544 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll 20:52:25.0084 3544 SCPolicySvc - ok 20:52:25.0131 3544 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys 20:52:25.0193 3544 sdbus - ok 20:52:25.0224 3544 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll 20:52:25.0287 3544 SDRSVC - ok 20:52:25.0302 3544 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys 20:52:25.0396 3544 secdrv - ok 20:52:25.0411 3544 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll 20:52:25.0474 3544 seclogon - ok 20:52:25.0489 3544 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll 20:52:25.0567 3544 SENS - ok 20:52:25.0614 3544 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys 20:52:25.0692 3544 Serenum - ok 20:52:25.0708 3544 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys 20:52:25.0801 3544 Serial - ok 20:52:25.0833 3544 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys 20:52:25.0879 3544 sermouse - ok 20:52:25.0926 3544 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll 20:52:25.0989 3544 SessionEnv - ok 20:52:26.0051 3544 [ 8B7C1768D2CDE2E02E09A66563DDFD16 ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys 20:52:26.0098 3544 SFEP - ok 20:52:26.0129 3544 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 20:52:26.0160 3544 sffdisk - ok 20:52:26.0176 3544 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 20:52:26.0238 3544 sffp_mmc - ok 20:52:26.0254 3544 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 20:52:26.0285 3544 sffp_sd - ok 20:52:26.0301 3544 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 20:52:26.0379 3544 sfloppy - ok 20:52:26.0441 3544 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll 20:52:26.0503 3544 SharedAccess - ok 20:52:26.0566 3544 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 20:52:26.0644 3544 ShellHWDetection - ok 20:52:26.0659 3544 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys 20:52:26.0706 3544 sisagp - ok 20:52:26.0737 3544 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys 20:52:26.0769 3544 SiSRaid2 - ok 20:52:26.0800 3544 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 20:52:26.0831 3544 SiSRaid4 - ok 20:52:26.0893 3544 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe 20:52:26.0925 3544 SkypeUpdate - ok 20:52:27.0221 3544 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe 20:52:27.0580 3544 slsvc - ok 20:52:27.0627 3544 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll 20:52:27.0689 3544 SLUINotify - ok 20:52:27.0720 3544 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys 20:52:27.0798 3544 Smb - ok 20:52:27.0845 3544 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 20:52:27.0892 3544 SNMPTRAP - ok 20:52:28.0032 3544 [ 1A9DD46C547646A54CDB4065C1996A07 ] SOHCImp C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe 20:52:28.0095 3544 SOHCImp - ok 20:52:28.0141 3544 [ 2E1B0D8278BB616148DDCA13DAE87544 ] SOHDms C:\Program Files\Sony\VAIO Media plus\SOHDms.exe 20:52:28.0204 3544 SOHDms - ok 20:52:28.0251 3544 [ 892529EE03211C35AEA7132E119F4862 ] SOHDs C:\Program Files\Sony\VAIO Media plus\SOHDs.exe 20:52:28.0297 3544 SOHDs - ok 20:52:28.0344 3544 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys 20:52:28.0391 3544 spldr - ok 20:52:28.0438 3544 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe 20:52:28.0485 3544 Spooler - ok 20:52:28.0531 3544 [ F63102F289AE2039940B22E9B2A8E0BD ] SPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe 20:52:28.0547 3544 SPTISRV ( UnsignedFile.Multi.Generic ) - warning 20:52:28.0547 3544 SPTISRV - detected UnsignedFile.Multi.Generic (1) 20:52:28.0578 3544 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys 20:52:28.0656 3544 srv - ok 20:52:28.0703 3544 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 20:52:28.0750 3544 srv2 - ok 20:52:28.0765 3544 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 20:52:28.0797 3544 srvnet - ok 20:52:28.0828 3544 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 20:52:28.0890 3544 SSDPSRV - ok 20:52:28.0937 3544 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll 20:52:28.0984 3544 SstpSvc - ok 20:52:29.0077 3544 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll 20:52:29.0124 3544 stisvc - ok 20:52:29.0140 3544 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 20:52:29.0155 3544 swenum - ok 20:52:29.0265 3544 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll 20:52:29.0389 3544 swprv - ok 20:52:29.0405 3544 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys 20:52:29.0421 3544 Symc8xx - ok 20:52:29.0436 3544 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys 20:52:29.0452 3544 Sym_hi - ok 20:52:29.0467 3544 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys 20:52:29.0499 3544 Sym_u3 - ok 20:52:29.0577 3544 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll 20:52:29.0686 3544 SysMain - ok 20:52:29.0733 3544 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll 20:52:29.0764 3544 TabletInputService - ok 20:52:29.0842 3544 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll 20:52:29.0935 3544 TapiSrv - ok 20:52:29.0967 3544 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll 20:52:30.0045 3544 TBS - ok 20:52:30.0185 3544 [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 20:52:30.0325 3544 Tcpip - ok 20:52:30.0403 3544 [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys 20:52:30.0450 3544 Tcpip6 - ok 20:52:30.0497 3544 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 20:52:30.0528 3544 tcpipreg - ok 20:52:30.0559 3544 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 20:52:30.0637 3544 TDPIPE - ok 20:52:30.0669 3544 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 20:52:30.0715 3544 TDTCP - ok 20:52:30.0778 3544 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 20:52:30.0825 3544 tdx - ok 20:52:30.0840 3544 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 20:52:30.0871 3544 TermDD - ok 20:52:30.0934 3544 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll 20:52:31.0012 3544 TermService - ok 20:52:31.0043 3544 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll 20:52:31.0074 3544 Themes - ok 20:52:31.0090 3544 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll 20:52:31.0137 3544 THREADORDER - ok 20:52:31.0183 3544 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll 20:52:31.0277 3544 TrkWks - ok 20:52:31.0355 3544 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 20:52:31.0464 3544 TrustedInstaller - ok 20:52:31.0511 3544 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 20:52:31.0620 3544 tssecsrv - ok 20:52:31.0667 3544 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys 20:52:31.0698 3544 tunmp - ok 20:52:31.0776 3544 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 20:52:31.0823 3544 tunnel - ok 20:52:31.0854 3544 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys 20:52:31.0901 3544 uagp35 - ok 20:52:31.0932 3544 [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe 20:52:31.0963 3544 uCamMonitor - ok 20:52:32.0026 3544 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 20:52:32.0104 3544 udfs - ok 20:52:32.0151 3544 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe 20:52:32.0197 3544 UI0Detect - ok 20:52:32.0197 3544 UIUSys - ok 20:52:32.0229 3544 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 20:52:32.0260 3544 uliagpkx - ok 20:52:32.0307 3544 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys 20:52:32.0353 3544 uliahci - ok 20:52:32.0385 3544 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys 20:52:32.0416 3544 UlSata - ok 20:52:32.0447 3544 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys 20:52:32.0478 3544 ulsata2 - ok 20:52:32.0494 3544 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 20:52:32.0525 3544 umbus - ok 20:52:32.0587 3544 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll 20:52:32.0665 3544 upnphost - ok 20:52:32.0728 3544 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 20:52:32.0775 3544 usbccgp - ok 20:52:32.0806 3544 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys 20:52:32.0899 3544 usbcir - ok 20:52:32.0931 3544 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 20:52:32.0977 3544 usbehci - ok 20:52:33.0024 3544 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 20:52:33.0071 3544 usbhub - ok 20:52:33.0102 3544 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys 20:52:33.0196 3544 usbohci - ok 20:52:33.0243 3544 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 20:52:33.0289 3544 usbprint - ok 20:52:33.0336 3544 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 20:52:33.0383 3544 USBSTOR - ok 20:52:33.0399 3544 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 20:52:33.0477 3544 usbuhci - ok 20:52:33.0539 3544 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 20:52:33.0586 3544 usbvideo - ok 20:52:33.0617 3544 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll 20:52:33.0679 3544 UxSms - ok 20:52:33.0804 3544 [ 2A640DC735CB0112AC1DCD1E1549B27E ] VAIO Entertainment TV Device Arbitration Service C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe 20:52:33.0820 3544 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - warning 20:52:33.0820 3544 VAIO Entertainment TV Device Arbitration Service - detected UnsignedFile.Multi.Generic (1) 20:52:33.0882 3544 [ 2C3DBB9B671AB95245DED1EFC5276CE9 ] VAIO Event Service C:\Program Files\sony\VAIO Event Service\VESMgr.exe 20:52:33.0898 3544 VAIO Event Service - ok 20:52:33.0976 3544 [ C1ED0F71D3B9EA8D774FC7C4CBF7EE7F ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe 20:52:34.0023 3544 VAIO Power Management - ok 20:52:34.0179 3544 [ 7773EB681E99217FD92E5E8A5A199AE5 ] VCFw C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe 20:52:34.0210 3544 VCFw ( UnsignedFile.Multi.Generic ) - warning 20:52:34.0210 3544 VCFw - detected UnsignedFile.Multi.Generic (1) 20:52:34.0366 3544 [ 2686B87EDC54ED215CE479AC9B7675DE ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe 20:52:34.0475 3544 VcmIAlzMgr - ok 20:52:34.0553 3544 [ BB5781ED436D3E121F85617C3BBB7AD5 ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe 20:52:34.0600 3544 VcmXmlIfHelper - ok 20:52:34.0600 3544 Vcsw - ok 20:52:34.0740 3544 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe 20:52:34.0881 3544 vds - ok 20:52:34.0943 3544 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 20:52:35.0005 3544 vga - ok 20:52:35.0021 3544 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys 20:52:35.0083 3544 VgaSave - ok 20:52:35.0115 3544 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys 20:52:35.0146 3544 viaagp - ok 20:52:35.0177 3544 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys 20:52:35.0208 3544 ViaC7 - ok 20:52:35.0224 3544 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys 20:52:35.0271 3544 viaide - ok 20:52:35.0317 3544 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys 20:52:35.0364 3544 volmgr - ok 20:52:35.0395 3544 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 20:52:35.0442 3544 volmgrx - ok 20:52:35.0489 3544 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys 20:52:35.0520 3544 volsnap - ok 20:52:35.0598 3544 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 20:52:35.0645 3544 vsmraid - ok 20:52:35.0832 3544 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe 20:52:35.0988 3544 VSS - ok 20:52:36.0129 3544 [ 071634532066C2E29350D450C3412837 ] VzCdbSvc C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe 20:52:36.0175 3544 VzCdbSvc ( UnsignedFile.Multi.Generic ) - warning 20:52:36.0175 3544 VzCdbSvc - detected UnsignedFile.Multi.Generic (1) 20:52:36.0238 3544 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll 20:52:36.0331 3544 W32Time - ok 20:52:36.0363 3544 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 20:52:36.0472 3544 WacomPen - ok 20:52:36.0503 3544 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys 20:52:36.0550 3544 Wanarp - ok 20:52:36.0565 3544 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 20:52:36.0597 3544 Wanarpv6 - ok 20:52:36.0628 3544 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll 20:52:36.0690 3544 wcncsvc - ok 20:52:36.0721 3544 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 20:52:36.0768 3544 WcsPlugInService - ok 20:52:36.0799 3544 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys 20:52:36.0831 3544 Wd - ok 20:52:36.0877 3544 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 20:52:36.0940 3544 Wdf01000 - ok 20:52:36.0955 3544 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll 20:52:37.0002 3544 WdiServiceHost - ok 20:52:37.0002 3544 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll 20:52:37.0049 3544 WdiSystemHost - ok 20:52:37.0143 3544 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll 20:52:37.0205 3544 WebClient - ok 20:52:37.0252 3544 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll 20:52:37.0299 3544 Wecsvc - ok 20:52:37.0345 3544 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll 20:52:37.0392 3544 wercplsupport - ok 20:52:37.0439 3544 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll 20:52:37.0501 3544 WerSvc - ok 20:52:37.0564 3544 [ 090A2B8F055343815556A01F725F6C35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys 20:52:37.0579 3544 WimFltr - ok 20:52:37.0611 3544 [ 5A77AC34A0FFB70CE8B35B524FEDE9BA ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys 20:52:37.0720 3544 winachsf - ok 20:52:37.0813 3544 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 20:52:37.0876 3544 WinDefend - ok 20:52:37.0891 3544 WinHttpAutoProxySvc - ok 20:52:38.0125 3544 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 20:52:38.0203 3544 Winmgmt - ok 20:52:38.0328 3544 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll 20:52:38.0515 3544 WinRM - ok 20:52:38.0656 3544 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll 20:52:38.0796 3544 Wlansvc - ok 20:52:38.0890 3544 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 20:52:38.0983 3544 WmiAcpi - ok 20:52:39.0108 3544 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 20:52:39.0171 3544 wmiApSrv - ok 20:52:39.0358 3544 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 20:52:39.0483 3544 WMPNetworkSvc - ok 20:52:39.0514 3544 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll 20:52:39.0576 3544 WPCSvc - ok 20:52:39.0607 3544 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 20:52:39.0670 3544 WPDBusEnum - ok 20:52:39.0966 3544 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 20:52:40.0075 3544 WPFFontCache_v0400 - ok 20:52:40.0091 3544 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 20:52:40.0169 3544 ws2ifsl - ok 20:52:40.0231 3544 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll 20:52:40.0309 3544 wscsvc - ok 20:52:40.0309 3544 WSearch - ok 20:52:40.0684 3544 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll 20:52:40.0918 3544 wuauserv - ok 20:52:40.0996 3544 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 20:52:41.0074 3544 WudfPf - ok 20:52:41.0121 3544 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 20:52:41.0199 3544 WUDFRd - ok 20:52:41.0245 3544 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 20:52:41.0308 3544 wudfsvc - ok 20:52:41.0339 3544 [ 88AF537264F2B818DA15479CEEAF5D7C ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys 20:52:41.0401 3544 XAudio - ok 20:52:41.0479 3544 [ 15A317674A08DF26BE65164D959E9203 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe 20:52:41.0542 3544 XAudioService - ok 20:52:41.0651 3544 [ 67E3D2AF24C3873E6A0CAC89DE78D63B ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys 20:52:41.0682 3544 yukonwlh - ok 20:52:41.0698 3544 ================ Scan global =============================== 20:52:41.0713 3544 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll 20:52:41.0807 3544 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll 20:52:41.0869 3544 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll 20:52:41.0932 3544 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe 20:52:41.0947 3544 [Global] - ok 20:52:41.0947 3544 ================ Scan MBR ================================== 20:52:41.0979 3544 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 20:52:46.0269 3544 \Device\Harddisk0\DR0 - ok 20:52:46.0269 3544 ================ Scan VBR ================================== 20:52:46.0269 3544 [ 05983EBA6E120252BAF6617A72B6C471 ] \Device\Harddisk0\DR0\Partition1 20:52:46.0300 3544 \Device\Harddisk0\DR0\Partition1 - ok 20:52:46.0331 3544 [ 076E19422DD4F5480C60066F52935400 ] \Device\Harddisk0\DR0\Partition2 20:52:46.0378 3544 \Device\Harddisk0\DR0\Partition2 - ok 20:52:46.0409 3544 [ BA55BC1DBECF9AB5BF8DED9133A84AE2 ] \Device\Harddisk0\DR0\Partition3 20:52:46.0456 3544 \Device\Harddisk0\DR0\Partition3 - ok 20:52:46.0456 3544 ============================================================ 20:52:46.0456 3544 Scan finished 20:52:46.0456 3544 ============================================================ 20:52:46.0487 1508 Detected object count: 11 20:52:46.0487 1508 Actual detected object count: 11 20:53:26.0751 1508 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user 20:53:26.0751 1508 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:53:26.0751 1508 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user 20:53:26.0751 1508 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:53:26.0766 1508 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user 20:53:26.0766 1508 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:53:26.0766 1508 NSUService ( UnsignedFile.Multi.Generic ) - skipped by user 20:53:26.0766 1508 NSUService ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:53:26.0766 1508 PACSPTISVR ( UnsignedFile.Multi.Generic ) - skipped by user 20:53:26.0766 1508 PACSPTISVR ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:53:26.0766 1508 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user 20:53:26.0766 1508 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:53:26.0766 1508 RtkAudioService ( UnsignedFile.Multi.Generic ) - skipped by user 20:53:26.0766 1508 RtkAudioService ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:53:26.0766 1508 SPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user 20:53:26.0766 1508 SPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:53:26.0766 1508 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - skipped by user 20:53:26.0766 1508 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:53:26.0766 1508 VCFw ( UnsignedFile.Multi.Generic ) - skipped by user 20:53:26.0766 1508 VCFw ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:53:26.0782 1508 VzCdbSvc ( UnsignedFile.Multi.Generic ) - skipped by user 20:53:26.0782 1508 VzCdbSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip |
|
09.06.2013, 20:01
| #8 |
| /// Malware-holic | Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun? Hi, Scan mit Combofix
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
09.06.2013, 20:13
| #9 |
| | Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun? ok, bevor ich das gleich mache, habe ich ein, zwei fragen.... Das Virenprogramm NUR deaktivieren, NICHT deinstallieren? Richtig? Muss ich Maleware-byte auch irgendwie still legen? Und wie mache ich das mit den Code-Tags ? Habe das gestern irgendwo gelesen, finde es aber gerade echt nicht, auch nicht über die Suchfunktion. Sorry..... |
|
09.06.2013, 20:15
| #10 |
| /// Malware-holic | Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun? 1. nur deaktivieren. 2. musst du nicht. 3. Code:
ATTFilter
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
09.06.2013, 20:56
| #11 |
| | Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun? hier die combofix-log Combofix Logfile: Code:
ATTFilter ComboFix 13-06-08.02 - Luzifer 09.06.2013 21:40:47.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3038.1639 [GMT 2:00]
ausgeführt von:: c:\users\Luzifer\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\Public\sdelevURL.tmp
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-05-09 bis 2013-06-09 ))))))))))))))))))))))))))))))
.
.
2013-06-09 19:48 . 2013-06-09 19:48 -------- d-----w- c:\users\Luzifer\AppData\Local\temp
2013-06-09 19:48 . 2013-06-09 19:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-09 18:10 . 2013-06-09 18:10 -------- d-----w- c:\programdata\BrowserDefender
2013-06-09 18:09 . 2013-06-09 18:09 -------- d-----w- c:\programdata\Babylon
2013-06-09 18:09 . 2013-06-09 18:09 -------- d-----w- c:\users\Luzifer\AppData\Roaming\Babylon
2013-06-08 16:34 . 2013-06-08 16:34 -------- d-----w- c:\windows\system32\jmdp
2013-06-08 16:34 . 2013-06-08 16:34 -------- d-----w- c:\windows\system32\ARFC
2013-06-08 16:34 . 2013-05-21 13:28 27136 ----a-w- c:\windows\system32\ImHttpComm.dll
2013-06-08 16:34 . 2013-06-08 18:34 -------- d-----w- c:\windows\system32\WNLT
2013-06-07 09:36 . 2013-06-09 15:46 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D3605FF7-5E0D-4F1C-A8BD-AEC32DC9DEF2}\offreg.dll
2013-06-07 09:18 . 2013-05-13 06:19 7016152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D3605FF7-5E0D-4F1C-A8BD-AEC32DC9DEF2}\mpengine.dll
2013-06-05 21:02 . 2013-05-09 08:59 368944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-06-05 21:02 . 2013-05-09 08:59 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-06-05 21:02 . 2013-05-09 08:59 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-06-05 21:02 . 2013-05-09 08:59 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-06-05 21:02 . 2013-05-09 08:59 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-06-05 21:02 . 2013-05-09 08:59 174664 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-06-05 21:02 . 2013-05-09 08:59 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-06-05 21:02 . 2013-05-09 08:59 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-06-05 21:01 . 2013-05-09 08:58 41664 ----a-w- c:\windows\avastSS.scr
2013-06-05 21:00 . 2013-06-05 21:00 -------- d-----w- c:\program files\AVAST Software
2013-06-02 11:42 . 2013-06-02 14:51 -------- d-----w- c:\users\Luzifer\AppData\Roaming\TS3Client
2013-06-02 11:40 . 2013-06-02 11:41 -------- d-----w- c:\program files\TeamSpeak 3 Client
2013-05-26 11:26 . 2013-05-26 11:26 -------- d-----w- c:\users\Luzifer\AppData\Local\ArcSoft
2013-05-15 15:06 . 2013-05-05 19:12 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-15 14:56 . 2013-04-04 22:47 149632 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2013-05-15 14:56 . 2013-04-04 22:00 768512 ----a-w- c:\program files\Common Files\Microsoft Shared\vgx\VGX.dll
2013-05-15 14:56 . 2013-04-04 21:57 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-05-15 14:56 . 2013-04-04 21:59 194048 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2013-05-15 09:58 . 2013-04-15 14:20 638328 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 09:58 . 2013-04-13 10:56 37376 ----a-w- c:\windows\system32\cdd.dll
2013-05-15 09:57 . 2013-04-09 01:36 2049024 ----a-w- c:\windows\system32\win32k.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-16 08:47 . 2012-08-19 10:50 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-16 08:47 . 2012-08-19 10:50 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-09 08:58 . 2012-08-11 14:40 229648 ----a-w- c:\windows\system32\aswBoot.exe
2013-05-02 00:06 . 2012-08-05 10:52 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-05-01 13:16 . 2013-05-01 13:18 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-05-01 13:16 . 2012-09-29 08:54 866720 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-05-01 13:16 . 2012-09-29 08:54 788896 ----a-w- c:\windows\system32\deployJava1.dll
2013-04-04 12:50 . 2012-08-10 18:09 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}]
2011-05-09 09:49 176936 ----a-w- c:\program files\DVDVideoSoftTB_DE\prxtbDVDV.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}"= "c:\program files\DVDVideoSoftTB_DE\prxtbDVDV.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}"= "c:\program files\DVDVideoSoftTB_DE\prxtbDVDV.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-11-22 270336]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-10-17 6295552]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2008-09-30 122880]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"AML"="c:\program files\Sony\VAIO Launcher\AML.exe" [2008-09-09 1097728]
"Skytel"="Skytel.exe" [2008-10-17 1826816]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"Sweetpacks Communicator"="c:\program files\SweetIM\Communicator\SweetPacksUpdateManager.exe" [2012-08-15 231768]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-10-14 776744]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2008-11-05 16:32 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe"
"MarketingTools"=c:\program files\Sony\Marketing Tools\MarketingTools.exe
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 22340143
*Deregistered* - 22340143
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-19 08:47]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId=E42F00215DF25656
TCP: DhcpNameServer = 80.69.100.102 80.69.100.230
FF - ProfilePath - c:\users\Luzifer\AppData\Roaming\Mozilla\Firefox\Profiles\jjzm6vcr.default\
FF - ExtSQL: 2013-06-05 23:01; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-06-09 20:10; ffxtlbr@delta.com; c:\users\Luzifer\AppData\Roaming\Mozilla\Firefox\Profiles\jjzm6vcr.default\extensions\ffxtlbr@delta.com
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - e42f595e00000000000000215df25656
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15865
FF - user.js: extensions.delta.vrsn - 1.8.21.5
FF - user.js: extensions.delta.vrsni - 1.8.21.5
FF - user.js: extensions.delta.vrsnTs - 1.8.21.520:10
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=119816
FF - user.js: extensions.delta_i.babExt -
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-RunOnce-awde7zip19598 - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-06-09 21:48
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000042
.
Zeit der Fertigstellung: 2013-06-09 21:51:02
ComboFix-quarantined-files.txt 2013-06-09 19:50
.
Vor Suchlauf: 6 Verzeichnis(se), 153.826.940.928 Bytes frei
Nach Suchlauf: 10 Verzeichnis(se), 154.251.663.360 Bytes frei
.
- - End Of File - - 2DB3DFEE3F0F8FD048513047F895ADC8
A36C5E4F47E84449FF07ED3517B43A31 |
|
09.06.2013, 21:30
| #12 |
| /// Malware-holic | Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun? malwarebytes: Downloade Dir bitte Malwarebytes
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
10.06.2013, 08:03
| #13 |
| | Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun? hi, hier die log von malewarebytes ohne befund Malwarebytes Anti-Malware 1.75.0.1300 Malwarebytes : Free Anti-Malware download Datenbank Version: v2013.06.09.04 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Luzifer :: LUZIFER-PC [Administrator] 09.06.2013 22:35:55 mbam-log-2013-06-09 (22-35-55).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|G:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 461719 Laufzeit: 1 Stunde(n), 43 Minute(n), 12 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) hi, habe gerade den Rechner hochgefahren und wieder kam die meldung der Benutzerkontensteuerung, diesmal mit namen wssA015.tmp, habe dieses nicht bestätigt. Die firewall meldete wieder ein ausgeschaltetes avast, welches sich aber problemlos anschalten ließ. Muss jetzt los zur Spätschicht und komme frühestens heute abend gegen 23.30uhr wieder an den Rechner, nur damit du bescheid weißt LG Sweeby |
|
10.06.2013, 15:34
| #14 |
| /// Malware-holic | Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun? Hi, lade den CCleaner standard: CCleaner - Download - Filepony falls der CCleaner bereits instaliert, überspringen. öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
10.06.2013, 23:59
| #15 |
| | Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun? Guten Abend geschafft......leider habe ich da sehr viele programme, die schon ab Werk installiert wurden. Bei sehr vielen bin ich mir gar nicht sicher, ob ich die irgendwie brauche. Ich schreibe bei diesen dann "ab Werk" und hoffe das du für mich die wirklich brauchbaren Sachen filtern kannst. Code:
ATTFilter Adobe Acrobat 9 Standard - English, Français, Deutsch Adobe Systems 03.12.2012 756MB 9.0.0 Notwendig Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 16.05.2013 11.7.700.202 Notwendig Adobe Flash Player 11 Plugin Adobe Systems Incorporated 16.05.2013 11.7.700.202 Notwendig Adobe Photoshop Elements 6.0 Adobe Systems, Inc. 05.08.2012 372MB 6.0 ab Werk Adobe Premiere Elements 4.0 Ihr Firmenname 05.08.2012 1,71GB 4.0 ab Werk Adobe Premiere Elements 4.0 Templates Ihr Firmenname 05.08.2012 1,71GB 4.0.0 ab Werk Adobe Reader X (10.1.7) - Deutsch Adobe Systems Incorporated 14.05.2013 120MB 10.1.7 Notwendig Alps Pointing-device for VAIO 24.11.2008 2,81MB Notwendig ArcSoft Magic-i Visual Effects 2 ArcSoft 05.08.2012 34,2MB 2.0.1.39 Notwendig ArcSoft WebCam Companion 2 ArcSoft 05.08.2012 24,2MB Notwendig ATI Catalyst Install Manager ATI Technologies, Inc. 05.08.2012 13,6MB 3.0.682.0 Notwendig avast! Free Antivirus AVAST Software 08.06.2013 346MB 8.0.1489.0 Notwendig Benutzerdefinierte Voreinstellungen für SonicStage Mastering Studio Audio Filter Sony Corporation 05.08.2012 56,4MB 2.5 ab Werk Bundled software uninstaller 09.06.2013 218KB Unbekannt CCleaner Piriform 24.05.2013 5,60MB 4.02 Notwendig Click to Disc Sony Corporation 05.08.2012 70,4MB 1.2.52.09250 ab Werk Click to Disc Editor Sony Corporation 05.08.2012 185MB 1.2.51 ab Werk Compatibility Pack für 2007 Office System Microsoft Corporation 09.01.2013 5,84MB 12.0.6612.1000 ab Werk Converter version 0.1 25.01.2013 0.1 Unbekannt DivX Codec DivX, Inc. 05.08.2012 1,40MB 6.8.4 ab Werk DivX Converter DivX, Inc. 05.08.2012 30,3MB 6.6.1 ab Werk DivX Player 05.08.2012 15,3MB 6.8.2 ab Werk DivX Web Player DivX,Inc. 05.08.2012 2,91MB 1.4.0 ab Werk Dolby Control Center Dolby 24.11.2008 46,9MB 1.2.0702 ab Werk DVDVideoSoftTB DE Toolbar DVDVideoSoftTB DE 30.11.2012 4,85MB 6.9.0.16 Unnötig eMule 19.08.2012 10,6MB Unnötig Free PDF to Word Doc Converter v1.1 Free PDF to Word Doc Converter - easy and powerful pdf converter software. 10.10.2012 2,73MB 1.1 Unnötig Free YouTube Download version 3.1.42.1212 DVDVideoSoft Ltd. 11.01.2013 5,82MB 3.1.42.1212 Unnötig Free YouTube to MP3 Converter version 3.11.36.1201 DVDVideoSoft Ltd. 11.12.2012 15,1MB 3.11.36.1201 Unnötig HDAUDIO SoftV92 Data Fax Modem with SmartCP 24.11.2008 1,01MB ab Werk IB Updater Service 08.06.2013 3.0.5.4 Unbekannt Intel(R) PROSet/Wireless WiFi-Software Intel(R) Corporation 05.08.2012 78,1MB 12.01.1000 ab Werk Java 7 Update 21 Oracle 01.05.2013 129MB 7.0.210 Notwendig Java(TM) 6 Update 7 Sun Microsystems, Inc. 24.11.2008 171MB 1.6.0.70 Notwendig K-Lite Codec Pack 9.5.0 (Full) 03.12.2012 86,8MB 9.5.0 Notwendig Malwarebytes Anti-Malware Version 1.75.0.1300 Malwarebytes Corporation 26.04.2013 11,8MB 1.75.0.1300 Notwendig Me&My VAIO Sony Corporation 05.08.2012 69,8MB 1.0.0.11140 ab Werk Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft Corporation 08.08.2012 36,7MB ab Werk Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 05.08.2012 27,6MB ab Werk Microsoft .NET Framework 4 Client Profile Microsoft Corporation 05.08.2012 120MB 4.0.30319 ab Werk Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 05.08.2012 24,4MB 4.0.30319 ab Werk Microsoft Office Enterprise 2007 Microsoft Corporation 08.09.2012 638MB 12.0.6612.1000 ab Werk Microsoft Office File Validation Add-In Microsoft Corporation 13.09.2012 7,95MB 14.0.5130.5003 ab Werk Microsoft Office Home and Student 2007 Microsoft Corporation 08.09.2012 295MB 12.0.6612.1000 ab Werk Microsoft Office Live Add-in 1.5 Microsoft Corporation 11.09.2012 504KB 2.0.4024.1 ab Werk Microsoft Office PowerPoint Viewer 2007 (German) Microsoft Corporation 09.01.2013 3,39MB 12.0.6612.1000 ab Werk Microsoft Office Suite Activation Assistant Microsoft Corporation 05.08.2012 7,96MB 2.9 ab Werk Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 08.09.2012 294KB 8.0.61001 ab Werk Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 02.06.2013 234KB 9.0.30729 ab Werk Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 11.08.2012 592KB 9.0.30729.4148 ab Werk Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 08.09.2012 598KB 9.0.30729.6161 ab Werk Microsoft Works Microsoft Corporation 10.10.2012 376MB 9.7.0621 ab Werk Mozilla Firefox 21.0 (x86 de) Mozilla 25.05.2013 44,6MB 21.0 Notwendig Mozilla Maintenance Service Mozilla 25.05.2013 202KB 21.0 Unbekannt MSXML 4.0 SP2 (KB954430) Microsoft Corporation 05.08.2012 35,0KB 4.20.9870.0 Unbekannt MSXML 4.0 SP2 (KB973688) Microsoft Corporation 05.08.2012 1,33MB 4.20.9876.0 Unbekannt Music Transfer Sony Corporation 05.08.2012 40,6MB 1.2.00.17290 ab Werk OpenMG Secure Module 5.1.00 Sony Corporation 05.08.2012 5.1.00.05200 Unbekannt Picasa 2 Google, Inc. 05.08.2012 34,9MB 2.0 Unnötig Realtek High Definition Audio Driver Realtek Semiconductor Corp. 24.11.2008 26,4MB 6.0.1.5653 ab Werk Roxio Easy Media Creator 10 LJ Roxio 05.08.2012 5,22MB 10.1 ab Werk RYL2NORTHPOLE 21.02.2013 2,72GB Unnötig RYL2NORTHPOLE v2025 21.02.2013 2,73GB Unnötig Setting Utility Series Sony Corporation 05.08.2012 11,3MB 4.2.0.10150 ab Werk Skype™ 5.10 Skype Technologies S.A. 12.09.2012 19,3MB 5.10.116 Notwendig Software Info for Me&My VAIO Sony Corporation 05.08.2012 264KB 1.0.0.09110 ab Werk SonicStage Mastering Studio Sony Corporation 05.08.2012 56,4MB 2.6 ab Werk SonicStage Mastering Studio Audio Filter Sony Corporation 05.08.2012 12,6MB 2.5 ab Werk SonicStage Mastering Studio Plugins Sony Corporation 05.08.2012 30,0MB 2.5 ab Werk Sony Picture Utility Sony Corporation 05.08.2012 387MB 3.3.01.09300 ab Werk Sony Video Shared Library Sony Corporation 05.08.2012 5,26MB 3.5.00 ab Werk TeamSpeak 3 Client TeamSpeak Systems GmbH 02.06.2013 60,2MB 3.0.10 Unnötig Unterstützung für VAIO-Präsentation Sony Corporation 05.08.2012 3,52MB 1.1.0.08250 ab Werk Update Manager for SweetPacks 1.1 SweetIM Technologies Ltd. 25.01.2013 2,75MB 1.1.0008 Unbekannt VAIO Content Folder Setting Sony Corporation 05.08.2012 7,59MB 2.1.0.08260 ab Werk VAIO Content Folder Watcher Sony Corporation 05.08.2012 16,0MB 1.0.01.09030 ab Werk VAIO Content Metadata Intelligent Analyzing Manager Sony Corporation 05.08.2012 21,8MB 3.3.0.10012 ab Werk VAIO Content Metadata Manager Setting Sony Corporation 05.08.2012 3,17MB 3.3.0.09300 ab Werk VAIO Content Metadata XML Interface Library Sony Corporation 05.08.2012 2,55MB 3.3.0.09182 ab Werk VAIO Control Center Sony Corporation 05.08.2012 4,66MB 3.2.0.09120 ab Werk VAIO Data Restore Tool Sony Corporation 05.08.2012 6,49MB 1.0.04.01170 ab Werk VAIO DVD Menu Data Basic Sony Corporation 05.08.2012 541MB 1.0.00.08130 ab Werk VAIO Edit Components 6.5 Sony Corporation 05.08.2012 35,6MB 6.5 ab Werk VAIO Energie Verwaltung Sony Corporation 24.11.2008 6,39MB 3.2.0.10310 ab Werk VAIO Entertainment Platform Sony Corporation 05.08.2012 4,73MB 3.2.3.10070 ab Werk VAIO Event Service Sony Corporation 05.08.2012 7,27MB 4.2.0.11060 ab Werk VAIO Launcher Sony Corporation 05.08.2012 7,44MB 2.2.0.09090 ab Werk VAIO Marketing Tools Sony Corporation 05.08.2012 586KB ab Werk VAIO Media plus Sony Corporation 05.08.2012 54,8MB 1.2.0.10230 ab Werk VAIO Media plus Opening Movie Sony Corporation 05.08.2012 21,0MB 1.2.0.09100 ab Werk VAIO Movie Story Sony Corporation 05.08.2012 57,2MB 1.3.01.08060 ab Werk VAIO Movie Story Template Data Sony Corporation 05.08.2012 398MB 1.3.00.06120 ab Werk VAIO MusicBox Sony Corporation 05.08.2012 64,4MB 2.1.1.09160 ab Werk VAIO MusicBox Sample Music Sony Corporation 05.08.2012 90,2MB 1.1.00.14140 ab Werk VAIO Original Function Setting Sony Corporation 05.08.2012 7,16MB 1.5.00.08150 ab Werk VAIO Smart Network Sony Corporation 05.08.2012 24,4MB 2.2.0.11210 ab Werk VAIO Update 4 Sony Corporation 05.08.2012 2,44MB 4.0.0.08280 ab Werk VAIO Wallpaper Contents Sony Corporation 05.08.2012 133MB 1.3.0.10310 ab Werk VLC media player 2.0.5 VideoLAN 23.03.2013 94,7MB 2.0.5 Notwendig WIDCOMM Bluetooth Software 6.2.0.5800 Broadcom Corporation 24.11.2008 70,7MB 6.2.0.5800 Notwendig WinDVD BD for VAIO InterVideo Inc. 05.08.2012 110MB 8.0-B9.617 ab Werk |
|
| Themen zu Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun? |
| avast, meldung, neustart, perion network, windows-firewall, wssbc9c |
WARNUNG an die MITLESER: 
Linear-Darstellung
