Windows 8: Trojaner (Backdoor.Win32.Androm.gjvy) auf Computer nach öffnen einer Email für pay pal Rechnung

aubergine13 · 16.03.2015, 14:49

Hallo Liebes Trojaner Board,

ich bekomme seit einiger Zeit Emails von einem pay pal Inkasso Unternehmen auf meiner Uni-Mail Adresse die an eine falsche Person gerichtet waren. Ich hatte dem Inkasso-Unternehmen zurückgeschrieben, dass ich nicht dieser Alexander Müller bin, an denen die Emails gerichtet waren. Habe dann irgenwann die Email geöffnet und die darin enthaltene zip Datei geöffnet, weil ich wissen wollte, worum es genau geht und schwupps hat mein Antiviren-programm (Kaspersky) einen Trojaner gemeldet (Objekt: c:\Users\Sony\Documents\Rechnung stornierten Lastschrift Ihrer Bestellung Bank-Pay GmbH vom 02.03.2015\Alexander Dr. M3ller Forderung 02.03.2015-Rechtsanwalt Bank-Pay GmbH.com) namens Backdoor.Win32.Androm.gjvy. Vielleicht könnt ihr mir hier weiterhelfen.

FSR file

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Sony (administrator) on VAIO on 16-03-2015 13:17:37
Running from C:\Users\Sony\Downloads
Loaded Profiles: Sony (Available profiles: Sony & Gast)
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Memeo) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.17074_none_6233bc1f5106b696\TiWorker.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
() C:\Program Files\Sony\VAIO Care\listener.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1230992 2012-09-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1230992 2012-09-27] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-09-27] (Synaptics Incorporated)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-17] (Sony Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2014-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [299648 2012-07-24] (McAfee, Inc.)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe [24504 2013-05-04] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [703888 2013-06-19] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5562736 2014-12-02] (Western Digital Technologies, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_305_Plugin.exe [960688 2015-02-04] (Adobe Systems Incorporated)
HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\...\MountPoints2: {3a0d5222-d80e-11e3-bf34-84a6c876074f} - "E:\OpenFiles.exe" 
HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\...\MountPoints2: {7493dba2-b57b-11e2-beda-84a6c876074f} - "F:\WD SmartWare.exe" autoplay=true
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDSmartWare.lnk
ShortcutTarget: WDSmartWare.lnk -> C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
Startup: C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk /m /P \Device\HarddiskVolume14autocheck autochk * 

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}
HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=AT&userid=2992410f-63c4-43a7-81b8-b455226ebeb6&searchtype=ds&q={searchTerms}&installDate=14/08/2013
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=AT&userid=2992410f-63c4-43a7-81b8-b455226ebeb6&searchtype=ds&q={searchTerms}&installDate=14/08/2013
SearchScopes: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-12-10] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-05-23] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-29] (Oracle Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll [2013-12-10] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-29] (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll [2013-12-10] (Kaspersky Lab ZAO)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\Sony\MSS\3.8.141\McAfeeMSS_IE.dll [2014-01-16] (McAfee, Inc.)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-12-10] (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-05-23] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-23] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll [2013-12-10] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-23] (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll [2013-12-10] (Kaspersky Lab ZAO)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\fv3iurqu.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll [2012-09-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-09-29] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-07-25] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-07-25] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-23] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll [2014-01-16] (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2013-05-05] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-09-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4200808153-2432618595-1589944039-1001: @hola.org/vlc,version=1.7.5 -> C:\Users\Sony\AppData\Local\Hola\firefox\app\vlc [2015-03-16] ()
FF Extension: Hola Better Internet - C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\fv3iurqu.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2015-02-27]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013-05-04]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Kaspersky виртуелна тастатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013-05-04]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Gevaarlijke websiteblokkering - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013-05-04]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013-05-04]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013-05-04]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
CHR Profile: C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-30]
CHR Extension: (Google Docs) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-30]
CHR Extension: (Google Drive) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-30]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-30]
CHR Extension: (YouTube) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-30]
CHR Extension: (Google Search) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-30]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2015-01-30]
CHR Extension: (Google Sheets) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-30]
CHR Extension: (Kaspersky Protection) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh [2015-01-30]
CHR Extension: (Google Wallet) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-30]
CHR Extension: (Gmail) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-30]
CHR Extension: (Anti-Banner) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2015-01-30]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-08-17]
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Sony\AppData\Roaming\BabSolution\CR\delta2.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lbbbdmbjkgojacipgefbifkiebpcdjhn] - C:\Program Files (x86)\Movie2KDownloader.com\m2kDownloader10.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - https://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-08-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-13] (Kaspersky Lab ZAO)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-25] (Intel Corporation)
S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [220856 2012-07-24] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [220856 2012-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218320 2012-06-22] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [177144 2012-06-22] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-09-24] ()
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [639576 2013-05-10] (Sony Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-08-08] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1642544 2014-02-28] (Sony Corporation)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-12-02] (Western Digital Technologies, Inc.)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [129536 2009-11-13] (WDC) [File not signed]
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-12-02] (Western Digital Technologies, Inc.)
R2 WDSmartWareBackgroundService; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16032 2014-09-22] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [1153840 2012-09-24] (Intel® Corporation)
S2 mfeicfcoreocp; C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-08-22] (Advanced Micro Devices, Inc.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132480 2012-10-01] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1337216 2012-10-01] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-10] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [92768 2014-05-23] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [627296 2014-05-23] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-12-10] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2013-10-13] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-13] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [50448 2013-05-04] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [177864 2015-02-17] (Kaspersky Lab ZAO)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [169320 2012-06-22] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [300392 2012-06-22] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [513456 2012-06-22] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [752672 2012-06-22] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [335784 2012-06-22] (McAfee, Inc.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4309032 2012-10-10] (Intel Corporation)
R3 rimssne; C:\Windows\System32\drivers\rimssne64.sys [103424 2012-08-23] (REDC)
R3 risdsnxc; C:\Windows\System32\drivers\risdsnxc64.sys [104960 2012-08-23] (REDC)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-01-25] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-09-27] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [48096 2012-08-09] (Windows (R) Win 7 DDK provider)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52080 2013-06-19] (Cisco Systems, Inc.)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-16 13:15 - 2015-03-16 13:15 - 00000000 ____D () C:\Users\Sony\Downloads\FRST-OlderVersion
2015-03-16 13:09 - 2015-03-16 13:11 - 00000470 _____ () C:\Users\Sony\Downloads\defogger_disable.log
2015-03-16 13:09 - 2015-03-16 13:09 - 00000000 _____ () C:\Users\Sony\defogger_reenable
2015-03-16 12:09 - 2015-03-16 12:09 - 00050477 _____ () C:\Users\Sony\Downloads\Defogger.exe
2015-03-04 22:12 - 2015-03-16 13:17 - 00043681 _____ () C:\Users\Sony\Desktop\FRST textfile.txt
2015-03-04 22:11 - 2015-03-04 22:11 - 00044295 _____ () C:\Users\Sony\Desktop\Addition textfile.txt
2015-03-04 22:03 - 2015-03-04 22:15 - 00044295 _____ () C:\Users\Sony\Downloads\Addition.txt
2015-03-04 21:58 - 2015-03-16 13:18 - 00028417 _____ () C:\Users\Sony\Downloads\FRST.txt
2015-03-04 21:57 - 2015-03-16 13:17 - 00000000 ____D () C:\FRST
2015-03-04 21:57 - 2015-03-16 13:15 - 02095616 _____ (Farbar) C:\Users\Sony\Downloads\FRST64.exe
2015-03-04 21:44 - 2015-03-04 21:44 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\Sony\Downloads\SpyHunter-Installer.exe
2015-03-04 20:56 - 2015-03-04 20:57 - 00013097 _____ () C:\Users\Sony\Downloads\webscr.htm
2015-03-02 18:25 - 2015-03-02 19:58 - 06287616 _____ () C:\Users\Sony\Desktop\20150303 PhD outline2.pptx
2015-02-28 00:01 - 2015-03-03 22:22 - 00000000 ____D () C:\ProgramData\Sony
2015-02-27 21:19 - 2015-02-27 21:19 - 00000000 ____D () C:\Users\Sony\AppData\Local\Hola
2015-02-27 21:16 - 2015-02-27 21:16 - 00000000 ____D () C:\Users\Sony\Downloads\hola_firefox_ext_1.6.785_www
2015-02-27 21:15 - 2015-02-27 21:15 - 00986085 _____ () C:\Users\Sony\Downloads\hola_firefox_ext_1.6.785_www.zip
2015-02-27 21:14 - 2015-02-27 21:14 - 00000000 ____D () C:\Users\Sony\AppData\Local\Macromedia
2015-02-27 21:12 - 2015-03-03 22:22 - 00000000 ____D () C:\Users\Sony\AppData\Local\Mozilla
2015-02-27 21:12 - 2015-02-27 21:12 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-27 21:12 - 2015-02-27 21:12 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-02-27 21:12 - 2015-02-27 21:12 - 00000000 ____D () C:\ProgramData\Mozilla
2015-02-27 21:12 - 2015-02-27 21:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-27 21:12 - 2015-02-27 21:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-27 21:11 - 2015-02-27 21:11 - 00243576 _____ () C:\Users\Sony\Downloads\Firefox Setup Stub 36.0.exe
2015-02-26 08:19 - 2015-01-09 07:43 - 00951808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2015-02-26 08:19 - 2015-01-09 06:03 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2015-02-26 08:19 - 2015-01-09 00:52 - 00478296 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-26 08:19 - 2015-01-09 00:52 - 00478296 _____ () C:\Windows\system32\locale.nls
2015-02-25 21:50 - 2015-03-02 22:10 - 00002848 _____ () C:\Windows\DtcInstall.log
2015-02-25 21:44 - 2015-03-02 22:05 - 00006281 _____ () C:\Windows\comsetup.log
2015-02-21 18:15 - 2015-02-21 18:15 - 00000000 ____D () C:\Users\Sony\AppData\Local\Steam
2015-02-21 17:35 - 2015-03-02 22:11 - 02082155 _____ () C:\Windows\setupact.log
2015-02-21 17:35 - 2015-02-21 17:35 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-18 07:16 - 2015-02-18 07:17 - 00295296 _____ () C:\Windows\Minidump\021815-83343-01.dmp
2015-02-18 07:16 - 2015-02-18 07:16 - 515714717 _____ () C:\Windows\MEMORY.DMP

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-16 13:17 - 2013-05-05 10:09 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-16 13:15 - 2012-09-29 02:24 - 01997684 _____ () C:\Windows\WindowsUpdate.log
2015-03-16 13:09 - 2013-01-04 13:35 - 00000000 ____D () C:\Users\Sony
2015-03-16 13:09 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru
2015-03-16 12:06 - 2013-05-04 16:08 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-03-16 11:40 - 2013-05-05 10:09 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-16 11:40 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-16 11:36 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-03-16 10:40 - 2014-11-07 22:40 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-16 10:08 - 2012-09-29 02:53 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2015-03-16 10:08 - 2012-09-29 02:53 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2015-03-16 10:08 - 2012-07-26 08:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-16 10:03 - 2015-01-21 08:14 - 00008192 _____ () C:\Windows\SysWOW64\WDPABKP.dat
2015-03-04 21:34 - 2014-10-20 10:40 - 00000000 ____D () C:\Users\Sony\Documents\HUK24
2015-03-04 21:23 - 2014-11-21 22:57 - 00000000 ___HD () C:\$Windows.~BT
2015-03-03 22:34 - 2014-12-11 22:59 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-03 22:34 - 2014-10-31 13:12 - 00000000 ____D () C:\Windows\system32\AutoUpdateLicense
2015-03-03 22:34 - 2014-08-26 18:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-03-03 22:34 - 2014-07-17 19:07 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-03 22:34 - 2013-05-22 22:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2015-03-03 22:34 - 2013-05-22 21:53 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2015-03-03 22:34 - 2013-05-22 21:49 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Main
2015-03-03 22:34 - 2013-05-10 08:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-03-03 22:34 - 2013-01-04 13:42 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-03 22:34 - 2013-01-04 13:42 - 00000000 ____D () C:\Users\Gast
2015-03-03 22:34 - 2013-01-04 13:36 - 00000000 ____D () C:\Windows\SysWOW64\VAIO Startup Setting Tool
2015-03-03 22:34 - 2013-01-04 13:35 - 00000000 ___RD () C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-03 22:34 - 2012-09-29 03:11 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-03 22:34 - 2012-09-29 03:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 8
2015-03-03 22:34 - 2012-09-29 02:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
2015-03-03 22:34 - 2012-09-29 02:17 - 00000000 ____D () C:\Windows\SysWOW64\SDA
2015-03-03 22:34 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
2015-03-03 22:34 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\en-GB
2015-03-03 22:34 - 2012-07-26 08:52 - 00000000 ____D () C:\Windows\ShellNew
2015-03-03 22:34 - 2012-07-26 06:38 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-03-03 22:31 - 2015-01-25 19:40 - 00000000 __RHD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
2015-03-03 22:31 - 2015-01-21 08:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD SmartWare
2015-03-03 22:31 - 2015-01-01 20:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-03-03 22:31 - 2015-01-01 14:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-03-03 22:31 - 2015-01-01 13:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2015-03-03 22:31 - 2015-01-01 13:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2015-03-03 22:31 - 2014-10-31 17:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2015-03-03 22:31 - 2014-10-10 08:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-03-03 22:31 - 2014-05-12 18:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DeLano Scientific
2015-03-03 22:31 - 2014-01-04 12:56 - 00000000 ____D () C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-03-03 22:31 - 2014-01-02 19:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-03 22:31 - 2013-12-10 07:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2015-03-03 22:31 - 2013-09-29 09:27 - 00000000 ____D () C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-03 22:31 - 2013-08-14 11:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-03-03 22:31 - 2013-06-09 18:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-03-03 22:31 - 2013-05-12 13:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-03-03 22:31 - 2013-05-12 13:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Scan
2015-03-03 22:31 - 2013-05-10 08:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect
2015-03-03 22:31 - 2013-05-05 17:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChemOffice 2002
2015-03-03 22:31 - 2013-05-05 10:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-03 22:31 - 2012-09-29 02:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel AppUp(SM) center
2015-03-03 22:30 - 2012-08-22 02:30 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-03-03 22:26 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\registration
2015-03-03 22:25 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\spool
2015-03-03 22:25 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\Resources
2015-03-03 22:23 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\Help
2015-03-03 22:22 - 2013-05-09 16:07 - 00000000 ____D () C:\Users\Sony\AppData\Roaming\Mozilla
2015-03-03 22:22 - 2013-05-05 10:09 - 00000000 ____D () C:\Users\Sony\AppData\Local\Google
2015-03-03 22:22 - 2013-05-04 16:08 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2015-03-03 22:22 - 2013-01-04 13:35 - 00000000 ____D () C:\Users\Sony\AppData\Roaming\Intel
2015-03-03 22:22 - 2012-09-29 02:49 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-03 22:22 - 2012-09-29 02:28 - 00000000 ____D () C:\ProgramData\McAfee
2015-03-03 22:22 - 2012-09-29 02:16 - 00000000 ____D () C:\ProgramData\Intel
2015-03-03 22:22 - 2012-09-29 02:00 - 00000000 ____D () C:\ProgramData\Sony Corporation
2015-03-03 22:22 - 2012-07-26 09:12 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-03-03 22:22 - 2012-07-26 09:12 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-03-03 22:22 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AppCompat
2015-03-03 22:22 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-03-03 22:11 - 2012-09-29 04:02 - 00000000 ____D () C:\Windows\system32\%AppData%
2015-03-03 22:11 - 2012-09-29 02:52 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2015-03-03 22:11 - 2012-09-29 02:52 - 00000000 ____D () C:\Windows\SysWOW64\sysprep
2015-03-03 22:11 - 2012-09-29 02:52 - 00000000 ____D () C:\Windows\system32\WCN
2015-03-03 22:11 - 2012-08-03 03:25 - 00000000 ____D () C:\ProgramData\PRICache
2015-03-03 22:11 - 2012-07-26 09:18 - 00000000 ____D () C:\Windows\DigitalLocker
2015-03-03 22:11 - 2012-07-26 06:38 - 00000000 ____D () C:\Windows\SysWOW64\SMI
2015-03-03 21:36 - 2014-09-15 18:11 - 00000000 __SHD () C:\Recovery
2015-03-02 18:10 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2015-02-28 00:02 - 2012-09-29 02:54 - 00000000 ____D () C:\Program Files\Sony
2015-02-28 00:02 - 2012-09-29 02:31 - 00000000 ____D () C:\Program Files (x86)\Sony
2015-02-27 08:24 - 2014-09-14 16:23 - 00129543 _____ () C:\Windows\diagwrn.xml
2015-02-27 08:24 - 2014-09-14 16:23 - 00129543 _____ () C:\Windows\diagerr.xml
2015-02-26 08:20 - 2012-07-26 08:59 - 00000000 ____D () C:\Windows\CbsTemp
2015-02-25 21:52 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-02-23 08:41 - 2014-11-10 18:40 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-02-23 08:41 - 2014-11-10 18:40 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-23 08:41 - 2014-01-02 19:00 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-22 21:10 - 2013-01-11 09:38 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4200808153-2432618595-1589944039-1001
2015-02-21 17:35 - 2012-09-29 02:07 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-02-20 11:14 - 2013-08-09 16:24 - 00000000 ____D () C:\Users\Sony\AppData\Roaming\Skype
2015-02-20 09:12 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\rescache
2015-02-19 21:07 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-18 07:16 - 2013-04-20 16:23 - 00000000 ____D () C:\Windows\Minidump
2015-02-17 20:06 - 2012-08-13 15:49 - 00177864 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys

==================== Files in the root of some directories =======

2012-09-29 02:08 - 2012-09-29 02:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Sony\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.812.exe
C:\Users\Sony\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.7.5.exe
C:\Users\Sony\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Sony\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-16 12:00

==================== End Of Log ============================

addition textfile

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Sony at 2015-03-16 13:18:22
Running from C:\Users\Sony\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{ECCD7F0B-2256-9B71-5B9D-3E78A4E6DF00}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Build-a-lot: On Vacation (x32 Version: 2.2.0.110 - WildTangent) Hidden
calibre (HKLM-x32\...\{C727544A-23E0-41A8-9901-2353CE3FE62A}) (Version: 2.14.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
ChemDraw Ultra 7.0 (HKLM-x32\...\{B1C145A4-E36E-4ABB-A8FA-EBD5168AFB45}) (Version: 7.0 - CambridgeSoft Corporation)
Chronicles of Albian (x32 Version: 2.2.0.110 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04059 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04059 - Cisco Systems, Inc.) Hidden
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Cubic Castles (HKLM-x32\...\Steam App 317470) (Version:  - Cosmic Cow LLC)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1923 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.5601.52 - CyberLink Corp.)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Echoes+ (HKLM-x32\...\Steam App 338000) (Version:  - Binary Zoo)
EPSON Copy Utility 3 (HKLM-x32\...\{67EDD823-135A-4D59-87BD-950616D6E857}) (Version: 3.2.0.0 - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Heroes of Hellas 3: Athens (x32 Version: 2.2.0.110 - WildTangent) Hidden
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 38645) (Version: 03.05.11 - Intel)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3097 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{E77289CF-12B9-4CAB-A49E-FEAE947F4D95}) (Version: 15.5.4.0423 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{DA2600C1-6BDF-4FD1-8F3D-148929CC1385}) (Version: 2.6.1210.0278 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.3.1004 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{EDBA2433-0910-4C72-8C5B-8FEDAE3EF18E}) (Version: 3.5.34.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{1593C708-5535-47A4-8C0F-F8D4BE2B4560}) (Version: 15.05.6000.1620 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java(TM) 7 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417005FF}) (Version: 7.0.50 - Oracle)
Kaspersky Internet Security 2013 (HKLM-x32\...\InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}) (Version: 13.0.1.4190 - Kaspersky Lab)
Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab) Hidden
KUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Luxor HD (x32 Version: 2.2.0.110 - WildTangent) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 36.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0 (x86 de)) (Version: 36.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Networkx64 (Version: 1.0.0 - Sony Corporation) Hidden
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayMemories Home (HKLM-x32\...\{10DD6128-A810-4A90-9523-475D573FBB37}) (Version: 6.3.02.07270 - Sony Corporation)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
PyMOL (HKLM-x32\...\PyMOL) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6748 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.2.0.09270 - Sony Corporation) Hidden
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
SES Driver (HKLM\...\{D8CC254C-C671-4664-9A38-FA368D1E2C97}) (Version: 1.0.0 - Western Digital)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SPEEDLINK Strike 2 Gamepad (HKLM-x32\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.08.17 - )
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.16.2 - Synaptics Incorporated)
The Way of Life (HKLM-x32\...\Steam App 310370) (Version:  - Fabio Ferrara)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VAIO - Remote-Tastatur (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.2.0.09270 - Sony Corporation)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.0.1.10180 - Sony Corporation)
VAIO Care (HKLM\...\{EF649526-0134-46A8-8DF3-D7F9309E48DB}) (Version: 8.4.2.12046 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.0.0.08200 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.10.0.07270 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{14AC95A2-7675-4988-A5BD-3F5B943AED08}) (Version: 3.0.1.02270 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 3.0.0.08060 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.0.0.08240 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.0.0.08240 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.0.00.08170 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.0.00.08170 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.0.0.08090 - Sony Corporation)
VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.0.0.08240 - Sony Corporation)
VAIO Movie Creator Template Data (HKLM-x32\...\InstallShield_{00A663F1-6C03-48CA-8E85-55806AAE2615}) (Version: 4.0.00.08170 - Sony Corporation)
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VAIO*CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 3.0.0.08100 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.8.0.08212 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WD Quick View (HKLM-x32\...\{C58994CF-D15D-41E3-A03B-587B39EAA903}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{142D42E3-07A9-4AAC-BD3B-636392891706}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{604CB4FC-3D32-405F-A109-165F170529B6}) (Version: 1.2.0.8 - Western Digital)
WD SmartWare Installer (HKLM-x32\...\{1891b882-48f7-442d-98d0-c1ce533f25bd}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)
WildTangent Games App (x32 Version: 4.0.10.16 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent sony Master Uninstall) (Version: 1.0.3.0 - WildTangent)
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM  (01/19/2011 1.0.0009.0) (HKLM\...\4CA7CFBB29889F25ACB3DF6E3A42BAE29EB43B20) (Version: 01/19/2011 1.0.0009.0 - Western Digital Technologies)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

28-02-2015 19:06:03 Windows Update
04-03-2015 06:52:00 Windows Update
16-03-2015 11:55:54 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {02A7D228-9ED6-4583-BACD-690FB8DE7832} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {033926BC-D1DC-450E-A67E-CAEB44D68CBF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {08C928A8-465F-43ED-BF66-6CB787577FFD} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {1267E501-A2CB-4DFB-9AE0-841423A1AD96} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-02-11] (Microsoft Corporation)
Task: {1821ED72-9CFE-40D5-822A-216F500107A9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-05] (Google Inc.)
Task: {209791FE-08F2-4E7B-9639-FC2E412BA8B5} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {2C5C339F-B005-4311-BC8A-B842A9F6D1A8} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {3E37D3B8-949E-4204-B537-57641289C7D9} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {3FC01EDE-9ECC-4821-A8A4-5762C008AC35} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-08-09] (Sony Corporation)
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - \Microsoft\Windows\Live\Roaming\SynchronizeWithStorage No Task File <==== ATTENTION
Task: {502975AC-39CF-4CD2-907E-2DD781A8BB61} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {509970C4-405E-4741-99B1-30C1C19A0DB6} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {50A86B07-41BA-4A7B-BE7B-11FA3654757F} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {53535DE2-A241-4B52-9039-B586210716A9} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {598F7663-FBE5-4E62-A5FD-AE83F493E8B0} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {6348E911-629D-435B-83D2-4CE024AA9BDA} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {6F06C696-C240-4060-8BE3-33E014FE735B} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {77558AC1-3E5A-4468-80C6-058C7F41C289} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {7DFE9077-11E8-4A18-8057-B0376141BDFB} - System32\Tasks\Sony Corporation\VAIO Care\UpdateContacts => %ProgramData%\Sony Corporation\VAIO Care\UpdateContacts.exe
Task: {97849117-CB78-414A-B6F3-1C0BFD082478} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - \Microsoft\Windows\Live\Roaming\MaintenanceTask No Task File <==== ATTENTION
Task: {A8411474-9BBA-4D22-9D69-AC03C0DE5BB7} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-08-04] (Sony Corporation)
Task: {AC7EECA3-B343-4825-8F9A-DBA52BD60DD0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {AE72F5AF-4A7E-4415-9CD2-9EE89B8D21D7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-05] (Google Inc.)
Task: {AE900FF6-533D-4B5C-B58D-72A4245C7C46} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {AEFABA6E-F5F4-4361-81C3-E5CCE28679D6} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2012-10-19] (Sony Corporation)
Task: {BE932753-C6C2-4945-90E3-6EEC8319154E} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)
Task: {BEC773D4-8A54-4381-AE9E-9D6C040C6D39} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {C933BDDD-5D2F-4EDC-97F5-DA56432C4456} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {CBD6F0A6-A41A-4AF6-90D2-F6163BC30FD2} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2013-02-21] (Sony Corporation)
Task: {D6898C93-2CAA-4AF4-BA4E-D3ED77D839CB} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {E49BB4E5-806F-4520-8D96-1464C47E1E2C} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {ED1CAC50-0B05-4B61-9A86-FE29150BE27D} - System32\Tasks\EPUpdater => C:\Users\Sony\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-04-07] () <==== ATTENTION
Task: {F224C9DF-3FE4-4822-A3B4-D77EDB241825} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-12-03] (Sony Corporation)
Task: {F47A67B8-AFBB-49D3-954F-B59ED9472E54} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {F56253D4-6E87-4DD2-B227-612E6F364047} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)
Task: {FC4F7893-A09A-413C-B16F-2CC592151936} - System32\Tasks\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-07-31] (Sony Corporation)
Task: {FE0FF93E-8860-413E-9242-8C2ECF459C11} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2012-08-23 17:25 - 2012-08-22 14:05 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-06 10:54 - 2012-08-06 10:54 - 00369664 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-11-19 10:21 - 2013-11-19 10:21 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2013-06-19 16:00 - 2013-06-19 16:00 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-17 20:39 - 2013-05-04 16:19 - 01310136 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll
2012-09-29 02:52 - 2012-06-25 14:47 - 00891392 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll
2012-09-29 02:52 - 2012-06-25 14:47 - 02281984 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll
2012-09-29 02:52 - 2012-06-25 14:47 - 00015872 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2012-09-29 02:52 - 2012-06-25 14:47 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2012-09-29 02:52 - 2012-06-25 14:47 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2012-09-29 02:52 - 2012-06-25 14:47 - 00339456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll
2012-09-29 02:52 - 2012-06-25 14:47 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2012-09-29 02:52 - 2012-06-25 14:47 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2012-09-29 02:52 - 2012-06-25 14:47 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2012-09-29 02:52 - 2012-06-25 14:47 - 00443904 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2012-09-29 02:52 - 2012-06-25 14:47 - 00019456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2012-09-29 02:52 - 2012-06-25 14:47 - 00060928 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2012-08-17 20:38 - 2012-08-17 20:38 - 00479160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
2012-09-29 03:03 - 2012-06-08 04:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 10:34 - 2012-06-08 10:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2012-09-29 02:16 - 2012-07-25 03:52 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-03-16 13:18 - 2015-03-10 19:09 - 10033232 _____ () C:\Program Files (x86)\Google\Update\Install\{3D8D85B5-04B4-4CDD-ACCF-4454D0904DF0}\41.0.2272.89_40.0.2214.115_chrome_updater.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sony\Pictures\Urlaub Malaga\Felix\CIMG9423.JPG
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "WDDMStatus.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WDSmartWare.lnk"
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "mcpltui_exe"
HKLM\...\StartupApproved\Run32: => "WD Quick View"
HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\...\StartupApproved\Run: => "Skype"

==================== Accounts: =============================

Administrator (S-1-5-21-4200808153-2432618595-1589944039-500 - Administrator - Disabled)
Gast (S-1-5-21-4200808153-2432618595-1589944039-501 - Limited - Disabled) => C:\Users\Gast
Sony (S-1-5-21-4200808153-2432618595-1589944039-1001 - Administrator - Enabled) => C:\Users\Sony

==================== Faulty Device Manager Devices =============

Name: USB-IF xHCI USB Host Controller
Description: USB-IF xHCI USB Host Controller
Class Guid: {8a2edc79-c759-46f2-88af-9d4efe3b5eee}
Manufacturer: Intel Corporation
Service: XHCIPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/16/2015 11:40:54 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (03/16/2015 11:40:45 AM) (Source: WDSmartWareBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.WDSmartWareBackgroundService.OnStart(String[] args)

Error: (03/16/2015 11:36:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VCAgent.exe, Version: 8.4.2.12030, Zeitstempel: 0x5476d099
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000007f84640b5b1
ID des fehlerhaften Prozesses: 0x874
Startzeit der fehlerhaften Anwendung: 0xVCAgent.exe0
Pfad der fehlerhaften Anwendung: VCAgent.exe1
Pfad des fehlerhaften Moduls: VCAgent.exe2
Berichtskennung: VCAgent.exe3
Vollständiger Name des fehlerhaften Pakets: VCAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VCAgent.exe5

Error: (03/16/2015 11:36:01 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: VCAgent.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
   bei VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   bei System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
   bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   bei System.Windows.Application.RunInternal(System.Windows.Window)
   bei System.Windows.Application.Run()
   bei VCAgent.App.Main()

Error: (03/16/2015 10:03:18 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (03/16/2015 10:03:03 AM) (Source: WDSmartWareBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.WDSmartWareBackgroundService.OnStart(String[] args)

Error: (03/04/2015 10:46:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VCAgent.exe, Version: 8.4.2.12030, Zeitstempel: 0x5476d099
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000007fe3e9ab5b1
ID des fehlerhaften Prozesses: 0xe24
Startzeit der fehlerhaften Anwendung: 0xVCAgent.exe0
Pfad der fehlerhaften Anwendung: VCAgent.exe1
Pfad des fehlerhaften Moduls: VCAgent.exe2
Berichtskennung: VCAgent.exe3
Vollständiger Name des fehlerhaften Pakets: VCAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VCAgent.exe5

Error: (03/04/2015 10:46:22 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: VCAgent.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
   bei VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   bei System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
   bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   bei System.Windows.Application.RunInternal(System.Windows.Window)
   bei System.Windows.Application.Run()
   bei VCAgent.App.Main()

Error: (03/04/2015 09:03:11 PM) (Source: WDSmartWareBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.WDSmartWareBackgroundService.OnStart(String[] args)

Error: (03/04/2015 09:01:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VCAgent.exe, Version: 8.4.2.12030, Zeitstempel: 0x5476d099
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000007fae0dab5b1
ID des fehlerhaften Prozesses: 0x95c
Startzeit der fehlerhaften Anwendung: 0xVCAgent.exe0
Pfad der fehlerhaften Anwendung: VCAgent.exe1
Pfad des fehlerhaften Moduls: VCAgent.exe2
Berichtskennung: VCAgent.exe3
Vollständiger Name des fehlerhaften Pakets: VCAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VCAgent.exe5


System errors:
=============
Error: (03/16/2015 11:40:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Content Filter" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/16/2015 11:36:35 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {78FD0120-D39C-45D8-A9BE-2B802B3C23E5}

Error: (03/16/2015 11:36:35 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {78FD0120-D39C-45D8-A9BE-2B802B3C23E5}

Error: (03/16/2015 10:21:29 AM) (Source: DCOM) (EventID: 10010) (User: VAIO)
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}

Error: (03/16/2015 10:05:57 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Energy Server Service" wurde mit folgendem Fehler beendet: 
%%268439612

Error: (03/16/2015 10:03:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Content Filter" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/04/2015 10:47:00 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {78FD0120-D39C-45D8-A9BE-2B802B3C23E5}

Error: (03/04/2015 10:47:00 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {78FD0120-D39C-45D8-A9BE-2B802B3C23E5}

Error: (03/04/2015 09:23:47 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070001 fehlgeschlagen: German ESD Bundle Parent

Error: (03/04/2015 09:17:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070001 fehlgeschlagen: German ESD Bundle Parent


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 50%
Total physical RAM: 3968.39 MB
Available physical RAM: 1975.68 MB
Total Pagefile: 8064.39 MB
Available Pagefile: 5533.55 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:434.36 GB) (Free:346.37 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 4CC9783F)

Partition: GPT Partition Type.

==================== End Of Log ============================

Gmer file

Code:

ATTFilter

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-03-16 13:38:31
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000033 Hitachi_HTS547550A9E384 rev.JE3OA50B 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\Sony\AppData\Local\Temp\pxloypog.sys


---- Kernel code sections - GMER 2.1 ----

.text   C:\Windows\System32\win32k.sys!W32pServiceTable                                                                fffff960000b5f00 7 bytes [00, 38, 7F, 01, 00, FD, F1]
.text   C:\Windows\System32\win32k.sys!W32pServiceTable + 8                                                            fffff960000b5f08 7 bytes [01, 0C, C0, FF, 00, D2, DA]

---- User code sections - GMER 2.1 ----

.text   C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2256] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306  000007fdec37177a 4 bytes [37, EC, FD, 07]
.text   C:\Program Files\Intel\WiFi\bin\EvtEng.exe[2256] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314  000007fdec371782 4 bytes [37, EC, FD, 07]

---- Threads - GMER 2.1 ----

Thread  C:\Windows\system32\csrss.exe [900:924]                                                                        fffff960009985e8

---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                                                                                          unknown MBR code

---- EOF - GMER 2.1 ----

Dankeschön!

schrauber · 16.03.2015, 14:58

hi,

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

aubergine13 · 16.03.2015, 18:38

Hallo liebes Trojaner-Board-Team,

also ich habe beide Anweisungen durchgeführt und es wurde weder ein clean-up nach dem scan mit mbar benötigt noch wurde ein threat nach dem scan mit TDSSKiller angezeigt.

Hier die logfiles:
mbar

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.03.16.02
  rootkit: v2015.02.25.01

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.17228
Sony :: VAIO [administrator]

16.03.2015 15:25:11
mbar-log-2015-03-16 (15-25-11).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 426394
Time elapsed: 34 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

TDSSKiller

Code:

ATTFilter

18:21:36.0195 0x0044  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
18:21:36.0195 0x0044  UEFI system
18:21:39.0805 0x0044  ============================================================
18:21:39.0805 0x0044  Current date / time: 2015/03/16 18:21:39.0805
18:21:39.0805 0x0044  SystemInfo:
18:21:39.0805 0x0044  
18:21:39.0805 0x0044  OS Version: 6.2.9200 ServicePack: 0.0
18:21:39.0805 0x0044  Product type: Workstation
18:21:39.0805 0x0044  ComputerName: VAIO
18:21:39.0805 0x0044  UserName: Sony
18:21:39.0805 0x0044  Windows directory: C:\Windows
18:21:39.0805 0x0044  System windows directory: C:\Windows
18:21:39.0805 0x0044  Running under WOW64
18:21:39.0805 0x0044  Processor architecture: Intel x64
18:21:39.0805 0x0044  Number of processors: 4
18:21:39.0805 0x0044  Page size: 0x1000
18:21:39.0805 0x0044  Boot type: Normal boot
18:21:39.0805 0x0044  ============================================================
18:21:41.0008 0x0044  KLMD registered as C:\Windows\system32\drivers\70836023.sys
18:21:41.0336 0x0044  System UUID: {F794DF2C-C92D-CE63-D6CD-5A3773697CBB}
18:21:41.0867 0x0044  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:21:41.0867 0x0044  ============================================================
18:21:41.0867 0x0044  \Device\Harddisk0\DR0:
18:21:41.0867 0x0044  GPT partitions:
18:21:41.0867 0x0044  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {F4019732-066E-4E12-8273-346C5641494F}, UniqueGUID: {C949730A-194E-4041-87E6-1C1AF101A2F8}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x82000
18:21:41.0867 0x0044  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5EFFA0CE-8E74-40D5-A924-6B825B448011}, Name: Basic data partition, StartLBA 0x82800, BlocksNum 0x2E1000
18:21:41.0867 0x0044  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {46823E82-54F3-4717-9D49-DE33C565EEC9}, Name: EFI system partition, StartLBA 0x363800, BlocksNum 0x82000
18:21:41.0867 0x0044  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {47EC520D-155A-4059-B1E1-C87FB3ECE55B}, Name: Microsoft reserved partition, StartLBA 0x3E5800, BlocksNum 0x40000
18:21:41.0867 0x0044  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {5CBC929C-D40C-4C03-977B-E2F44F96E97A}, Name: Basic data partition, StartLBA 0x425800, BlocksNum 0x364B8800
18:21:41.0867 0x0044  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {6B6B91B1-5F25-48C3-B5AE-0D50D38C14BB}, Name: , StartLBA 0x368DE000, BlocksNum 0xE1000
18:21:41.0867 0x0044  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {F8AF51D2-E321-4534-A8D2-5B399A0EF8AD}, Name: Basic data partition, StartLBA 0x369BF000, BlocksNum 0x39C7000
18:21:41.0867 0x0044  MBR partitions:
18:21:41.0867 0x0044  ============================================================
18:21:41.0899 0x0044  C: <-> \Device\Harddisk0\DR0\Partition5
18:21:41.0899 0x0044  ============================================================
18:21:41.0899 0x0044  Initialize success
18:21:41.0899 0x0044  ============================================================
18:21:52.0449 0x0488  ============================================================
18:21:52.0449 0x0488  Scan started
18:21:52.0449 0x0488  Mode: Manual; 
18:21:52.0449 0x0488  ============================================================
18:21:52.0449 0x0488  KSN ping started
18:21:54.0839 0x0488  KSN ping finished: true
18:21:55.0777 0x0488  ================ Scan system memory ========================
18:21:55.0777 0x0488  System memory - ok
18:21:55.0777 0x0488  ================ Scan services =============================
18:21:55.0949 0x0488  [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
18:21:55.0964 0x0488  1394ohci - ok
18:21:55.0980 0x0488  [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware           C:\Windows\system32\drivers\3ware.sys
18:21:55.0980 0x0488  3ware - ok
18:21:56.0043 0x0488  [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:21:56.0058 0x0488  ACPI - ok
18:21:56.0074 0x0488  [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
18:21:56.0074 0x0488  acpiex - ok
18:21:56.0089 0x0488  [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
18:21:56.0089 0x0488  acpipagr - ok
18:21:56.0089 0x0488  [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
18:21:56.0089 0x0488  AcpiPmi - ok
18:21:56.0105 0x0488  [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
18:21:56.0105 0x0488  acpitime - ok
18:21:56.0136 0x0488  [ 5AE65DCD983077278A6173C2872BCA99, 81C4DE30A3C20338761D04121773C7B4BB88F8A0AF82F55B8EBF3C84194AD9B6 ] acsock          C:\Windows\system32\DRIVERS\acsock64.sys
18:21:56.0152 0x0488  acsock - ok
18:21:56.0277 0x0488  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:21:56.0277 0x0488  AdobeARMservice - ok
18:21:56.0433 0x0488  [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:21:56.0433 0x0488  AdobeFlashPlayerUpdateSvc - ok
18:21:56.0480 0x0488  [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
18:21:56.0496 0x0488  adp94xx - ok
18:21:56.0496 0x0488  [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci         C:\Windows\system32\drivers\adpahci.sys
18:21:56.0511 0x0488  adpahci - ok
18:21:56.0511 0x0488  [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
18:21:56.0527 0x0488  adpu320 - ok
18:21:56.0574 0x0488  [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:21:56.0574 0x0488  AeLookupSvc - ok
18:21:56.0636 0x0488  [ FE7FB9612D354EB41DF4F0FF5D6FB259, 98D5BD9C1300195C49CB0717A831A06D99F7AE631D5EA065E10BFE7C2FA57A18 ] AFD             C:\Windows\system32\drivers\afd.sys
18:21:56.0668 0x0488  AFD - ok
18:21:56.0683 0x0488  [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440          C:\Windows\system32\drivers\agp440.sys
18:21:56.0683 0x0488  agp440 - ok
18:21:56.0714 0x0488  [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG             C:\Windows\System32\alg.exe
18:21:56.0714 0x0488  ALG - ok
18:21:56.0730 0x0488  [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
18:21:56.0746 0x0488  AllUserInstallAgent - ok
18:21:56.0777 0x0488  [ 1F500945F87AA517BD2F049256B304DD, AFAA5C58A516C63C5142798FAF5CA55AF14EF85BA6EF5E9657C8FF7B0F7311E7 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:21:56.0777 0x0488  AMD External Events Utility - ok
18:21:56.0808 0x0488  [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
18:21:56.0824 0x0488  AmdK8 - ok
18:21:57.0136 0x0488  [ 2A831A7F9031B5BBA6EF189381D65228, 797FBD32F7514235293E003F0AE9F570173E7738251070879500C4F21F105C96 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
18:21:57.0308 0x0488  amdkmdag - ok
18:21:57.0371 0x0488  [ B9ACB2AA40709E060CDC34F13F1C9C8F, D483FCFC5EC76998DA4D0655ADCC5A5844E74FD5FB4B5862761B9FEAEFCFC6DB ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
18:21:57.0371 0x0488  amdkmdap - ok
18:21:57.0402 0x0488  [ 02CF5AD93538CCE63EB09364EDD3DCF9, A50EBC874966DDA8D209F102148BBD3C6BD5E0CB0DB23D22A99AC3AD3AACE17A ] amdkmpfd        C:\Windows\system32\drivers\amdkmpfd.sys
18:21:57.0402 0x0488  amdkmpfd - ok
18:21:57.0449 0x0488  [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
18:21:57.0449 0x0488  AmdPPM - ok
18:21:57.0480 0x0488  [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:21:57.0480 0x0488  amdsata - ok
18:21:57.0496 0x0488  [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
18:21:57.0511 0x0488  amdsbs - ok
18:21:57.0511 0x0488  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:21:57.0527 0x0488  amdxata - ok
18:21:57.0543 0x0488  [ 0C3D62CB6B8F2B3CC42369BAC0F58AD5, F0121EACB6060DF1F6C5F79C15D5B483F301EF85B3C79F67806520BE9CEE398E ] AMPPAL          C:\Windows\System32\drivers\AMPPAL.sys
18:21:57.0543 0x0488  AMPPAL - ok
18:21:57.0543 0x0488  [ 0C3D62CB6B8F2B3CC42369BAC0F58AD5, F0121EACB6060DF1F6C5F79C15D5B483F301EF85B3C79F67806520BE9CEE398E ] AMPPALP         C:\Windows\system32\DRIVERS\amppal.sys
18:21:57.0558 0x0488  AMPPALP - ok
18:21:57.0636 0x0488  [ 11DA9AEDEDE229C6BDF6889298E91FDD, BDA9EB3E92CC5D30ABF39DAFF7197C1179E6616A06025093ABD04D0DC3F36740 ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
18:21:57.0652 0x0488  AMPPALR3 - ok
18:21:57.0683 0x0488  [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID           C:\Windows\system32\drivers\appid.sys
18:21:57.0683 0x0488  AppID - ok
18:21:57.0699 0x0488  [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:21:57.0699 0x0488  AppIDSvc - ok
18:21:57.0761 0x0488  [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo         C:\Windows\System32\appinfo.dll
18:21:57.0761 0x0488  Appinfo - ok
18:21:57.0902 0x0488  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:21:57.0902 0x0488  Apple Mobile Device - ok
18:21:57.0918 0x0488  [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc             C:\Windows\system32\drivers\arc.sys
18:21:57.0933 0x0488  arc - ok
18:21:57.0949 0x0488  [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
18:21:57.0949 0x0488  arcsas - ok
18:21:57.0964 0x0488  [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:21:57.0964 0x0488  AsyncMac - ok
18:21:57.0964 0x0488  [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi           C:\Windows\system32\drivers\atapi.sys
18:21:57.0964 0x0488  atapi - ok
18:21:58.0074 0x0488  [ DECE3E2832F125A41A02FB59F4C54EEA, 2994024E5C295E9FDF4C6C0A8F2B17C07C158AD1567BEDA46A482C6C08F460BC ] athr            C:\Windows\system32\DRIVERS\athrx.sys
18:21:58.0121 0x0488  athr - ok
18:21:58.0168 0x0488  [ 8FB10919E1283FD108334FDBFB173574, EAD11C6FA884AAC9E8534C267E9B1D2EAB1F2A396EACC900525465A2AEAB84D3 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
18:21:58.0183 0x0488  AudioEndpointBuilder - ok
18:21:58.0261 0x0488  [ 463E7457227E970CB249031AEAE7902C, 2F627BC558E5764592B08269F3EE4C6ECD544904963312A60F5B0C0B9C8C5D32 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
18:21:58.0277 0x0488  Audiosrv - ok
18:21:58.0355 0x0488  [ 15D2DB9BFA8E833ED31FAB2BB088FDDA, 6198C0A5DA01DA146A9A054C3C882A1DBF9BA84466EBFDDA1C1062EF36F9B34B ] AVP             C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
18:21:58.0355 0x0488  AVP - ok
18:21:58.0386 0x0488  [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:21:58.0386 0x0488  AxInstSV - ok
18:21:58.0449 0x0488  [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
18:21:58.0465 0x0488  b06bdrv - ok
18:21:58.0480 0x0488  [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
18:21:58.0480 0x0488  BasicDisplay - ok
18:21:58.0527 0x0488  [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
18:21:58.0527 0x0488  BasicRender - ok
18:21:58.0590 0x0488  [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC          C:\Windows\System32\bdesvc.dll
18:21:58.0590 0x0488  BDESVC - ok
18:21:58.0621 0x0488  [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep            C:\Windows\system32\drivers\Beep.sys
18:21:58.0621 0x0488  Beep - ok
18:21:58.0683 0x0488  [ C72AB32F7EFCA677AF079F4336BC1609, 90FF653027709ADB674B2D4240E398E7A64D2079CBF56E3983008D92FA12EA0D ] BFE             C:\Windows\System32\bfe.dll
18:21:58.0699 0x0488  BFE - ok
18:21:58.0793 0x0488  [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS            C:\Windows\System32\qmgr.dll
18:21:58.0824 0x0488  BITS - ok
18:21:58.0918 0x0488  [ BAE8683BE3463B25E51875B380AB695A, 3EDB44560F798BB05AB7F534CEC4688C35AD9092B7D1CC5F58B47E82BD8EA270 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
18:21:58.0933 0x0488  Bluetooth Device Monitor - ok
18:21:58.0996 0x0488  [ AF06006C7A8B6CE409ABD351867A9544, AB985CEB86E57AB99E8D273058533CD3D04FF3232C62688DFD8F9D6A5B6586CD ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
18:21:59.0011 0x0488  Bluetooth OBEX Service - ok
18:21:59.0027 0x0488  [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:21:59.0043 0x0488  bowser - ok
18:21:59.0074 0x0488  [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
18:21:59.0074 0x0488  BrokerInfrastructure - ok
18:21:59.0105 0x0488  [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser         C:\Windows\System32\browser.dll
18:21:59.0121 0x0488  Browser - ok
18:21:59.0152 0x0488  [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
18:21:59.0152 0x0488  BthAvrcpTg - ok
18:21:59.0215 0x0488  [ A8B20D852B07AE19A13B5D47EC4E4C3B, 86571C9E2BA15BB169CAB2D24C4D0598154C02FD173638CAFC685A7F6B09472D ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
18:21:59.0215 0x0488  BthEnum - ok
18:21:59.0230 0x0488  [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
18:21:59.0230 0x0488  BthHFEnum - ok
18:21:59.0277 0x0488  [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
18:21:59.0277 0x0488  bthhfhid - ok
18:21:59.0308 0x0488  [ 42201C346F0B8C458E1E9CDE04D68A2C, 6168FD0D10CD06B00B5C79D5D2B5C353AAC22FD99CE8D417DDBA33ED63CFB8BF ] BthLEEnum       C:\Windows\system32\DRIVERS\BthLEEnum.sys
18:21:59.0324 0x0488  BthLEEnum - ok
18:21:59.0355 0x0488  [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
18:21:59.0355 0x0488  BTHMODEM - ok
18:21:59.0386 0x0488  [ 091BB978E9504D0AD14586929431A957, ACED02B879026A228E35F40847C210BC30A5AFC948FFE922DB21663E4A8DFF1D ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
18:21:59.0386 0x0488  BthPan - ok
18:21:59.0480 0x0488  [ 13795CAA34239D97A7211E7F9D96E012, C4F3402B063A7CFCE386D1AE9255975A199164BA9E7DCDB6129725213A0642B1 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
18:21:59.0511 0x0488  BTHPORT - ok
18:21:59.0527 0x0488  [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv         C:\Windows\system32\bthserv.dll
18:21:59.0527 0x0488  bthserv - ok
18:21:59.0558 0x0488  [ 53ECA72327243009C4D49BF934134A1B, 910CE8EA6921304B0DF13227CA2DC0FE18A57E9633C885EE7AE7F71AD536EB6E ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
18:21:59.0574 0x0488  BTHSSecurityMgr - ok
18:21:59.0605 0x0488  [ 1F715957F5236D30B6020A19A4271F6A, C06B637C2C6919E2DE1055AE249AE3EAF7B4890799F22BF5757CC10CEF145043 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
18:21:59.0605 0x0488  BTHUSB - ok
18:21:59.0636 0x0488  [ 8F5E4E166C19A1B60F508057CF2FF96E, 6924EC4B820BB9C1753C1153AF315717826C7393D42C3AFB097957885987B7A3 ] btmaux          C:\Windows\system32\DRIVERS\btmaux.sys
18:21:59.0652 0x0488  btmaux - ok
18:21:59.0715 0x0488  [ FD6DCB9E986D4B88655370C7F3976F78, F106BBC3147BF4FFEE3A56B477BA7F26A269CAE659570930860AF033F1171A70 ] btmhsf          C:\Windows\system32\DRIVERS\btmhsf.sys
18:21:59.0746 0x0488  btmhsf - ok
18:21:59.0761 0x0488  [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:21:59.0761 0x0488  cdfs - ok
18:21:59.0808 0x0488  [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom           C:\Windows\System32\drivers\cdrom.sys
18:21:59.0824 0x0488  cdrom - ok
18:21:59.0855 0x0488  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:21:59.0855 0x0488  CertPropSvc - ok
18:21:59.0902 0x0488  [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass        C:\Windows\System32\drivers\circlass.sys
18:21:59.0902 0x0488  circlass - ok
18:21:59.0949 0x0488  [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS            C:\Windows\system32\drivers\CLFS.sys
18:21:59.0965 0x0488  CLFS - ok
18:22:00.0027 0x0488  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\Windows\system32\DRIVERS\CLVirtualDrive.sys
18:22:00.0027 0x0488  CLVirtualDrive - ok
18:22:00.0074 0x0488  [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
18:22:00.0074 0x0488  CmBatt - ok
18:22:00.0136 0x0488  [ 93E49DDA75C10C3AE084C32608C68666, 1F05F40B362AD8A9DA579D03E08C3E7DC0B8996DC7DBAF096B33F92C854EAA43 ] CNG             C:\Windows\system32\Drivers\cng.sys
18:22:00.0168 0x0488  CNG - ok
18:22:00.0183 0x0488  [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
18:22:00.0183 0x0488  CompositeBus - ok
18:22:00.0183 0x0488  COMSysApp - ok
18:22:00.0183 0x0488  [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv          C:\Windows\system32\drivers\condrv.sys
18:22:00.0183 0x0488  condrv - ok
18:22:00.0308 0x0488  [ 283048742BEAADEA1B1C1C9B3DFC10F6, 6F705138090208F8184993826CD7189B517DCAC8CA37DCD3EEEA01D782602258 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
18:22:00.0308 0x0488  cphs - ok
18:22:00.0355 0x0488  [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:22:00.0355 0x0488  CryptSvc - ok
18:22:00.0402 0x0488  [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam             C:\Windows\system32\drivers\dam.sys
18:22:00.0402 0x0488  dam - ok
18:22:00.0465 0x0488  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:22:00.0480 0x0488  DcomLaunch - ok
18:22:00.0543 0x0488  [ FC1569B5705887D74FE7C8A39BE1C71C, 7DEB8FE472C72C439A2F54B6277C0A87AC2083869BD9AF8226071B7AA33B09FF ] defragsvc       C:\Windows\System32\defragsvc.dll
18:22:00.0543 0x0488  defragsvc - ok
18:22:00.0590 0x0488  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\Windows\system32\das.dll
18:22:00.0605 0x0488  DeviceAssociationService - ok
18:22:00.0652 0x0488  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
18:22:00.0652 0x0488  DeviceInstall - ok
18:22:00.0699 0x0488  [ 431141C6859990824D17F71C30A78728, 448B3DC20C8FDD5B66217E0E01DBCC4904F94BDA0826F109D139DDD2C2D7FBF2 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
18:22:00.0715 0x0488  Dfsc - ok
18:22:00.0761 0x0488  [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:22:00.0777 0x0488  Dhcp - ok
18:22:00.0793 0x0488  [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache        C:\Windows\system32\drivers\discache.sys
18:22:00.0793 0x0488  discache - ok
18:22:00.0824 0x0488  [ AE3786294CC246A5403783E1B86A0168, 29A7B4B490CBB16DAEF5D67D0A58A2577CF3FEE8F889484DB867F6913D9D2A28 ] disk            C:\Windows\system32\drivers\disk.sys
18:22:00.0840 0x0488  disk - ok
18:22:00.0855 0x0488  [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
18:22:00.0855 0x0488  dmvsc - ok
18:22:00.0933 0x0488  [ B9450BC3F1820A99D010D7426BCA60E9, FC7C35A0C522E5DA52B0616CF99F4903EAC14946180A18A8D8A0FF555BAA87C5 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:22:00.0933 0x0488  Dnscache - ok
18:22:00.0980 0x0488  [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc         C:\Windows\System32\dot3svc.dll
18:22:00.0980 0x0488  dot3svc - ok
18:22:01.0058 0x0488  [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4            C:\Windows\system32\DRIVERS\Dot4.sys
18:22:01.0074 0x0488  dot4 - ok
18:22:01.0121 0x0488  [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print       C:\Windows\System32\drivers\Dot4Prt.sys
18:22:01.0121 0x0488  Dot4Print - ok
18:22:01.0152 0x0488  [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
18:22:01.0168 0x0488  dot4usb - ok
18:22:01.0215 0x0488  [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS             C:\Windows\system32\dps.dll
18:22:01.0230 0x0488  DPS - ok
18:22:01.0262 0x0488  [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:22:01.0262 0x0488  drmkaud - ok
18:22:01.0308 0x0488  [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
18:22:01.0324 0x0488  DsmSvc - ok
18:22:01.0433 0x0488  [ 2BB5627EB587FA995086C3D8C21B6D3F, 871E35BBE66180781324D38823B74263B660CF9254EE348A15421FAC5667F294 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:22:01.0449 0x0488  DXGKrnl - ok
18:22:01.0527 0x0488  [ CFE0E3D5EFBF0649E5900CBFCC2B95F7, 8C6C4579048D0D9C43742DBD55CB2E704914D46016BBBF68FCD860320605C6F1 ] e1yexpress      C:\Windows\system32\DRIVERS\e1y60x64.sys
18:22:01.0543 0x0488  e1yexpress - ok
18:22:01.0574 0x0488  [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost         C:\Windows\System32\eapsvc.dll
18:22:01.0574 0x0488  Eaphost - ok
18:22:01.0730 0x0488  [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv           C:\Windows\system32\drivers\evbda.sys
18:22:01.0793 0x0488  ebdrv - ok
18:22:01.0824 0x0488  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] EFS             C:\Windows\System32\lsass.exe
18:22:01.0840 0x0488  EFS - ok
18:22:01.0855 0x0488  [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
18:22:01.0855 0x0488  EhStorClass - ok
18:22:01.0871 0x0488  [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
18:22:01.0871 0x0488  EhStorTcgDrv - ok
18:22:01.0887 0x0488  [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev          C:\Windows\System32\drivers\errdev.sys
18:22:01.0887 0x0488  ErrDev - ok
18:22:01.0949 0x0488  [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem     C:\Windows\system32\es.dll
18:22:01.0949 0x0488  EventSystem - ok
18:22:02.0058 0x0488  [ 933723A47E9B7B22208F79F0F40A249A, EFD22310737743E213D59DCF07C04B5E2DE7F7ABFED23D98DE8525A6256914D0 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
18:22:02.0090 0x0488  EvtEng - ok
18:22:02.0121 0x0488  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat           C:\Windows\system32\drivers\exfat.sys
18:22:02.0121 0x0488  exfat - ok
18:22:02.0137 0x0488  [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:22:02.0137 0x0488  fastfat - ok
18:22:02.0183 0x0488  [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax             C:\Windows\system32\fxssvc.exe
18:22:02.0199 0x0488  Fax - ok
18:22:02.0230 0x0488  [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc             C:\Windows\System32\drivers\fdc.sys
18:22:02.0230 0x0488  fdc - ok
18:22:02.0246 0x0488  [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost         C:\Windows\system32\fdPHost.dll
18:22:02.0246 0x0488  fdPHost - ok
18:22:02.0262 0x0488  [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:22:02.0262 0x0488  FDResPub - ok
18:22:02.0308 0x0488  [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc           C:\Windows\system32\fhsvc.dll
18:22:02.0308 0x0488  fhsvc - ok
18:22:02.0324 0x0488  [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:22:02.0340 0x0488  FileInfo - ok
18:22:02.0355 0x0488  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:22:02.0355 0x0488  Filetrace - ok
18:22:02.0371 0x0488  [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
18:22:02.0371 0x0488  flpydisk - ok
18:22:02.0402 0x0488  [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:22:02.0402 0x0488  FltMgr - ok
18:22:02.0496 0x0488  [ 0BCDC0FF11B984162B0CF0FF6E9E0146, D44A3CECBA36B7A64854E244FA6B5E65047896BF9983D20B431410FBBA36697A ] FontCache       C:\Windows\system32\FntCache.dll
18:22:02.0527 0x0488  FontCache - ok
18:22:02.0605 0x0488  [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:22:02.0605 0x0488  FontCache3.0.0.0 - ok
18:22:02.0637 0x0488  [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:22:02.0637 0x0488  FsDepends - ok
18:22:02.0652 0x0488  [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:22:02.0652 0x0488  Fs_Rec - ok
18:22:02.0715 0x0488  [ C1646A95EAC515F60CDB2A7A8A013C1E, F559B83C02B17265EDE95DD497C1A94E402F07EC251FC47449F789907AFFED14 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:22:02.0715 0x0488  fvevol - ok
18:22:02.0746 0x0488  [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
18:22:02.0762 0x0488  FxPPM - ok
18:22:02.0777 0x0488  [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
18:22:02.0777 0x0488  gagp30kx - ok
18:22:02.0887 0x0488  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
18:22:02.0887 0x0488  GamesAppService - ok
18:22:02.0934 0x0488  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:22:02.0934 0x0488  GEARAspiWDM - ok
18:22:02.0949 0x0488  [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
18:22:02.0949 0x0488  gencounter - ok
18:22:02.0996 0x0488  [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
18:22:02.0996 0x0488  GPIOClx0101 - ok
18:22:03.0058 0x0488  [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:22:03.0090 0x0488  gpsvc - ok
18:22:03.0168 0x0488  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:22:03.0183 0x0488  gupdate - ok
18:22:03.0183 0x0488  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:22:03.0183 0x0488  gupdatem - ok
18:22:03.0246 0x0488  [ 630555943E5A3FE21010CE91EC7FC84F, 20D7247A4363EE9E851501D89A466564ADCAEC304DE42280E4E09AD8499436A9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:22:03.0262 0x0488  HdAudAddService - ok
18:22:03.0293 0x0488  [ 58CC013EFA9893057160EDA018D8ADCE, BE8AA220CFBD90202C1B130DF349C3198E3447F3C2DC7BC5FC8816F57F78BA00 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
18:22:03.0309 0x0488  HDAudBus - ok
18:22:03.0340 0x0488  [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
18:22:03.0340 0x0488  HidBatt - ok
18:22:03.0371 0x0488  [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth          C:\Windows\System32\drivers\hidbth.sys
18:22:03.0387 0x0488  HidBth - ok
18:22:03.0434 0x0488  [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
18:22:03.0434 0x0488  hidi2c - ok
18:22:03.0449 0x0488  [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr           C:\Windows\System32\drivers\hidir.sys
18:22:03.0449 0x0488  HidIr - ok
18:22:03.0480 0x0488  [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv         C:\Windows\system32\hidserv.dll
18:22:03.0496 0x0488  hidserv - ok
18:22:03.0512 0x0488  [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
18:22:03.0512 0x0488  HidUsb - ok
18:22:03.0543 0x0488  [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:22:03.0559 0x0488  hkmsvc - ok
18:22:03.0605 0x0488  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:22:03.0621 0x0488  HomeGroupListener - ok
18:22:03.0668 0x0488  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:22:03.0684 0x0488  HomeGroupProvider - ok
18:22:03.0699 0x0488  [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:22:03.0699 0x0488  HpSAMD - ok
18:22:03.0762 0x0488  [ F4A91D985EB9D1D2717D538F3424603C, 454AD2FF3A7963B9835AEF300F6672F92D0CCF59593BA2CCC83F0EC1446BB659 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:22:03.0777 0x0488  HTTP - ok
18:22:03.0793 0x0488  [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:22:03.0793 0x0488  hwpolicy - ok
18:22:03.0809 0x0488  [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
18:22:03.0809 0x0488  hyperkbd - ok
18:22:03.0824 0x0488  [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
18:22:03.0824 0x0488  HyperVideo - ok
18:22:03.0840 0x0488  [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
18:22:03.0840 0x0488  i8042prt - ok
18:22:03.0902 0x0488  [ F5A9FBAE160BD1837C2F1B85324A6762, 49D819127BEA098A229BF5024FEA169413E65659A8ADE6D9A6B88EBAF46D6B24 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
18:22:03.0918 0x0488  iaStorA - ok
18:22:03.0996 0x0488  [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:22:04.0012 0x0488  iaStorV - ok
18:22:04.0074 0x0488  [ C430482AC892D52CED021EDDD4D368A2, C54C12EAC14F40BE3E7D7159F8876A664D00CA928000E25306071D28B52EA33A ] iBtFltCoex      C:\Windows\system32\DRIVERS\iBtFltCoex.sys
18:22:04.0074 0x0488  iBtFltCoex - ok
18:22:04.0371 0x0488  [ 28388795BDF79464E8FDADB127671734, 4C740A8E35462C051DE3166BF87F5061518F589D8BCF4C36247FEC4903231593 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
18:22:04.0512 0x0488  igfx - ok
18:22:04.0527 0x0488  [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
18:22:04.0527 0x0488  iirsp - ok
18:22:04.0605 0x0488  [ 644D7E4EAC8D5CE757435FA98A7BDA50, 7C91F6E75B148E69BF701F0152CDBF8FB94009935EE97F5208560E1E8FEDA4DB ] IKEEXT          C:\Windows\System32\ikeext.dll
18:22:04.0637 0x0488  IKEEXT - ok
18:22:04.0668 0x0488  [ FD2032D2EAE8D7F3381EBA5FA3E7FEEA, 46D1DC6A44E20339AD9195EE7CC719DC9BC99C78F8C74E730B671F0D78B9C683 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
18:22:04.0668 0x0488  intaud_WaveExtensible - ok
18:22:04.0824 0x0488  [ 8E84907538865C4854552E979B80C0DA, A07584E156C9F0C8ACBC05F210929625BFA6563D6881CAC9118FF569BF727E56 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:22:04.0902 0x0488  IntcAzAudAddService - ok
18:22:04.0934 0x0488  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
18:22:04.0949 0x0488  IntcDAud - ok
18:22:04.0996 0x0488  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
18:22:05.0012 0x0488  Intel(R) Capability Licensing Service Interface - ok
18:22:05.0105 0x0488  [ 30E9FAC23E2537D82F2836CB81AEE186, 03E5072D43ECED70EF004D2E6E654B4CCCE059825CC3C641C0534E4C0BC0C7E8 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
18:22:05.0105 0x0488  Intel(R) ME Service - ok
18:22:05.0137 0x0488  [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:22:05.0137 0x0488  intelide - ok
18:22:05.0449 0x0488  [ 28388795BDF79464E8FDADB127671734, 4C740A8E35462C051DE3166BF87F5061518F589D8BCF4C36247FEC4903231593 ] intelkmd        C:\Windows\system32\DRIVERS\igdpmd64.sys
18:22:05.0605 0x0488  intelkmd - ok
18:22:05.0652 0x0488  [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
18:22:05.0668 0x0488  intelppm - ok
18:22:05.0699 0x0488  [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:22:05.0699 0x0488  IpFilterDriver - ok
18:22:05.0762 0x0488  [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:22:05.0777 0x0488  iphlpsvc - ok
18:22:05.0809 0x0488  [ A4071DA3AE419F9694BFCB267C7DB8D7, 392DEE1DA51606C29418A98D2861F115E9F67C688B4281C53E87BA73A98809FB ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
18:22:05.0809 0x0488  IPMIDRV - ok
18:22:05.0824 0x0488  [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:22:05.0840 0x0488  IPNAT - ok
18:22:05.0887 0x0488  [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:22:05.0902 0x0488  iPod Service - ok
18:22:05.0918 0x0488  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:22:05.0918 0x0488  IRENUM - ok
18:22:05.0934 0x0488  [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:22:05.0949 0x0488  isapnp - ok
18:22:05.0996 0x0488  [ E6530FD4F61B40F338BF4355A21B9A09, FE9BF039B9901BEC260A69F7C49ACFA9881AD470DCCBA70C7EC36F518DA71702 ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
18:22:06.0012 0x0488  iScsiPrt - ok
18:22:06.0027 0x0488  [ C59B9CE2855E667809F9E63C20FC44A5, 36C71CDAB84296E408F29588E1993B6E2016841435C6F2CABBB716A2E2947BA8 ] iwdbus          C:\Windows\System32\drivers\iwdbus.sys
18:22:06.0027 0x0488  iwdbus - ok
18:22:06.0059 0x0488  [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
18:22:06.0059 0x0488  jhi_service - ok
18:22:06.0074 0x0488  [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
18:22:06.0074 0x0488  kbdclass - ok
18:22:06.0106 0x0488  [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
18:22:06.0106 0x0488  kbdhid - ok
18:22:06.0106 0x0488  [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
18:22:06.0106 0x0488  kdnic - ok
18:22:06.0121 0x0488  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] KeyIso          C:\Windows\system32\lsass.exe
18:22:06.0121 0x0488  KeyIso - ok
18:22:06.0152 0x0488  [ 795EC29BA21F1D948FD6FD740C00B599, 780900717A812C5DB78C67057010BD62DF2C756C087599A6F8C67CB4EFA7518C ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
18:22:06.0152 0x0488  kl1 - ok
18:22:06.0199 0x0488  [ F2EB9202FCCC81E0902D3C5A70037A44, 9554851BB68228500E69536B0C484B32FC92B85A76A7F1F268549212D0D5CFCA ] klelam          C:\Windows\system32\DRIVERS\klelam.sys
18:22:06.0199 0x0488  klelam - ok
18:22:06.0262 0x0488  [ E2C39E0FF41CAB5FA94CEFF7EA664103, EBD502679519C436217E0EB5A72084D23EBC4FEBE285DE144C50B14EC981DDBC ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
18:22:06.0293 0x0488  KLIF - ok
18:22:06.0309 0x0488  [ B6822DEFE601629F19E0A2D7F0D623F2, FD71A2AA3FC4698B5436D185E2F2A3EB6A111AE8F35606E1658E2D18CE744F13 ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
18:22:06.0309 0x0488  KLIM6 - ok
18:22:06.0356 0x0488  [ AEEC4E904850525C4D4552AF4A971BA3, C8E5267A5CE244096162118DFE72D2EA494DD34ECAEC74B7EB0DF770761E06C0 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
18:22:06.0356 0x0488  klkbdflt - ok
18:22:06.0371 0x0488  [ 8849D8F6259D3494E8C5C9482EE40A08, 62C60FD28916407AEF3C4F8B8FF7E5FCDFAE261E772E672E3E06F0D0CA6D6729 ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
18:22:06.0371 0x0488  klmouflt - ok
18:22:06.0387 0x0488  [ 781EFBB7BDE229C1615892E2A2D98721, 82D017AE1ADE75075F83B62256A9DC14F6D764ADF6E79CF2717854BCA5F5F1C5 ] klwfp           C:\Windows\system32\DRIVERS\klwfp.sys
18:22:06.0387 0x0488  klwfp - ok
18:22:06.0418 0x0488  [ 0E71FAED99892750DFE1C5237A6F8FE6, 786FEEEF637BC89FDED3DDEA2563144C7128E7C9582261B23F16B98D69149088 ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
18:22:06.0418 0x0488  kneps - ok
18:22:06.0465 0x0488  [ 8B3EB6372436195B8EA8AE09A184BCE2, 9AFB7A9D6AEEBF5994C85B355155024768116E2D537C9FA169BC3F4594ECD35C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:22:06.0481 0x0488  KSecDD - ok
18:22:06.0512 0x0488  [ 0EB535ADDC065F2D0CBFC089630A6065, F6DD544227A5B7A0C80E401EB5461963567A24834C60AF520FBABC1A9FB4E631 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:22:06.0527 0x0488  KSecPkg - ok
18:22:06.0543 0x0488  [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:22:06.0543 0x0488  ksthunk - ok
18:22:06.0606 0x0488  [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:22:06.0621 0x0488  KtmRm - ok
18:22:06.0668 0x0488  [ 05A5B36592BB5F371B6AB020A2691E42, 384230A10EA0394E260282509B7D8EFCBFF8814611F6EFAB2DD346B97963EC55 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:22:06.0684 0x0488  LanmanServer - ok
18:22:06.0731 0x0488  [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:22:06.0746 0x0488  LanmanWorkstation - ok
18:22:06.0762 0x0488  [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:22:06.0762 0x0488  lltdio - ok
18:22:06.0793 0x0488  [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:22:06.0809 0x0488  lltdsvc - ok
18:22:06.0824 0x0488  [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:22:06.0824 0x0488  lmhosts - ok
18:22:06.0856 0x0488  [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:22:06.0871 0x0488  LMS - ok
18:22:06.0887 0x0488  [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
18:22:06.0902 0x0488  LSI_SAS - ok
18:22:06.0902 0x0488  [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
18:22:06.0902 0x0488  LSI_SAS2 - ok
18:22:06.0918 0x0488  [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
18:22:06.0918 0x0488  LSI_SCSI - ok
18:22:06.0918 0x0488  [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
18:22:06.0918 0x0488  LSI_SSS - ok
18:22:07.0012 0x0488  [ 1DC9B701F8EB7D67774035AC9C3104F6, 77371267CDA605F78674BF8FA14B134B22299CD96EADA60A68762207595F0B46 ] LSM             C:\Windows\System32\lsm.dll
18:22:07.0027 0x0488  LSM - ok
18:22:07.0043 0x0488  [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv           C:\Windows\system32\drivers\luafv.sys
18:22:07.0059 0x0488  luafv - ok
18:22:07.0199 0x0488  [ 8A7F33C3B8D9FCAA69803E3DE05BE216, D8504A752D3F74A5BEF7B250AD00B481591DC854C9A019C6A87C606C165B27B6 ] McComponentHostServiceSony C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe
18:22:07.0215 0x0488  McComponentHostServiceSony - ok
18:22:07.0262 0x0488  [ 2C696ACBBBFFF7D25C1F468087FEB561, 6D463E26252E75CB6ADF023DBF645471E0B1BDA21D82BC1A4EE427249630CAEA ] McOobeSv2       C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
18:22:07.0277 0x0488  McOobeSv2 - ok
18:22:07.0277 0x0488  [ 2C696ACBBBFFF7D25C1F468087FEB561, 6D463E26252E75CB6ADF023DBF645471E0B1BDA21D82BC1A4EE427249630CAEA ] mcpltsvc        C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
18:22:07.0293 0x0488  mcpltsvc - ok
18:22:07.0309 0x0488  [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas         C:\Windows\system32\drivers\megasas.sys
18:22:07.0309 0x0488  megasas - ok
18:22:07.0324 0x0488  [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
18:22:07.0340 0x0488  MegaSR - ok
18:22:07.0356 0x0488  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\Windows\System32\drivers\HECIx64.sys
18:22:07.0356 0x0488  MEIx64 - ok
18:22:07.0387 0x0488  [ B574522827D94126C03975FD53F0B26B, AC8AD3FFFCAE94F4F03AD08C97C70FCCB71B001940AAC14FE30EB123C6261E76 ] mfeapfk         C:\Windows\system32\drivers\mfeapfk.sys
18:22:07.0402 0x0488  mfeapfk - ok
18:22:07.0418 0x0488  [ B393753ECE9A9E2307CB1984ACF3DA9D, FE6B7A417E40C5D420A0F57619ECB31349C862EE5EDADF262BD27111964A943A ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
18:22:07.0434 0x0488  mfeavfk - ok
18:22:07.0481 0x0488  [ 97C398750C8E80A48EB63999546F796E, 75A7F556366A048B6A834B4979E4FC0ADBE504B1D23A5A7E55FE96A20143475A ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
18:22:07.0481 0x0488  mfefire - ok
18:22:07.0527 0x0488  [ C52A1ABF03DD219375EA0F6A8BE941C3, CDE46E1BDDFB3D49AD2C1F246F186C8E8DCCC2866C5F2F2693B9484AF64501A2 ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys
18:22:07.0527 0x0488  mfefirek - ok
18:22:07.0574 0x0488  [ 7092A6C6158FC4F5AA39EBEB9D5AF03D, 0595F3ECA563636019A6138BE9E2D275D4A44F361ED6C7A2D4290B7E1D961766 ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
18:22:07.0590 0x0488  mfehidk - ok
18:22:07.0590 0x0488  mfeicfcoreocp - ok
18:22:07.0621 0x0488  [ 04D48692EFF181DA46DD8EA8BE9FFB2B, D2F2AFB22C7A1499CB48008A036BE0239266B7DE07530DA768D7B1305518C108 ] mfevtp          C:\Windows\system32\mfevtps.exe
18:22:07.0637 0x0488  mfevtp - ok
18:22:07.0668 0x0488  [ 1631E2DA6C4B47D97ECA94842836592E, BFFC42314DBD332C4C4C777994766D91B859B72483F961B2C98FF25BFDE073A9 ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
18:22:07.0668 0x0488  mfewfpk - ok
18:22:07.0762 0x0488  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
18:22:07.0762 0x0488  Microsoft Office Groove Audit Service - ok
18:22:07.0809 0x0488  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS           C:\Windows\system32\mmcss.dll
18:22:07.0809 0x0488  MMCSS - ok
18:22:07.0840 0x0488  [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem           C:\Windows\system32\drivers\modem.sys
18:22:07.0840 0x0488  Modem - ok
18:22:07.0887 0x0488  [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor         C:\Windows\System32\drivers\monitor.sys
18:22:07.0887 0x0488  monitor - ok
18:22:07.0887 0x0488  [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
18:22:07.0902 0x0488  mouclass - ok
18:22:07.0934 0x0488  [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid          C:\Windows\System32\drivers\mouhid.sys
18:22:07.0934 0x0488  mouhid - ok
18:22:07.0981 0x0488  [ E7E9DBFDD3F25ED0C05B99AE9FA18BDE, 6D0204BA271FD3262DAE6E6BF9C12C0D49E3C9AF40EB1E072BD5CA5E2B8598D5 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:22:07.0981 0x0488  mountmgr - ok
18:22:08.0043 0x0488  [ 81E8AF6407EC3F41908FE37F054353EA, 756C7656ED68AEAE4225E952ED1CED0717264D3378DB8DF0B2D70B6EBC67C62F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:22:08.0043 0x0488  MozillaMaintenance - ok
18:22:08.0106 0x0488  [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:22:08.0106 0x0488  mpsdrv - ok
18:22:08.0199 0x0488  [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:22:08.0231 0x0488  MpsSvc - ok
18:22:08.0262 0x0488  [ 25560C1656DC7F0723A0CC0B0E1C6BED, 17E8565B833ED58CCB6F85B90A42553464C4408C54006E019AA5641EDB682E31 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:22:08.0262 0x0488  MRxDAV - ok
18:22:08.0324 0x0488  [ 14EE56050E1637926F5CFA65B1F4209B, C654280B4BB461898B43DF350B5BB76C2FDEBD6B49A19D08B2F28D92E2FA3D0D ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:22:08.0340 0x0488  mrxsmb - ok
18:22:08.0371 0x0488  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:22:08.0371 0x0488  mrxsmb10 - ok
18:22:08.0418 0x0488  [ 0AA400AB21745F1153ECE75E0186509A, E26696A00008BB8D88ABED6F379FFFAE21ACE9AA7108D9E89A7D99CAF2F23FEF ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:22:08.0434 0x0488  mrxsmb20 - ok
18:22:08.0449 0x0488  [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
18:22:08.0465 0x0488  MsBridge - ok
18:22:08.0481 0x0488  [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC           C:\Windows\System32\msdtc.exe
18:22:08.0496 0x0488  MSDTC - ok
18:22:08.0528 0x0488  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:22:08.0528 0x0488  Msfs - ok
18:22:08.0574 0x0488  [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
18:22:08.0574 0x0488  msgpiowin32 - ok
18:22:08.0590 0x0488  [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:22:08.0590 0x0488  mshidkmdf - ok
18:22:08.0606 0x0488  [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
18:22:08.0606 0x0488  mshidumdf - ok
18:22:08.0622 0x0488  [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:22:08.0622 0x0488  msisadrv - ok
18:22:08.0654 0x0488  [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:22:08.0669 0x0488  MSiSCSI - ok
18:22:08.0669 0x0488  msiserver - ok
18:22:08.0685 0x0488  [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:22:08.0685 0x0488  MSKSSRV - ok
18:22:08.0700 0x0488  [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
18:22:08.0700 0x0488  MsLldp - ok
18:22:08.0716 0x0488  [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:22:08.0716 0x0488  MSPCLOCK - ok
18:22:08.0716 0x0488  [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:22:08.0716 0x0488  MSPQM - ok
18:22:08.0747 0x0488  [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:22:08.0747 0x0488  MsRPC - ok
18:22:08.0763 0x0488  [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
18:22:08.0763 0x0488  mssmbios - ok
18:22:08.0779 0x0488  [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:22:08.0779 0x0488  MSTEE - ok
18:22:08.0779 0x0488  [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
18:22:08.0779 0x0488  MTConfig - ok
18:22:08.0794 0x0488  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup             C:\Windows\system32\Drivers\mup.sys
18:22:08.0794 0x0488  Mup - ok
18:22:08.0810 0x0488  [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
18:22:08.0825 0x0488  mvumis - ok
18:22:08.0857 0x0488  [ D8C1FE237762249C879760E7F3ABFC1F, 81FB26AF560E7F73A7CB0AC53ECF991C20701B6117C436197B75C3F1F0417BEC ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
18:22:08.0857 0x0488  MyWiFiDHCPDNS - ok
18:22:08.0904 0x0488  [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent        C:\Windows\system32\qagentRT.dll
18:22:08.0904 0x0488  napagent - ok
18:22:08.0935 0x0488  [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:22:08.0935 0x0488  NativeWifiP - ok
18:22:08.0982 0x0488  [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc          C:\Windows\System32\ncasvc.dll
18:22:08.0982 0x0488  NcaSvc - ok
18:22:08.0982 0x0488  [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
18:22:08.0982 0x0488  NcdAutoSetup - ok
18:22:09.0060 0x0488  [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:22:09.0091 0x0488  NDIS - ok
18:22:09.0091 0x0488  [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:22:09.0091 0x0488  NdisCap - ok
18:22:09.0122 0x0488  [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
18:22:09.0122 0x0488  NdisImPlatform - ok
18:22:09.0154 0x0488  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:22:09.0154 0x0488  NdisTapi - ok
18:22:09.0169 0x0488  [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:22:09.0185 0x0488  Ndisuio - ok
18:22:09.0185 0x0488  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:22:09.0185 0x0488  NdisWan - ok
18:22:09.0200 0x0488  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY   C:\Windows\system32\DRIVERS\ndiswan.sys
18:22:09.0216 0x0488  NDISWANLEGACY - ok
18:22:09.0263 0x0488  [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:22:09.0263 0x0488  NDProxy - ok
18:22:09.0294 0x0488  [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu             C:\Windows\system32\drivers\Ndu.sys
18:22:09.0294 0x0488  Ndu - ok
18:22:09.0310 0x0488  [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:22:09.0310 0x0488  NetBIOS - ok
18:22:09.0357 0x0488  [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:22:09.0372 0x0488  NetBT - ok
18:22:09.0388 0x0488  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] Netlogon        C:\Windows\system32\lsass.exe
18:22:09.0388 0x0488  Netlogon - ok
18:22:09.0419 0x0488  [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman          C:\Windows\System32\netman.dll
18:22:09.0435 0x0488  Netman - ok
18:22:09.0482 0x0488  [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm        C:\Windows\System32\netprofmsvc.dll
18:22:09.0497 0x0488  netprofm - ok
18:22:09.0560 0x0488  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:22:09.0560 0x0488  NetTcpPortSharing - ok
18:22:09.0763 0x0488  [ 8CEF52F56EE6E9C4DDD374CE8E2E3DC6, F2722906909F1C2B1A33B004B72070D171676B5C2B402B635F2A55994475DB95 ] NETwNe64        C:\Windows\system32\DRIVERS\NETwew00.sys
18:22:09.0825 0x0488  NETwNe64 - ok
18:22:09.0950 0x0488  [ 109413059775750CE8248A491834514E, F8665953F9E5EA3FA1B1020C0DA7DF1F82D97D204D6D9A32B81F48534903B098 ] NetworkSupport  C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe
18:22:09.0982 0x0488  NetworkSupport - ok
18:22:10.0013 0x0488  [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
18:22:10.0013 0x0488  nfrd960 - ok
18:22:10.0075 0x0488  [ 5177E35B186D2DED6F1EFF57BA61B975, B48C2E0FE2E95C37697107BDB8E0843D3E56200D2E242BF02E205C53978655D9 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:22:10.0091 0x0488  NlaSvc - ok
18:22:10.0107 0x0488  [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:22:10.0107 0x0488  Npfs - ok
18:22:10.0122 0x0488  [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
18:22:10.0122 0x0488  npsvctrig - ok
18:22:10.0138 0x0488  [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi             C:\Windows\system32\nsisvc.dll
18:22:10.0154 0x0488  nsi - ok
18:22:10.0169 0x0488  [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:22:10.0169 0x0488  nsiproxy - ok
18:22:10.0279 0x0488  [ 7BE3EDFFA3216F989A6BDCB14795DD08, 19A2D0120C46CA9BCFBC16DC3E65687ACDDCBA33B79128188652BA2AFAA2EE2F ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:22:10.0325 0x0488  Ntfs - ok
18:22:10.0341 0x0488  [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null            C:\Windows\system32\drivers\Null.sys
18:22:10.0341 0x0488  Null - ok
18:22:10.0732 0x0488  [ F648FE6BCE0AAD9E5EA63C8BE9AD90E3, F4885B42FCE7D838B7640EB9CF81135F9D637E7CD7A016894AD2F24450FA91BD ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:22:10.0966 0x0488  nvlddmkm - ok
18:22:11.0013 0x0488  [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:22:11.0029 0x0488  nvraid - ok
18:22:11.0029 0x0488  [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:22:11.0029 0x0488  nvstor - ok
18:22:11.0044 0x0488  [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:22:11.0044 0x0488  nv_agp - ok
18:22:11.0154 0x0488  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:22:11.0169 0x0488  odserv - ok
18:22:11.0216 0x0488  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:22:11.0216 0x0488  ose - ok
18:22:11.0263 0x0488  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:22:11.0279 0x0488  p2pimsvc - ok
18:22:11.0310 0x0488  [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc          C:\Windows\system32\p2psvc.dll
18:22:11.0326 0x0488  p2psvc - ok
18:22:11.0341 0x0488  [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport         C:\Windows\System32\drivers\parport.sys
18:22:11.0341 0x0488  Parport - ok

Sorry Datei war zu groß. Musste es nochmal wiederholen.
Erste Teil

Code:

ATTFilter

18:34:45.0414 0x0ad0  [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor         C:\Windows\System32\drivers\monitor.sys
18:34:45.0414 0x0ad0  monitor - ok
18:34:45.0429 0x0ad0  [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
18:34:45.0429 0x0ad0  mouclass - ok
18:34:45.0461 0x0ad0  [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid          C:\Windows\System32\drivers\mouhid.sys
18:34:45.0461 0x0ad0  mouhid - ok
18:34:45.0508 0x0ad0  [ E7E9DBFDD3F25ED0C05B99AE9FA18BDE, 6D0204BA271FD3262DAE6E6BF9C12C0D49E3C9AF40EB1E072BD5CA5E2B8598D5 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:34:45.0508 0x0ad0  mountmgr - ok
18:34:45.0570 0x0ad0  [ 81E8AF6407EC3F41908FE37F054353EA, 756C7656ED68AEAE4225E952ED1CED0717264D3378DB8DF0B2D70B6EBC67C62F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:34:45.0570 0x0ad0  MozillaMaintenance - ok
18:34:45.0617 0x0ad0  [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:34:45.0617 0x0ad0  mpsdrv - ok
18:34:45.0679 0x0ad0  [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:34:45.0695 0x0ad0  MpsSvc - ok
18:34:45.0742 0x0ad0  [ 25560C1656DC7F0723A0CC0B0E1C6BED, 17E8565B833ED58CCB6F85B90A42553464C4408C54006E019AA5641EDB682E31 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:34:45.0742 0x0ad0  MRxDAV - ok
18:34:45.0804 0x0ad0  [ 14EE56050E1637926F5CFA65B1F4209B, C654280B4BB461898B43DF350B5BB76C2FDEBD6B49A19D08B2F28D92E2FA3D0D ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:34:45.0820 0x0ad0  mrxsmb - ok
18:34:45.0867 0x0ad0  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:34:45.0883 0x0ad0  mrxsmb10 - ok
18:34:45.0929 0x0ad0  [ 0AA400AB21745F1153ECE75E0186509A, E26696A00008BB8D88ABED6F379FFFAE21ACE9AA7108D9E89A7D99CAF2F23FEF ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:34:45.0929 0x0ad0  mrxsmb20 - ok
18:34:45.0961 0x0ad0  [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
18:34:45.0961 0x0ad0  MsBridge - ok
18:34:45.0976 0x0ad0  [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC           C:\Windows\System32\msdtc.exe
18:34:45.0992 0x0ad0  MSDTC - ok
18:34:46.0008 0x0ad0  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:34:46.0008 0x0ad0  Msfs - ok
18:34:46.0054 0x0ad0  [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
18:34:46.0054 0x0ad0  msgpiowin32 - ok
18:34:46.0070 0x0ad0  [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:34:46.0070 0x0ad0  mshidkmdf - ok
18:34:46.0086 0x0ad0  [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
18:34:46.0086 0x0ad0  mshidumdf - ok
18:34:46.0101 0x0ad0  [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:34:46.0101 0x0ad0  msisadrv - ok
18:34:46.0148 0x0ad0  [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:34:46.0148 0x0ad0  MSiSCSI - ok
18:34:46.0148 0x0ad0  msiserver - ok
18:34:46.0164 0x0ad0  [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:34:46.0164 0x0ad0  MSKSSRV - ok
18:34:46.0195 0x0ad0  [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
18:34:46.0195 0x0ad0  MsLldp - ok
18:34:46.0195 0x0ad0  [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:34:46.0195 0x0ad0  MSPCLOCK - ok
18:34:46.0195 0x0ad0  [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:34:46.0195 0x0ad0  MSPQM - ok
18:34:46.0258 0x0ad0  [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:34:46.0258 0x0ad0  MsRPC - ok
18:34:46.0289 0x0ad0  [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
18:34:46.0289 0x0ad0  mssmbios - ok
18:34:46.0320 0x0ad0  [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:34:46.0320 0x0ad0  MSTEE - ok
18:34:46.0367 0x0ad0  [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
18:34:46.0367 0x0ad0  MTConfig - ok
18:34:46.0398 0x0ad0  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup             C:\Windows\system32\Drivers\mup.sys
18:34:46.0398 0x0ad0  Mup - ok
18:34:46.0414 0x0ad0  [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
18:34:46.0414 0x0ad0  mvumis - ok
18:34:46.0445 0x0ad0  [ D8C1FE237762249C879760E7F3ABFC1F, 81FB26AF560E7F73A7CB0AC53ECF991C20701B6117C436197B75C3F1F0417BEC ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
18:34:46.0461 0x0ad0  MyWiFiDHCPDNS - ok
18:34:46.0508 0x0ad0  [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent        C:\Windows\system32\qagentRT.dll
18:34:46.0523 0x0ad0  napagent - ok
18:34:46.0554 0x0ad0  [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:34:46.0570 0x0ad0  NativeWifiP - ok
18:34:46.0601 0x0ad0  [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc          C:\Windows\System32\ncasvc.dll
18:34:46.0617 0x0ad0  NcaSvc - ok
18:34:46.0633 0x0ad0  [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
18:34:46.0633 0x0ad0  NcdAutoSetup - ok
18:34:46.0695 0x0ad0  [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:34:46.0711 0x0ad0  NDIS - ok
18:34:46.0726 0x0ad0  [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:34:46.0726 0x0ad0  NdisCap - ok
18:34:46.0758 0x0ad0  [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
18:34:46.0758 0x0ad0  NdisImPlatform - ok
18:34:46.0805 0x0ad0  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:34:46.0805 0x0ad0  NdisTapi - ok
18:34:46.0820 0x0ad0  [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:34:46.0820 0x0ad0  Ndisuio - ok
18:34:46.0851 0x0ad0  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:34:46.0851 0x0ad0  NdisWan - ok
18:34:46.0851 0x0ad0  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY   C:\Windows\system32\DRIVERS\ndiswan.sys
18:34:46.0867 0x0ad0  NDISWANLEGACY - ok
18:34:46.0914 0x0ad0  [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:34:46.0914 0x0ad0  NDProxy - ok
18:34:46.0945 0x0ad0  [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu             C:\Windows\system32\drivers\Ndu.sys
18:34:46.0945 0x0ad0  Ndu - ok
18:34:46.0976 0x0ad0  [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:34:46.0976 0x0ad0  NetBIOS - ok
18:34:47.0008 0x0ad0  [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:34:47.0008 0x0ad0  NetBT - ok
18:34:47.0023 0x0ad0  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] Netlogon        C:\Windows\system32\lsass.exe
18:34:47.0023 0x0ad0  Netlogon - ok
18:34:47.0055 0x0ad0  [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman          C:\Windows\System32\netman.dll
18:34:47.0055 0x0ad0  Netman - ok
18:34:47.0117 0x0ad0  [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm        C:\Windows\System32\netprofmsvc.dll
18:34:47.0117 0x0ad0  netprofm - ok
18:34:47.0180 0x0ad0  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:34:47.0195 0x0ad0  NetTcpPortSharing - ok
18:34:47.0351 0x0ad0  [ 8CEF52F56EE6E9C4DDD374CE8E2E3DC6, F2722906909F1C2B1A33B004B72070D171676B5C2B402B635F2A55994475DB95 ] NETwNe64        C:\Windows\system32\DRIVERS\NETwew00.sys
18:34:47.0430 0x0ad0  NETwNe64 - ok
18:34:47.0555 0x0ad0  [ 109413059775750CE8248A491834514E, F8665953F9E5EA3FA1B1020C0DA7DF1F82D97D204D6D9A32B81F48534903B098 ] NetworkSupport  C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe
18:34:47.0570 0x0ad0  NetworkSupport - ok
18:34:47.0601 0x0ad0  [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
18:34:47.0601 0x0ad0  nfrd960 - ok
18:34:47.0664 0x0ad0  [ 5177E35B186D2DED6F1EFF57BA61B975, B48C2E0FE2E95C37697107BDB8E0843D3E56200D2E242BF02E205C53978655D9 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:34:47.0680 0x0ad0  NlaSvc - ok
18:34:47.0711 0x0ad0  [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:34:47.0711 0x0ad0  Npfs - ok
18:34:47.0726 0x0ad0  [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
18:34:47.0726 0x0ad0  npsvctrig - ok
18:34:47.0742 0x0ad0  [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi             C:\Windows\system32\nsisvc.dll
18:34:47.0742 0x0ad0  nsi - ok
18:34:47.0773 0x0ad0  [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:34:47.0773 0x0ad0  nsiproxy - ok
18:34:47.0867 0x0ad0  [ 7BE3EDFFA3216F989A6BDCB14795DD08, 19A2D0120C46CA9BCFBC16DC3E65687ACDDCBA33B79128188652BA2AFAA2EE2F ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:34:47.0898 0x0ad0  Ntfs - ok
18:34:47.0914 0x0ad0  [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null            C:\Windows\system32\drivers\Null.sys
18:34:47.0914 0x0ad0  Null - ok
18:34:48.0336 0x0ad0  [ F648FE6BCE0AAD9E5EA63C8BE9AD90E3, F4885B42FCE7D838B7640EB9CF81135F9D637E7CD7A016894AD2F24450FA91BD ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:34:48.0570 0x0ad0  nvlddmkm - ok
18:34:48.0601 0x0ad0  [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:34:48.0601 0x0ad0  nvraid - ok
18:34:48.0617 0x0ad0  [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:34:48.0617 0x0ad0  nvstor - ok
18:34:48.0633 0x0ad0  [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:34:48.0633 0x0ad0  nv_agp - ok
18:34:48.0742 0x0ad0  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:34:48.0758 0x0ad0  odserv - ok
18:34:48.0805 0x0ad0  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:34:48.0805 0x0ad0  ose - ok
18:34:48.0851 0x0ad0  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:34:48.0867 0x0ad0  p2pimsvc - ok
18:34:48.0930 0x0ad0  [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc          C:\Windows\system32\p2psvc.dll
18:34:48.0930 0x0ad0  p2psvc - ok
18:34:48.0977 0x0ad0  [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport         C:\Windows\System32\drivers\parport.sys
18:34:48.0977 0x0ad0  Parport - ok
18:34:49.0008 0x0ad0  [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:34:49.0023 0x0ad0  partmgr - ok
18:34:49.0102 0x0ad0  [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:34:49.0117 0x0ad0  PcaSvc - ok
18:34:49.0180 0x0ad0  [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci             C:\Windows\system32\drivers\pci.sys
18:34:49.0195 0x0ad0  pci - ok
18:34:49.0211 0x0ad0  [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide          C:\Windows\system32\drivers\pciide.sys
18:34:49.0211 0x0ad0  pciide - ok
18:34:49.0242 0x0ad0  [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
18:34:49.0258 0x0ad0  pcmcia - ok
18:34:49.0258 0x0ad0  [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw             C:\Windows\system32\drivers\pcw.sys
18:34:49.0273 0x0ad0  pcw - ok
18:34:49.0305 0x0ad0  [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc             C:\Windows\system32\drivers\pdc.sys
18:34:49.0305 0x0ad0  pdc - ok
18:34:49.0430 0x0ad0  [ 20372BE109FEE1C37E2D5216680DB9EB, 2C3737FB3C6BCF81D0A7293667412DDEA649A8AEA40B7ADCFCB9893E8B3C4AF3 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
18:34:49.0461 0x0ad0  PDF Architect Helper Service - ok
18:34:49.0492 0x0ad0  [ B90A279073A815A4AA2C45A09EE004FA, 9EA27630C47F5FF99CBBE513C113F3ED01FABA0D59B9D9637764027BCC6EA24A ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
18:34:49.0508 0x0ad0  PDF Architect Service - ok
18:34:49.0570 0x0ad0  [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:34:49.0586 0x0ad0  PEAUTH - ok
18:34:49.0695 0x0ad0  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:34:49.0695 0x0ad0  PerfHost - ok
18:34:49.0789 0x0ad0  [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla             C:\Windows\system32\pla.dll
18:34:49.0805 0x0ad0  pla - ok
18:34:49.0852 0x0ad0  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:34:49.0852 0x0ad0  PlugPlay - ok
18:34:49.0867 0x0ad0  [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:34:49.0867 0x0ad0  PNRPAutoReg - ok
18:34:49.0898 0x0ad0  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:34:49.0898 0x0ad0  PNRPsvc - ok
18:34:49.0945 0x0ad0  [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:34:49.0945 0x0ad0  PolicyAgent - ok
18:34:50.0008 0x0ad0  [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power           C:\Windows\system32\umpo.dll
18:34:50.0008 0x0ad0  Power - ok
18:34:50.0039 0x0ad0  [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:34:50.0039 0x0ad0  PptpMiniport - ok
18:34:50.0258 0x0ad0  [ 3D312AC13CB8D05822E9EFD234766BA7, 5914CAA563FAE4E21AD58A262369657135D320788A56ABF15C9D77E9ADC4CA36 ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
18:34:50.0305 0x0ad0  PrintNotify - ok
18:34:50.0352 0x0ad0  [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor       C:\Windows\System32\drivers\processr.sys
18:34:50.0352 0x0ad0  Processor - ok
18:34:50.0398 0x0ad0  [ 1D7127048413309629233B50BF2DD9A6, 918322AFDD576D9966961B111F5E38BDDB4278F9456E7AA1A3453EC8CAF4B8A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:34:50.0398 0x0ad0  ProfSvc - ok
18:34:50.0445 0x0ad0  [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:34:50.0445 0x0ad0  Psched - ok
18:34:50.0477 0x0ad0  [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE           C:\Windows\system32\qwave.dll
18:34:50.0492 0x0ad0  QWAVE - ok
18:34:50.0508 0x0ad0  [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:34:50.0508 0x0ad0  QWAVEdrv - ok
18:34:50.0523 0x0ad0  [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:34:50.0523 0x0ad0  RasAcd - ok
18:34:50.0555 0x0ad0  [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:34:50.0555 0x0ad0  RasAgileVpn - ok
18:34:50.0586 0x0ad0  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto         C:\Windows\System32\rasauto.dll
18:34:50.0586 0x0ad0  RasAuto - ok
18:34:50.0602 0x0ad0  [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:34:50.0602 0x0ad0  Rasl2tp - ok
18:34:50.0617 0x0ad0  [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan          C:\Windows\System32\rasmans.dll
18:34:50.0633 0x0ad0  RasMan - ok
18:34:50.0633 0x0ad0  [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:34:50.0648 0x0ad0  RasPppoe - ok
18:34:50.0664 0x0ad0  [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:34:50.0680 0x0ad0  RasSstp - ok
18:34:50.0711 0x0ad0  [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:34:50.0727 0x0ad0  rdbss - ok
18:34:50.0742 0x0ad0  [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
18:34:50.0742 0x0ad0  rdpbus - ok
18:34:50.0758 0x0ad0  [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
18:34:50.0758 0x0ad0  RDPDR - ok
18:34:50.0820 0x0ad0  [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:34:50.0820 0x0ad0  RdpVideoMiniport - ok
18:34:50.0852 0x0ad0  [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:34:50.0867 0x0ad0  RDPWD - ok
18:34:50.0898 0x0ad0  [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:34:50.0898 0x0ad0  rdyboost - ok
18:34:50.0992 0x0ad0  [ 695C4AC7D0B5002040C7540364C43940, 9DA5455057F11ADA471D0C02A2728490565B27840ACA68577694FAD1CC854ED3 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
18:34:51.0008 0x0ad0  RegSrvc - ok
18:34:51.0023 0x0ad0  [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:34:51.0039 0x0ad0  RemoteAccess - ok
18:34:51.0055 0x0ad0  [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:34:51.0070 0x0ad0  RemoteRegistry - ok
18:34:51.0102 0x0ad0  [ CCBFCABDFE2BC22F0645CEAADDB36004, 279EA9075079F91165027CEFD4FBC61A213CA602EE7DE106F7D2D243468706AA ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
18:34:51.0102 0x0ad0  RFCOMM - ok
18:34:51.0133 0x0ad0  [ B55AECDB72923D649F4A3F0FE99C254C, EB63DCB8D29495A8AC3C0DF8703C24FE1D00E19C570FBE29EB3E1DB3D55F49F4 ] rimssne         C:\Windows\System32\drivers\rimssne64.sys
18:34:51.0133 0x0ad0  rimssne - ok
18:34:51.0164 0x0ad0  [ 777C56F8E226B9AAF57B000EA75C3920, 789F239F17DD1D1A391B0F34EAAD3142407AF849015ACB58973C3AED9F9D5D3D ] risdsnxc        C:\Windows\System32\drivers\risdsnxc64.sys
18:34:51.0164 0x0ad0  risdsnxc - ok
18:34:51.0195 0x0ad0  [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:34:51.0195 0x0ad0  RpcEptMapper - ok
18:34:51.0227 0x0ad0  [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator      C:\Windows\system32\locator.exe
18:34:51.0227 0x0ad0  RpcLocator - ok
18:34:51.0273 0x0ad0  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs           C:\Windows\system32\rpcss.dll
18:34:51.0289 0x0ad0  RpcSs - ok
18:34:51.0320 0x0ad0  [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:34:51.0320 0x0ad0  rspndr - ok
18:34:51.0367 0x0ad0  [ 7D9DA8EC6784A9EE213C676709D46BE6, 9861D1EF107F7D1590B89098EAEA7F509C1EF46999C37703F3766BAD733D8AD2 ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
18:34:51.0383 0x0ad0  RTL8168 - ok
18:34:51.0414 0x0ad0  [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
18:34:51.0414 0x0ad0  s3cap - ok
18:34:51.0492 0x0ad0  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] SamSs           C:\Windows\system32\lsass.exe
18:34:51.0508 0x0ad0  SamSs - ok
18:34:51.0524 0x0ad0  [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:34:51.0524 0x0ad0  sbp2port - ok
18:34:51.0570 0x0ad0  [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:34:51.0570 0x0ad0  SCardSvr - ok
18:34:51.0602 0x0ad0  [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:34:51.0602 0x0ad0  scfilter - ok
18:34:51.0711 0x0ad0  [ 201C397A73DFEE109490F4BA1168CFC2, 74FC2A30CBF2E2197E75860A3B308CDCBEB3C28794ABED388B493505A2D84BAA ] Schedule        C:\Windows\system32\schedsvc.dll
18:34:51.0727 0x0ad0  Schedule - ok
18:34:51.0789 0x0ad0  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:34:51.0805 0x0ad0  SCPolicySvc - ok
18:34:51.0867 0x0ad0  [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus           C:\Windows\System32\drivers\sdbus.sys
18:34:51.0867 0x0ad0  sdbus - ok
18:34:51.0899 0x0ad0  [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:34:51.0914 0x0ad0  SDRSVC - ok
18:34:51.0945 0x0ad0  [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor          C:\Windows\System32\drivers\sdstor.sys
18:34:51.0945 0x0ad0  sdstor - ok
18:34:51.0977 0x0ad0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:34:51.0977 0x0ad0  secdrv - ok
18:34:52.0008 0x0ad0  [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon        C:\Windows\system32\seclogon.dll
18:34:52.0008 0x0ad0  seclogon - ok
18:34:52.0055 0x0ad0  [ 1ED7A8574A28357097A5CB4063C96B00, 4E248CA66B7DE930AEC501A85F507AB813FC3CEBCBA347DFF3B05CE6CB8E496B ] semav6thermal64ro C:\Windows\system32\drivers\semav6thermal64ro.sys
18:34:52.0055 0x0ad0  semav6thermal64ro - ok
18:34:52.0070 0x0ad0  [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS            C:\Windows\System32\sens.dll
18:34:52.0070 0x0ad0  SENS - ok
18:34:52.0102 0x0ad0  [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:34:52.0102 0x0ad0  SensrSvc - ok
18:34:52.0117 0x0ad0  [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
18:34:52.0117 0x0ad0  SerCx - ok
18:34:52.0133 0x0ad0  [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum         C:\Windows\System32\drivers\serenum.sys
18:34:52.0133 0x0ad0  Serenum - ok
18:34:52.0133 0x0ad0  [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial          C:\Windows\System32\drivers\serial.sys
18:34:52.0133 0x0ad0  Serial - ok
18:34:52.0133 0x0ad0  [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse        C:\Windows\System32\drivers\sermouse.sys
18:34:52.0133 0x0ad0  sermouse - ok
18:34:52.0180 0x0ad0  [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv      C:\Windows\system32\sessenv.dll
18:34:52.0180 0x0ad0  SessionEnv - ok
18:34:52.0211 0x0ad0  [ 415B1326C40A2E1F251A3845B9C7DF31, D7BD668962B71DC3877366EB0C0BD5CDB1FF564A5866EE58DB90838D78227AD6 ] SFEP            C:\Windows\System32\drivers\SFEP.sys
18:34:52.0211 0x0ad0  SFEP - ok
18:34:52.0227 0x0ad0  [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
18:34:52.0227 0x0ad0  sfloppy - ok
18:34:52.0305 0x0ad0  [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:34:52.0320 0x0ad0  SharedAccess - ok
18:34:52.0383 0x0ad0  [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:34:52.0399 0x0ad0  ShellHWDetection - ok
18:34:52.0414 0x0ad0  [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
18:34:52.0414 0x0ad0  SiSRaid2 - ok
18:34:52.0430 0x0ad0  [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
18:34:52.0430 0x0ad0  SiSRaid4 - ok
18:34:52.0570 0x0ad0  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:34:52.0570 0x0ad0  SkypeUpdate - ok
18:34:52.0602 0x0ad0  [ 31EB63D59A3B097E12D07FAFD2D7A959, 8C0FC4123CB818C6C22C25C8A305B6ABC299E063C68ECA537F7D152AB932C97C ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
18:34:52.0602 0x0ad0  SmbDrvI - ok
18:34:52.0633 0x0ad0  [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:34:52.0633 0x0ad0  SNMPTRAP - ok
18:34:52.0711 0x0ad0  [ CC7041283CE3AEC7912636F0918B5A37, E08E7AC7F84E1B7243BA9E4F75E35F26DEEB8F319AE4EF5488A007F396498987 ] SOHCImp         C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
18:34:52.0727 0x0ad0  SOHCImp - ok
18:34:52.0758 0x0ad0  [ F318A96C1B42215F8A03D4325AB977AD, 21A97928B16F794E8E028A3F5B1D81180EC3884BEBD3D2B24E48D4A30BB13B72 ] SOHDms          C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
18:34:52.0758 0x0ad0  SOHDms - ok
18:34:52.0774 0x0ad0  [ 91B5B1FEC3F396A99C2AC3C37ACF84D0, 8FD5D3617ADAA9525DFBDFFF768A36F5C44C05ABA44C784B4A24B8B2A6586913 ] SOHDs           C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
18:34:52.0774 0x0ad0  SOHDs - ok
18:34:52.0805 0x0ad0  [ AA0F913B69BCEC9655ECAAA2312B29D9, 655D6E5B36ABC1C632096243F7FF55C4168A2009A5A43C8FDA5EFA67F972ADF3 ] SOWS            C:\Windows\System32\drivers\sows.sys
18:34:52.0805 0x0ad0  SOWS - ok
18:34:52.0852 0x0ad0  [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
18:34:52.0852 0x0ad0  spaceport - ok
18:34:52.0883 0x0ad0  [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
18:34:52.0883 0x0ad0  SpbCx - ok
18:34:52.0945 0x0ad0  [ C03E480E63A80D73FABE28D24D3B6B47, F8C68DC63A5492587F9343158348ADD99A99AF34DC7ED29E5562EE90C0AB8F25 ] SpfService      C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
18:34:52.0945 0x0ad0  SpfService - ok
18:34:52.0992 0x0ad0  [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler         C:\Windows\System32\spoolsv.exe
18:34:53.0008 0x0ad0  Spooler - ok
18:34:53.0242 0x0ad0  [ 061A977C920FBE4BF71FF47C966DDDCA, 746516396B72E4ADB05D978C819CD45FE44EE194756F6DA50121D755439CA590 ] sppsvc          C:\Windows\system32\sppsvc.exe
18:34:53.0320 0x0ad0  sppsvc - ok
18:34:53.0352 0x0ad0  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:34:53.0352 0x0ad0  srv - ok
18:34:53.0430 0x0ad0  [ B56A855B23676CCE05B626C6037FD02F, 3C0DCB16A96BD6A002A4FAF1AF939AF470D95137CB745F5DAD039B5D8C956E30 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:34:53.0445 0x0ad0  srv2 - ok
18:34:53.0492 0x0ad0  [ 78E9665C8DC59106D133CBEF0F0C3DE3, 380FD51EE00CEF3FFEF9BFB5E14538E084F1DDF8D8F8BCDF4EC23CB8C3A40D2F ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:34:53.0492 0x0ad0  srvnet - ok
18:34:53.0524 0x0ad0  [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:34:53.0539 0x0ad0  SSDPSRV - ok
18:34:53.0539 0x0ad0  [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:34:53.0555 0x0ad0  SstpSvc - ok
18:34:53.0633 0x0ad0  [ AC8B882D658AF3070167F59AE92E5CA3, 7781475B6A49DCE239FEE2B32767A7E58188EF04BC4BB29E04B40DAFD8214E85 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
18:34:53.0633 0x0ad0  Steam Client Service - ok
18:34:53.0664 0x0ad0  [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor        C:\Windows\system32\drivers\stexstor.sys
18:34:53.0664 0x0ad0  stexstor - ok
18:34:53.0695 0x0ad0  [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc          C:\Windows\System32\wiaservc.dll
18:34:53.0711 0x0ad0  stisvc - ok
18:34:53.0742 0x0ad0  [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci        C:\Windows\system32\drivers\storahci.sys
18:34:53.0742 0x0ad0  storahci - ok
18:34:53.0774 0x0ad0  [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
18:34:53.0774 0x0ad0  storflt - ok
18:34:53.0789 0x0ad0  [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc         C:\Windows\system32\storsvc.dll
18:34:53.0789 0x0ad0  StorSvc - ok

aubergine13 · 16.03.2015, 18:39

zweite Teil

Code:

ATTFilter

18:34:53.0821 0x0ad0  [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc         C:\Windows\system32\drivers\storvsc.sys
18:34:53.0821 0x0ad0  storvsc - ok
18:34:53.0836 0x0ad0  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc           C:\Windows\system32\svsvc.dll
18:34:53.0836 0x0ad0  svsvc - ok
18:34:53.0852 0x0ad0  [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum          C:\Windows\System32\drivers\swenum.sys
18:34:53.0852 0x0ad0  swenum - ok
18:34:53.0899 0x0ad0  [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv           C:\Windows\System32\swprv.dll
18:34:53.0899 0x0ad0  swprv - ok
18:34:53.0945 0x0ad0  [ 059AA9D476A71CCE202B023226B40C4A, 080F413ECB7AE1638EC99B0C5574285AC64621126C6BF1F71450A344C5BAC2C5 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
18:34:53.0945 0x0ad0  SynTP - ok
18:34:54.0024 0x0ad0  [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain         C:\Windows\system32\sysmain.dll
18:34:54.0055 0x0ad0  SysMain - ok
18:34:54.0102 0x0ad0  [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
18:34:54.0102 0x0ad0  SystemEventsBroker - ok
18:34:54.0117 0x0ad0  [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\Windows\System32\TabSvc.dll
18:34:54.0133 0x0ad0  TabletInputService - ok
18:34:54.0149 0x0ad0  [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:34:54.0149 0x0ad0  TapiSrv - ok
18:34:54.0258 0x0ad0  [ 2AE9136724568DB4F08BC04F131CFC54, 11AA017AE39D0A63233D01A8AE33FD53D5302683E037D29B73366D6233764080 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:34:54.0305 0x0ad0  Tcpip - ok
18:34:54.0367 0x0ad0  [ 2AE9136724568DB4F08BC04F131CFC54, 11AA017AE39D0A63233D01A8AE33FD53D5302683E037D29B73366D6233764080 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:34:54.0399 0x0ad0  TCPIP6 - ok
18:34:54.0461 0x0ad0  [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:34:54.0461 0x0ad0  tcpipreg - ok
18:34:54.0492 0x0ad0  [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:34:54.0508 0x0ad0  tdx - ok
18:34:54.0524 0x0ad0  [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
18:34:54.0524 0x0ad0  terminpt - ok
18:34:54.0586 0x0ad0  [ 2B3D2FDF50EDABEBE0A9E6F741C81858, F0C3A1DC968C5D28EF68BE4352577B4F8D4B4FB6274268DCCCD8A5C132DEC2F9 ] TermService     C:\Windows\System32\termsrv.dll
18:34:54.0617 0x0ad0  TermService - ok
18:34:54.0633 0x0ad0  [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes          C:\Windows\system32\themeservice.dll
18:34:54.0649 0x0ad0  Themes - ok
18:34:54.0680 0x0ad0  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER     C:\Windows\system32\mmcss.dll
18:34:54.0680 0x0ad0  THREADORDER - ok
18:34:54.0727 0x0ad0  [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
18:34:54.0742 0x0ad0  TimeBroker - ok
18:34:54.0774 0x0ad0  [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM             C:\Windows\system32\drivers\tpm.sys
18:34:54.0789 0x0ad0  TPM - ok
18:34:54.0821 0x0ad0  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks          C:\Windows\System32\trkwks.dll
18:34:54.0821 0x0ad0  TrkWks - ok
18:34:54.0914 0x0ad0  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:34:54.0914 0x0ad0  TrustedInstaller - ok
18:34:54.0946 0x0ad0  [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:34:54.0946 0x0ad0  TsUsbFlt - ok
18:34:54.0961 0x0ad0  [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
18:34:54.0961 0x0ad0  TsUsbGD - ok
18:34:54.0992 0x0ad0  [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:34:54.0992 0x0ad0  tunnel - ok
18:34:55.0008 0x0ad0  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35          C:\Windows\system32\drivers\uagp35.sys
18:34:55.0008 0x0ad0  uagp35 - ok
18:34:55.0024 0x0ad0  [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
18:34:55.0024 0x0ad0  UASPStor - ok
18:34:55.0071 0x0ad0  [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
18:34:55.0086 0x0ad0  UCX01000 - ok
18:34:55.0149 0x0ad0  [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:34:55.0149 0x0ad0  udfs - ok
18:34:55.0180 0x0ad0  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:34:55.0180 0x0ad0  UI0Detect - ok
18:34:55.0211 0x0ad0  [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:34:55.0211 0x0ad0  uliagpkx - ok
18:34:55.0227 0x0ad0  [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus           C:\Windows\System32\drivers\umbus.sys
18:34:55.0227 0x0ad0  umbus - ok
18:34:55.0242 0x0ad0  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass          C:\Windows\System32\drivers\umpass.sys
18:34:55.0242 0x0ad0  UmPass - ok
18:34:55.0258 0x0ad0  [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService    C:\Windows\System32\umrdp.dll
18:34:55.0258 0x0ad0  UmRdpService - ok
18:34:55.0352 0x0ad0  [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:34:55.0367 0x0ad0  UNS - ok
18:34:55.0399 0x0ad0  [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost        C:\Windows\System32\upnphost.dll
18:34:55.0414 0x0ad0  upnphost - ok
18:34:55.0446 0x0ad0  [ 30F02F642C2D141CAABD412B48A29D76, E94610E0CB46A9DD811AC03B028310D91E13B63A57A39749EEAC70FB5E729EE3 ] usb3Hub         C:\Windows\System32\drivers\usb3Hub.sys
18:34:55.0446 0x0ad0  usb3Hub - ok
18:34:55.0492 0x0ad0  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\System32\Drivers\usbaapl64.sys
18:34:55.0492 0x0ad0  USBAAPL64 - ok
18:34:55.0539 0x0ad0  [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
18:34:55.0555 0x0ad0  usbccgp - ok
18:34:55.0586 0x0ad0  [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir          C:\Windows\System32\drivers\usbcir.sys
18:34:55.0602 0x0ad0  usbcir - ok
18:34:55.0649 0x0ad0  [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
18:34:55.0649 0x0ad0  usbehci - ok
18:34:55.0727 0x0ad0  [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
18:34:55.0742 0x0ad0  usbhub - ok
18:34:55.0789 0x0ad0  [ FAAB461D5AEB21EE5FC5C0DBD6648223, 187EB7AC6CDE39621C587EB1551DBC358DE2BC7C8A4265DB817C9D6F5ADE54A3 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
18:34:55.0805 0x0ad0  USBHUB3 - ok
18:34:55.0867 0x0ad0  [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci         C:\Windows\System32\drivers\usbohci.sys
18:34:55.0883 0x0ad0  usbohci - ok
18:34:55.0914 0x0ad0  [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
18:34:55.0914 0x0ad0  usbprint - ok
18:34:55.0961 0x0ad0  [ AD91D1BBE5D3CF4501887DC1C09384FD, ED9E27CD1D52401087427EC20E389FBE2497193483C2E53E8DE5D70DACF5D928 ] usbscan         C:\Windows\System32\drivers\usbscan.sys
18:34:55.0961 0x0ad0  usbscan - ok
18:34:55.0992 0x0ad0  [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
18:34:55.0992 0x0ad0  USBSTOR - ok
18:34:56.0039 0x0ad0  [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
18:34:56.0039 0x0ad0  usbuhci - ok
18:34:56.0086 0x0ad0  [ 9EF7C01D3ACCBC243B5CB1A95865B2FF, 367A7640B4992E68EB3E1BBD78D3014742F4CC4056750E389048C653251DAD33 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
18:34:56.0086 0x0ad0  usbvideo - ok
18:34:56.0133 0x0ad0  [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
18:34:56.0149 0x0ad0  USBXHCI - ok
18:34:56.0274 0x0ad0  [ 34349E7B488FA61B639117F6BF1EBF99, A7A7E60511F7D6370473D41867F5323695308CC27D3EEB0286687D3A9E0084E9 ] USER_ESRV_SVC   C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
18:34:56.0274 0x0ad0  USER_ESRV_SVC - ok
18:34:56.0368 0x0ad0  [ A3C75F5220CAB16A29784433DC241A5B, A9F283114388D02AD20298B7C74367E70FE457FF03B9544A00DBB8A45C68965F ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
18:34:56.0368 0x0ad0  VAIO Event Service - ok
18:34:56.0430 0x0ad0  [ 8EF62038EBD54C240486A36F9259C64A, D2EA5718C13D5E62DCA06013E67E651847172950ED7ED7CA7C25CC8422D54260 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
18:34:56.0446 0x0ad0  VAIO Power Management - ok
18:34:56.0461 0x0ad0  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] VaultSvc        C:\Windows\system32\lsass.exe
18:34:56.0461 0x0ad0  VaultSvc - ok
18:34:56.0555 0x0ad0  [ 5B9E9B509770422967D2126E7D4F01EA, 085FCD962AA02144C13F352A0E2DC0B2F3D5C6C22485101DB8E83920DCB23C0B ] VCFw            C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
18:34:56.0571 0x0ad0  VCFw - ok
18:34:56.0602 0x0ad0  [ 0D53D30C8473EEDC1757FDA3C511103B, 54E1AE2CCD71AD446F373DD8E19382D81CA2BC9AEEE326CF5BF020AD3C5F58AB ] VCService       C:\Program Files\Sony\VAIO Care\VCService.exe
18:34:56.0602 0x0ad0  VCService - ok
18:34:56.0618 0x0ad0  [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:34:56.0618 0x0ad0  vdrvroot - ok
18:34:56.0696 0x0ad0  [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds             C:\Windows\System32\vds.exe
18:34:56.0711 0x0ad0  vds - ok
18:34:56.0727 0x0ad0  [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
18:34:56.0727 0x0ad0  VerifierExt - ok
18:34:56.0758 0x0ad0  [ D4051AA2ACD38AABF9DEC24B8A331EB1, 377D5DD98E4E09F3CCC330852F9FD9E4CC2069AE1A1C1AFBC90002FE3101708B ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
18:34:56.0774 0x0ad0  vhdmp - ok
18:34:56.0821 0x0ad0  [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:34:56.0821 0x0ad0  viaide - ok
18:34:56.0836 0x0ad0  [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
18:34:56.0836 0x0ad0  vmbus - ok
18:34:56.0852 0x0ad0  [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
18:34:56.0852 0x0ad0  VMBusHID - ok
18:34:56.0883 0x0ad0  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
18:34:56.0883 0x0ad0  vmicheartbeat - ok
18:34:56.0899 0x0ad0  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\Windows\System32\ICSvc.dll
18:34:56.0899 0x0ad0  vmickvpexchange - ok
18:34:56.0914 0x0ad0  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv         C:\Windows\System32\ICSvc.dll
18:34:56.0930 0x0ad0  vmicrdv - ok
18:34:56.0930 0x0ad0  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown    C:\Windows\System32\ICSvc.dll
18:34:56.0946 0x0ad0  vmicshutdown - ok
18:34:56.0946 0x0ad0  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync    C:\Windows\System32\ICSvc.dll
18:34:56.0961 0x0ad0  vmictimesync - ok
18:34:56.0977 0x0ad0  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss         C:\Windows\System32\ICSvc.dll
18:34:56.0977 0x0ad0  vmicvss - ok
18:34:57.0008 0x0ad0  [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:34:57.0008 0x0ad0  volmgr - ok
18:34:57.0024 0x0ad0  [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:34:57.0024 0x0ad0  volmgrx - ok
18:34:57.0071 0x0ad0  [ AA37946941ED3805AB3A924965907147, 11BD8FA585F193EED050458E93679D730FC2C09D19237DA40B0190132D328CB2 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:34:57.0071 0x0ad0  volsnap - ok
18:34:57.0086 0x0ad0  [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci            C:\Windows\System32\drivers\vpci.sys
18:34:57.0086 0x0ad0  vpci - ok
18:34:57.0180 0x0ad0  [ 1329F6DF192EAC74FABE6C9BD399A474, F13D4777C2E14F06E20B6E94738ADB7BB3E6255EEA3F9D29B048CDC27D7F7618 ] vpnagent        C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
18:34:57.0211 0x0ad0  vpnagent - ok
18:34:57.0258 0x0ad0  [ 5B3644AB5E8E210F60869EA6895DE822, 0D713C1C92E73BE8886DD1E9D5D37721427598B3B8DD93B30E522B0825E2082E ] vpnva           C:\Windows\system32\DRIVERS\vpnva64-6.sys
18:34:57.0274 0x0ad0  vpnva - ok
18:34:57.0305 0x0ad0  [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
18:34:57.0305 0x0ad0  vsmraid - ok
18:34:57.0414 0x0ad0  [ FE37051171F3B90B18037FDBAC5B9D76, F220D71512E059F298F3CD958D69BE7225A8E8D492387347E75A0E615159782A ] VSS             C:\Windows\system32\vssvc.exe
18:34:57.0446 0x0ad0  VSS - ok
18:34:57.0477 0x0ad0  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
18:34:57.0477 0x0ad0  VSTXRAID - ok
18:34:57.0602 0x0ad0  [ C1FAE2E81955DCCD79034A23EC4F3F37, 61B6477C6068B5542D3EE9C6336FBD7589F1CFFD3E850473A539619033533286 ] VUAgent         C:\Program Files\Sony\VAIO Update\VUAgent.exe
18:34:57.0633 0x0ad0  VUAgent - ok
18:34:57.0649 0x0ad0  [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
18:34:57.0649 0x0ad0  vwifibus - ok
18:34:57.0664 0x0ad0  [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:34:57.0664 0x0ad0  vwififlt - ok
18:34:57.0680 0x0ad0  [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
18:34:57.0680 0x0ad0  vwifimp - ok
18:34:57.0711 0x0ad0  [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time         C:\Windows\system32\w32time.dll
18:34:57.0727 0x0ad0  W32Time - ok
18:34:57.0743 0x0ad0  [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
18:34:57.0743 0x0ad0  WacomPen - ok
18:34:57.0774 0x0ad0  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
18:34:57.0789 0x0ad0  Wanarp - ok
18:34:57.0789 0x0ad0  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:34:57.0789 0x0ad0  Wanarpv6 - ok
18:34:57.0868 0x0ad0  [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine        C:\Windows\system32\wbengine.exe
18:34:57.0899 0x0ad0  wbengine - ok
18:34:57.0930 0x0ad0  [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:34:57.0930 0x0ad0  WbioSrvc - ok
18:34:57.0977 0x0ad0  [ F43314B83101DEBF7D7CCD42493CFC60, F4B70372559F2FD9A74FB87422EC6EF024F925AE4D838473E04E6B48AB7255AF ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
18:34:57.0993 0x0ad0  Wcmsvc - ok
18:34:58.0055 0x0ad0  [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:34:58.0086 0x0ad0  wcncsvc - ok
18:34:58.0102 0x0ad0  [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:34:58.0118 0x0ad0  WcsPlugInService - ok
18:34:58.0133 0x0ad0  [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd              C:\Windows\system32\drivers\wd.sys
18:34:58.0133 0x0ad0  Wd - ok
18:34:58.0243 0x0ad0  [ 502FA6BD01D9141D34C2FCA8F8726E3F, 078D88854404F989445725B3693F1B22B8C25F5DCCD9AD5B15AE0E6521FB04D7 ] WDBackup        C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
18:34:58.0258 0x0ad0  WDBackup - ok
18:34:58.0305 0x0ad0  [ B7FD627AAE8E95848BFEC437C923A87E, 26188FC7E86AD9B92FB732DD3EC5E8EAB18EB52B21E854B27798EC08C49167D8 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
18:34:58.0305 0x0ad0  WdBoot - ok
18:34:58.0336 0x0ad0  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\Windows\System32\drivers\wdcsam64.sys
18:34:58.0336 0x0ad0  WDC_SAM - ok
18:34:58.0430 0x0ad0  [ 334E5ED94D3FAFF3C44F4D36B1FE1C90, 3B409603754E74077CEE09125D691BE75DA2A6220EF744446E388BF89FD9313B ] WDDMService     C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
18:34:58.0430 0x0ad0  WDDMService - ok
18:34:58.0524 0x0ad0  [ 28E0104D77501C8576BC4F32BB73CE9F, 120E0C17443CB687A538D0EA75D5CAC8F8E44A70FADCAF9B2395C061D817B695 ] WDDriveService  C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
18:34:58.0524 0x0ad0  WDDriveService - ok
18:34:58.0602 0x0ad0  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:34:58.0618 0x0ad0  Wdf01000 - ok
18:34:58.0665 0x0ad0  [ FAC362ED29713A535C6E2EEFFA5B4733, C4AF6C5A74389F9F51668433D4478806016C4913CB241F77513601803D532EC0 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
18:34:58.0665 0x0ad0  WdFilter - ok
18:34:58.0696 0x0ad0  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:34:58.0696 0x0ad0  WdiServiceHost - ok
18:34:58.0696 0x0ad0  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:34:58.0711 0x0ad0  WdiSystemHost - ok
18:34:58.0774 0x0ad0  [ 138AB06ADBBF300AA804D7974A5AEC82, 61A99CB8176C291E858F9D964A9B2EC36970F3BFFF3D5F933A16E9B28BF922DD ] WDSmartWareBackgroundService C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
18:34:58.0790 0x0ad0  WDSmartWareBackgroundService - ok
18:34:58.0836 0x0ad0  [ 9B1384CE8E681D2D77BB3524B8E86311, BDEF9D0A79A7C26A88088A306F91632F300E587736CDD2C64717EC54DD6E89FF ] WebClient       C:\Windows\System32\webclnt.dll
18:34:58.0836 0x0ad0  WebClient - ok
18:34:58.0868 0x0ad0  [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:34:58.0883 0x0ad0  Wecsvc - ok
18:34:58.0899 0x0ad0  [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:34:58.0899 0x0ad0  wercplsupport - ok
18:34:58.0946 0x0ad0  [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:34:58.0946 0x0ad0  WerSvc - ok
18:34:58.0993 0x0ad0  [ 8FDA12E934C7BB7CC317F90FC70DC4FC, AA0DA063BCE5692DFD46F0AAE07727B38D4AA87A9BAEBAFF137F9CAAF2808EC0 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
18:34:58.0993 0x0ad0  WFPLWFS - ok
18:34:59.0008 0x0ad0  [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc          C:\Windows\System32\wiarpc.dll
18:34:59.0024 0x0ad0  WiaRpc - ok
18:34:59.0055 0x0ad0  [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:34:59.0055 0x0ad0  WIMMount - ok
18:34:59.0071 0x0ad0  WinDefend - ok
18:34:59.0149 0x0ad0  [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
18:34:59.0180 0x0ad0  WinHttpAutoProxySvc - ok
18:34:59.0227 0x0ad0  [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:34:59.0243 0x0ad0  Winmgmt - ok
18:34:59.0383 0x0ad0  [ 89DA335401D956F2696E35A38817BE19, D5A8D5C0BE285564AB0DF1B4594FE612359C72BE3B64063C3460BB73AA34F413 ] WinRM           C:\Windows\system32\WsmSvc.dll
18:34:59.0430 0x0ad0  WinRM - ok
18:34:59.0493 0x0ad0  [ BB20956C424531003F7FA6CD36F11D5D, 2C55F1C7553A527A7C4C34E730BE943269AE23928731C64D3DC945E07AE1771E ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
18:34:59.0493 0x0ad0  WinUsb - ok
18:34:59.0665 0x0ad0  [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc         C:\Windows\System32\wlansvc.dll
18:34:59.0680 0x0ad0  WlanSvc - ok
18:34:59.0883 0x0ad0  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
18:34:59.0915 0x0ad0  wlidsvc - ok
18:34:59.0946 0x0ad0  [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
18:34:59.0946 0x0ad0  WmiAcpi - ok
18:34:59.0961 0x0ad0  [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:34:59.0961 0x0ad0  wmiApSrv - ok
18:34:59.0977 0x0ad0  WMPNetworkSvc - ok
18:34:59.0993 0x0ad0  [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
18:34:59.0993 0x0ad0  wpcfltr - ok
18:35:00.0024 0x0ad0  [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:35:00.0040 0x0ad0  WPCSvc - ok
18:35:00.0071 0x0ad0  [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:35:00.0071 0x0ad0  WPDBusEnum - ok
18:35:00.0086 0x0ad0  [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
18:35:00.0086 0x0ad0  WpdUpFltr - ok
18:35:00.0133 0x0ad0  [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:35:00.0133 0x0ad0  ws2ifsl - ok
18:35:00.0180 0x0ad0  [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc          C:\Windows\System32\wscsvc.dll
18:35:00.0180 0x0ad0  wscsvc - ok
18:35:00.0196 0x0ad0  WSearch - ok
18:35:00.0321 0x0ad0  [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService       C:\Windows\System32\WSService.dll
18:35:00.0368 0x0ad0  WSService - ok
18:35:00.0508 0x0ad0  [ C5B45464B98F211FE58AEE62CFF21F05, A0AB6142F35707102B75C9C29A749C7EB12CB6F5E85E6BA67C5B961AF7EB3BE8 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:35:00.0555 0x0ad0  wuauserv - ok
18:35:00.0571 0x0ad0  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:35:00.0586 0x0ad0  WudfPf - ok
18:35:00.0602 0x0ad0  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
18:35:00.0602 0x0ad0  WUDFRd - ok
18:35:00.0618 0x0ad0  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFSensorLP    C:\Windows\system32\DRIVERS\WUDFRd.sys
18:35:00.0633 0x0ad0  WUDFSensorLP - ok
18:35:00.0665 0x0ad0  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:35:00.0665 0x0ad0  wudfsvc - ok
18:35:00.0696 0x0ad0  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
18:35:00.0696 0x0ad0  WUDFWpdFs - ok
18:35:00.0711 0x0ad0  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
18:35:00.0711 0x0ad0  WUDFWpdMtp - ok
18:35:00.0758 0x0ad0  [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:35:00.0774 0x0ad0  WwanSvc - ok
18:35:00.0821 0x0ad0  [ 6FDEE5E0741A3FFA5E5772C6C94E3F64, 859EBC7F8FF3CE9F3301B5BF93CF0C84C2A4271F205B67D9B8DC463DC67DE661 ] XHCIPort        C:\Windows\System32\drivers\XHCIPort.sys
18:35:00.0821 0x0ad0  XHCIPort - ok
18:35:00.0930 0x0ad0  [ 7055B389BD0DA0B19236BF43CDDF0E1A, AC9A47C4E5C87A29951993EA4D23CF9E159681DCEE60BBF2350DBB9AA5AAFA21 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
18:35:00.0961 0x0ad0  ZeroConfigService - ok
18:35:00.0977 0x0ad0  ================ Scan global ===============================
18:35:01.0024 0x0ad0  [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\Windows\system32\basesrv.dll
18:35:01.0071 0x0ad0  [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\Windows\system32\winsrv.dll
18:35:01.0118 0x0ad0  [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\Windows\system32\sxssrv.dll
18:35:01.0149 0x0ad0  [ B6AEF1771CCA54B67DA4932753F74124, 83A353CAC6111C16EB880345E7D89DC9D56F0A3C79F854A4BB7DBABF7270C29F ] C:\Windows\system32\services.exe
18:35:01.0149 0x0ad0  [ Global ] - ok
18:35:01.0165 0x0ad0  ================ Scan MBR ==================================
18:35:01.0165 0x0ad0  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
18:35:01.0180 0x0ad0  \Device\Harddisk0\DR0 - ok
18:35:01.0180 0x0ad0  ================ Scan VBR ==================================
18:35:01.0196 0x0ad0  [ 067A2B545D22B7B4BE0A3C9682FCA317 ] \Device\Harddisk0\DR0\Partition1
18:35:01.0227 0x0ad0  \Device\Harddisk0\DR0\Partition1 - ok
18:35:01.0258 0x0ad0  [ 97FC8267381056805B31BB20B5305AF0 ] \Device\Harddisk0\DR0\Partition2
18:35:01.0274 0x0ad0  \Device\Harddisk0\DR0\Partition2 - ok
18:35:01.0290 0x0ad0  [ 99A682AEB5863E5504A76C091C906764 ] \Device\Harddisk0\DR0\Partition3
18:35:01.0305 0x0ad0  \Device\Harddisk0\DR0\Partition3 - ok
18:35:01.0321 0x0ad0  [ 80879C1D0C3BE206CEB3CA9846556C72 ] \Device\Harddisk0\DR0\Partition4
18:35:01.0321 0x0ad0  \Device\Harddisk0\DR0\Partition4 - ok
18:35:01.0352 0x0ad0  [ 1B092FC7E68B52CB72F3EEFD0C0EF2B7 ] \Device\Harddisk0\DR0\Partition5
18:35:01.0383 0x0ad0  \Device\Harddisk0\DR0\Partition5 - ok
18:35:01.0430 0x0ad0  [ 9BA934ACDD18534837258F90F8081584 ] \Device\Harddisk0\DR0\Partition6
18:35:01.0493 0x0ad0  \Device\Harddisk0\DR0\Partition6 - ok
18:35:01.0524 0x0ad0  [ D8FBE4AD38F6516FE432ECE83AABD6F5 ] \Device\Harddisk0\DR0\Partition7
18:35:01.0587 0x0ad0  \Device\Harddisk0\DR0\Partition7 - ok
18:35:01.0587 0x0ad0  ================ Scan generic autorun ======================
18:35:01.0758 0x0ad0  [ 1FE78C8195F83A3CEC049BD00153CDCD, C4D54D264769CA01C6563273C21ADD7886E0849BF2827F85AE663182DCB7653A ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
18:35:01.0774 0x0ad0  RtHDVBg_Dolby - ok
18:35:01.0805 0x0ad0  [ 1FE78C8195F83A3CEC049BD00153CDCD, C4D54D264769CA01C6563273C21ADD7886E0849BF2827F85AE663182DCB7653A ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
18:35:01.0821 0x0ad0  RtHDVBg - ok
18:35:01.0821 0x0ad0  BTMTrayAgent - ok
18:35:01.0821 0x0ad0  SynTPEnh - ok
18:35:01.0852 0x0ad0  [ 7FD9842F81FA7DF4F9FCA7881C976EBE, E55268F8AB9A904A03A928B61F7B21B484DA8EE8901D01EB8E4DBA4FBBDD3F22 ] C:\Windows\system32\igfxtray.exe
18:35:01.0852 0x0ad0  IgfxTray - ok
18:35:01.0883 0x0ad0  [ D6D38096A46B18E8F3E9D45B4CA38349, F379F6E793220EDAA50FFD9B56D054D4FABB77027F596D051469AE060BAEC0EA ] C:\Windows\system32\hkcmd.exe
18:35:01.0883 0x0ad0  HotKeysCmds - ok
18:35:01.0915 0x0ad0  [ BB8F9CEA82D09F5375FC3A62B9F54ED1, 53F44CD39C8021E050EA103383EFE629553CEBE392482A3E664A18D6D1AC8347 ] C:\Windows\system32\igfxpers.exe
18:35:01.0915 0x0ad0  Persistence - ok
18:35:01.0946 0x0ad0  [ 2E2F360FF158A67F8128EFAAF974189C, 5EDAAF7CCF381B5E767030F2DC52C37F972C4EA36F33BD7D9C422F74AF232DDD ] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
18:35:01.0962 0x0ad0  ISBMgr.exe - ok
18:35:02.0024 0x0ad0  [ F4FEC311177C29BF7FF3A1B6002B3B64, A51312B76D0187BF729BE75A3AA404F3EFDA25B33DBC2D2B1B6218ECEC4E8429 ] c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
18:35:02.0024 0x0ad0  Adobe Reader Speed Launcher - ok
18:35:02.0102 0x0ad0  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
18:35:02.0118 0x0ad0  Adobe ARM - ok
18:35:02.0165 0x0ad0  [ D5AA702664BA73DF84AC5C7FCA0C1C18, 246AFF395F08C202498224E7F20DC9E769E61B7E234EBFE207758AD805AA7B9E ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
18:35:02.0165 0x0ad0  Intel AppUp(SM) center - ok
18:35:02.0243 0x0ad0  [ CE0DC55056F1C06A149C0190892AB045, 9876836E9845D714148A99DA5C23BF0EA290EC47F4462353C3573087EA282023 ] C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
18:35:02.0243 0x0ad0  mcpltui_exe - ok
18:35:02.0274 0x0ad0  [ 21EF7690E40D0749302785BE795D3374, A84E15AF1D0D8D32AE5B24F6A210A106453A695EF0E8C65DE9E86518397EEE1C ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe
18:35:02.0274 0x0ad0  AVP - ok
18:35:02.0430 0x0ad0  [ 081E2D5A7875895A4A857B3DA8335695, 48D7968F2B6397B4090C4D6DCB3288041A92BF8207CD4AE807E66BCFC7DC7466 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
18:35:02.0462 0x0ad0  StartCCC - ok
18:35:02.0540 0x0ad0  [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
18:35:02.0540 0x0ad0  GrooveMonitor - ok
18:35:02.0696 0x0ad0  [ 8EB3B50EB548BCF1B5AB68848519BBE0, 24213CD0099EB6319A3F667777A07BAF6A321036586B8DF2AF3B183141380509 ] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
18:35:02.0696 0x0ad0  Cisco AnyConnect Secure Mobility Agent for Windows - ok
18:35:02.0758 0x0ad0  [ 09E60B4FE341A94A300830C008907099, 5F07868953FAA8FFA9E6477F6BAC52DEEDF3EA4A3F8AF5B4E15878D8240223AB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
18:35:02.0758 0x0ad0  APSDaemon - ok
18:35:02.0821 0x0ad0  [ 14D6542607ACD4B2D1DDB1A36E0D8813, 3A270600549E8E7988D5AF3486C0F504269B9573393D87BF87BDB2287BF007B2 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
18:35:02.0821 0x0ad0  SunJavaUpdateSched - ok
18:35:02.0899 0x0ad0  [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
18:35:02.0899 0x0ad0  iTunesHelper - ok
18:35:03.0133 0x0ad0  [ 36CD605A0DDAFCBC3882B3B3152D5564, 0CD799F2E534D63B6D93D2A7534AD078FE14714F923D158DFEF74C4DD0E5021E ] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
18:35:03.0227 0x0ad0  WD Quick View - ok
18:35:03.0305 0x0ad0  Skype - ok
18:35:03.0509 0x0ad0  [ 2EC58592401DF51E46BF79523A5E35F2, 2B3CFC4FD12D2C1DF33E7F815F4453FDBDF4C6672BFE32D038CED0F16398EB46 ] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_305_Plugin.exe
18:35:03.0524 0x0ad0  FlashPlayerUpdate - ok
18:35:03.0712 0x0ad0  [ 4981B0B81D85F693B3E9B2C40FA7F64B, 5908089FA024D4FAE3AABB033C56F44D34F6DD0B30A8A69E3E51586D4B42A289 ] C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBIE.EXE
18:35:03.0712 0x0ad0  EPSON Stylus DX6000 Series - ok
18:35:03.0712 0x0ad0  Waiting for KSN requests completion. In queue: 170
18:35:04.0728 0x0ad0  Waiting for KSN requests completion. In queue: 170
18:35:05.0743 0x0ad0  Waiting for KSN requests completion. In queue: 170
18:35:06.0774 0x0ad0  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\wmiav.exe ( 13.0.1.4190 ), 0x41000 ( enabled : updated )
18:35:06.0774 0x0ad0  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.6.305.0 ), 0x60100 ( disabled : updated )
18:35:06.0774 0x0ad0  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\wmifw.exe ( 13.0.1.4190 ), 0x41010 ( enabled )
18:35:09.0214 0x0ad0  ============================================================
18:35:09.0214 0x0ad0  Scan finished
18:35:09.0214 0x0ad0  ============================================================
18:35:09.0214 0x1dac  Detected object count: 0
18:35:09.0214 0x1dac  Actual detected object count: 0

Vielen Dank nochmal!

schrauber · 17.03.2015, 07:33

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

aubergine13 · 18.03.2015, 08:05

mbam

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 17.03.2015
Suchlauf-Zeit: 18:14:07
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.03.17.06
Rootkit Datenbank: v2015.02.25.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: Sony

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 417120
Verstrichene Zeit: 31 Min, 42 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 16
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In Quarantäne, [306ae85e92f8d462482886d5f2119967], 
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In Quarantäne, [306ae85e92f8d462482886d5f2119967], 
PUP.Optional.Snapdo.T, HKU\S-1-5-21-4200808153-2432618595-1589944039-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, In Quarantäne, [1e7c6bdb51399a9c27d0ed714eb5e51b], 
PUP.Optional.Snapdo.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}, In Quarantäne, [1e7c6bdb51399a9c27d0ed714eb5e51b], 
PUP.Optional.Babylon.A, HKU\S-1-5-21-4200808153-2432618595-1589944039-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, In Quarantäne, [d2c887bfe3a7ed497690b66c40c3f709], 
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\DataMngr, In Quarantäne, [f2a80d390981c076d680d8095da6ae52], 
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\eooncjejnppfjjklapaamhcdmjbilmde, In Quarantäne, [0a9064e2cebc5dd93deeac2008fb59a7], 
PUP.Optional.M2KDownloader.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\lbbbdmbjkgojacipgefbifkiebpcdjhn, In Quarantäne, [9604281e3b4f7eb8c574219d5ca727d9], 
PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-4200808153-2432618595-1589944039-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, In Quarantäne, [5a40083eb2d8a591884125ef18ed3ec2], 
PUP.Optional.BabylonToolBar.A, HKU\S-1-5-21-4200808153-2432618595-1589944039-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BabylonToolbar, In Quarantäne, [aaf08cbaa8e224120b0d7e99a164827e], 
PUP.Optional.DataMngr.A, HKU\S-1-5-21-4200808153-2432618595-1589944039-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr, In Quarantäne, [fc9e8cbaa1e91620cf89ac6715f00df3], 
PUP.Optional.DataMngr.A, HKU\S-1-5-21-4200808153-2432618595-1589944039-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr_Toolbar, In Quarantäne, [aeeccd79addd4ee8114653c0ea1b916f], 
PUP.Optional.Babylon.A, HKU\S-1-5-21-4200808153-2432618595-1589944039-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BABSOLUTION\Updater, In Quarantäne, [e0ba0a3c97f33ff775e6b262fd08b947], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-4200808153-2432618595-1589944039-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [8e0c61e5e9a148eef3acb548778c7c84], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-4200808153-2432618595-1589944039-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, In Quarantäne, [4f4be85ef09a8ea8cab1819248bdcf31], 
PUP.Optional.SnapDo.A, HKU\S-1-5-21-4200808153-2432618595-1589944039-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SMARTBAR, In Quarantäne, [5f3bd670860435011079dd209073e11f], 

Registrierungswerte: 5
PUP.Optional.SmartBar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, In Quarantäne, [2f6b1333d9b16cca3f6bf9d4af5415eb]
PUP.Optional.SmartBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, In Quarantäne, [dac01a2ce2a8fd3995155f6ebb48a858]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-4200808153-2432618595-1589944039-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0N2X1N, In Quarantäne, [4f4be85ef09a8ea8cab1819248bdcf31]
PUP.Optional.Snapdo.T, HKU\S-1-5-21-4200808153-2432618595-1589944039-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {006ee092-9658-4fd6-bd8e-a21a348e59f5}, In Quarantäne, [1189192df4964beb4f9020b6689b29d7]
PUP.Optional.SnapDo.A, HKU\S-1-5-21-4200808153-2432618595-1589944039-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SMARTBAR|publisher, SnapdoSoftonicYB, In Quarantäne, [5f3bd670860435011079dd209073e11f]

Registrierungsdaten: 1
PUP.Optional.SnapDo.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.snapdo.com/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=AT&userid=2992410f-63c4-43a7-81b8-b455226ebeb6&searchtype=ds&q={searchTerms}&installDate=14/08/2013, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=AT&userid=2992410f-63c4-43a7-81b8-b455226ebeb6&searchtype=ds&q={searchTerms}&installDate=14/08/2013),Ersetzt,[f9a165e1e8a2ea4c6711ca1639ccba46]

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 2
PUP.Optional.BabSolution.A, C:\Users\Sony\AppData\Roaming\BabSolution\Shared\BUSolution.dll, In Quarantäne, [1981172feb9f171f9b9497a125dcdd23], 
PUP.Optional.Babylon.A, C:\Windows\System32\Tasks\EPUpdater, In Quarantäne, [b6e4a6a07416e2548de789521de66c94], 

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

AdwCleaner

Code:

ATTFilter

# AdwCleaner v4.112 - Bericht erstellt 17/03/2015 um 19:11:00
# Aktualisiert 09/03/2015 von Xplode
# Datenbank : 2015-03-15.1 [Server]
# Betriebssystem : Windows 8  (x64)
# Benutzername : Sony - VAIO
# Gestarted von : C:\Users\Sony\Downloads\AdwCleaner_4.112.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Users\Sony\AppData\Local\PutLockerDownloader
Ordner Gelöscht : C:\Users\Sony\AppData\Local\Hola
Ordner Gelöscht : C:\Users\Sony\AppData\Roaming\BabSolution
Ordner Gelöscht : C:\Users\Sony\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Sony\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movie2KDownloader.com

***** [ Geplante Tasks ] *****

Task Gelöscht : EPUpdater

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Movie2KDownloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\5b53d6dae63bb914
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\BABSOLUTION
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Tarma Installer
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467

***** [ Internetbrowser ] *****

-\\ Internet Explorer v10.0.9200.17267


-\\ Mozilla Firefox v36.0.1 (x86 de)


-\\ Google Chrome v41.0.2272.89


*************************

AdwCleaner[R0].txt - [2800 Bytes] - [17/03/2015 19:08:21]
AdwCleaner[S0].txt - [2601 Bytes] - [17/03/2015 19:11:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2660  Bytes] ##########

JRT

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.5 (03.17.2015:1)
OS: Windows 8 x64
Ran by Sony on 17.03.2015 at 22:00:53,54
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.03.2015 at  2:05:59,02
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Sony (administrator) on VAIO on 18-03-2015 07:52:39
Running from C:\Users\Sony\Desktop
Loaded Profiles: Sony (Available profiles: Sony & Gast)
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Memeo) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
(iolo technologies, LLC) C:\Program Files\Sony\VAIO Care\Iolo\ioloTools.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1230992 2012-09-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1230992 2012-09-27] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-09-27] (Synaptics Incorporated)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-17] (Sony Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2014-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [299648 2012-07-24] (McAfee, Inc.)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe [24504 2013-05-04] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [703888 2013-06-19] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5562736 2014-12-02] (Western Digital Technologies, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\...\MountPoints2: {3a0d5222-d80e-11e3-bf34-84a6c876074f} - "E:\OpenFiles.exe" 
HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\...\MountPoints2: {7493dba2-b57b-11e2-beda-84a6c876074f} - "F:\WD SmartWare.exe" autoplay=true
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDSmartWare.lnk
ShortcutTarget: WDSmartWare.lnk -> C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
Startup: C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk /m /P \Device\HarddiskVolume14autocheck autochk * 

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}
HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-12-10] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-05-23] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-29] (Oracle Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll [2013-12-10] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-29] (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll [2013-12-10] (Kaspersky Lab ZAO)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\Sony\MSS\3.8.141\McAfeeMSS_IE.dll [2014-01-16] (McAfee, Inc.)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-12-10] (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-05-23] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-23] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll [2013-12-10] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-23] (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll [2013-12-10] (Kaspersky Lab ZAO)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\fv3iurqu.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll [2012-09-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-09-29] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-07-25] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-07-25] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-23] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll [2014-01-16] (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2013-05-05] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-09-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4200808153-2432618595-1589944039-1001: @hola.org/vlc,version=1.7.49 -> C:\Users\Sony\AppData\Local\Hola\firefox\app\vlc [2015-03-17] ()
FF Extension: Hola Better Internet - C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\fv3iurqu.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2015-02-27]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013-05-04]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Kaspersky виртуелна тастатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013-05-04]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Gevaarlijke websiteblokkering - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013-05-04]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013-05-04]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013-05-04]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
CHR Profile: C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-30]
CHR Extension: (Google Docs) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-30]
CHR Extension: (Google Drive) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-30]
CHR Extension: (YouTube) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-30]
CHR Extension: (Google Search) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-30]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2015-01-30]
CHR Extension: (Google Sheets) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-30]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-16]
CHR Extension: (Kaspersky Protection) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh [2015-01-30]
CHR Extension: (Google Wallet) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-30]
CHR Extension: (Gmail) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-30]
CHR Extension: (Anti-Banner) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2015-01-30]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-08-17]
CHR HKLM-x32\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - https://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-08-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-13] (Kaspersky Lab ZAO)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [220856 2012-07-24] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [220856 2012-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218320 2012-06-22] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [177144 2012-06-22] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-09-24] ()
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [639576 2013-05-10] (Sony Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-08-08] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1642544 2014-02-28] (Sony Corporation)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-12-02] (Western Digital Technologies, Inc.)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [129536 2009-11-13] (WDC) [File not signed]
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-12-02] (Western Digital Technologies, Inc.)
R2 WDSmartWareBackgroundService; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16024 2015-01-31] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [1153840 2012-09-24] (Intel® Corporation)
S2 mfeicfcoreocp; C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-08-22] (Advanced Micro Devices, Inc.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132480 2012-10-01] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1337216 2012-10-01] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-10] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [92768 2014-05-23] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [627296 2014-05-23] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-12-10] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2013-10-13] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-13] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [50448 2013-05-04] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [177864 2015-02-17] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-18] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [169320 2012-06-22] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [300392 2012-06-22] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [513456 2012-06-22] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [752672 2012-06-22] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [335784 2012-06-22] (McAfee, Inc.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4309032 2012-10-10] (Intel Corporation)
R3 rimssne; C:\Windows\System32\drivers\rimssne64.sys [103424 2012-08-23] (REDC)
R3 risdsnxc; C:\Windows\System32\drivers\risdsnxc64.sys [104960 2012-08-23] (REDC)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-01-25] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-09-27] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [48096 2012-08-09] (Windows (R) Win 7 DDK provider)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52080 2013-06-19] (Cisco Systems, Inc.)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-18 07:52 - 2015-03-18 07:53 - 00027900 _____ () C:\Users\Sony\Desktop\FRST.txt
2015-03-18 07:42 - 2015-03-18 07:42 - 00000611 _____ () C:\Users\Sony\Desktop\JRT3.txt
2015-03-17 19:54 - 2015-03-17 19:54 - 01388672 _____ (Thisisu) C:\Users\Sony\Desktop\JRT.exe
2015-03-17 19:23 - 2015-03-17 19:23 - 00000000 ____D () C:\Users\Sony\AppData\Local\Hola
2015-03-17 19:13 - 2015-03-17 19:13 - 00002756 _____ () C:\Users\Sony\Desktop\AdwCleaner[S0].txt
2015-03-17 19:08 - 2015-03-17 19:11 - 00000000 ____D () C:\AdwCleaner
2015-03-17 19:07 - 2015-03-17 19:07 - 02171392 _____ () C:\Users\Sony\Downloads\AdwCleaner_4.112.exe
2015-03-17 19:06 - 2015-03-17 19:06 - 00005886 _____ () C:\Users\Sony\Desktop\mbam.txt
2015-03-17 18:12 - 2015-03-17 18:12 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-17 18:12 - 2015-03-17 18:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-03-17 18:12 - 2015-03-17 18:12 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-03-17 18:12 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-17 18:12 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-17 18:09 - 2015-03-17 18:10 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Sony\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-17 06:57 - 2015-03-17 06:57 - 00431664 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-16 18:14 - 2015-03-16 18:14 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Sony\Desktop\tdsskiller.exe
2015-03-16 17:06 - 2015-02-23 11:52 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-16 17:06 - 2015-02-23 11:52 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-16 17:06 - 2015-02-23 11:51 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-16 17:06 - 2015-02-23 11:51 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2015-03-16 17:06 - 2015-02-23 11:51 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-16 17:06 - 2015-02-23 11:51 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-16 17:06 - 2015-02-23 11:51 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2015-03-16 17:06 - 2015-02-23 11:50 - 19301888 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-16 17:06 - 2015-02-23 11:50 - 15410688 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-16 17:06 - 2015-02-23 11:50 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-16 17:06 - 2015-02-23 11:50 - 02656256 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-16 17:06 - 2015-02-23 11:50 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-03-16 17:06 - 2015-02-23 11:50 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-16 17:06 - 2015-02-23 11:50 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-16 17:06 - 2015-02-23 11:50 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-16 17:06 - 2015-02-23 11:50 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-16 17:06 - 2015-02-23 11:50 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-16 17:06 - 2015-02-23 11:50 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-03-16 17:06 - 2015-02-23 11:50 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-16 17:06 - 2015-02-23 11:50 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-16 17:06 - 2015-02-23 11:50 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-16 17:06 - 2015-02-23 11:50 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-16 17:06 - 2015-02-23 11:49 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-16 17:06 - 2015-02-23 10:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-16 17:06 - 2015-02-23 10:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2015-03-16 17:06 - 2015-02-23 09:51 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-03-16 17:06 - 2015-02-21 06:31 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-16 17:06 - 2015-02-21 06:31 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-16 17:06 - 2015-02-21 06:31 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-16 17:06 - 2015-02-21 06:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2015-03-16 17:06 - 2015-02-21 06:30 - 14380544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-16 17:06 - 2015-02-21 06:30 - 13768704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-16 17:06 - 2015-02-21 06:30 - 02864640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-16 17:06 - 2015-02-21 06:30 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-16 17:06 - 2015-02-21 06:30 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-03-16 17:06 - 2015-02-21 06:30 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-03-16 17:06 - 2015-02-21 06:30 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-16 17:06 - 2015-02-21 06:30 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-16 17:06 - 2015-02-21 06:30 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-16 17:06 - 2015-02-21 06:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-03-16 17:06 - 2015-02-21 06:30 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-16 17:06 - 2015-02-21 06:30 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-16 17:06 - 2015-02-21 06:30 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-16 17:06 - 2015-02-21 06:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-16 17:06 - 2015-02-21 06:29 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-16 17:06 - 2015-02-21 06:29 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-16 17:06 - 2015-02-21 06:29 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-16 17:06 - 2015-02-21 06:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-16 17:06 - 2015-02-21 06:07 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2015-03-16 17:06 - 2015-02-21 05:42 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-03-16 17:06 - 2015-02-21 04:00 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2015-03-16 17:06 - 2015-02-20 14:59 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-16 17:06 - 2015-02-20 12:56 - 00366592 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-16 17:06 - 2015-02-20 09:10 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-16 17:06 - 2015-02-20 08:24 - 00304128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-16 17:06 - 2015-01-29 09:45 - 06973248 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-16 17:06 - 2015-01-29 09:05 - 01627648 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-16 17:06 - 2015-01-29 07:19 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-16 17:06 - 2015-01-24 07:42 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-16 17:06 - 2015-01-24 06:00 - 00243712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-16 17:05 - 2015-03-06 08:39 - 00588800 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-03-16 17:05 - 2015-03-06 08:39 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-16 17:05 - 2015-03-06 06:48 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-03-16 17:05 - 2015-03-06 06:48 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-16 17:05 - 2015-02-26 05:35 - 04063232 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-16 17:05 - 2015-02-03 00:18 - 00569712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-16 17:04 - 2015-02-17 07:54 - 19777536 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-16 17:04 - 2015-02-17 06:13 - 17561600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-16 17:04 - 2015-01-31 14:48 - 00044024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-03-16 17:04 - 2015-01-31 06:55 - 00275712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-03-16 17:04 - 2015-01-24 07:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-16 17:04 - 2015-01-24 06:00 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-16 17:04 - 2015-01-24 05:31 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-16 17:04 - 2015-01-20 07:41 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-16 17:04 - 2015-01-20 06:10 - 00892416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-16 17:03 - 2015-02-13 00:18 - 00396419 _____ () C:\Windows\system32\ApnDatabase.xml
2015-03-16 15:25 - 2015-03-17 18:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-16 15:24 - 2015-03-18 02:27 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-16 15:24 - 2015-03-16 15:59 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-16 15:23 - 2015-03-16 15:59 - 00000000 ____D () C:\Users\Sony\Desktop\mbar
2015-03-16 15:23 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-16 15:22 - 2015-03-16 15:22 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Sony\Downloads\mbar-1.09.1.1004.exe
2015-03-16 13:23 - 2015-03-16 13:23 - 00380416 _____ () C:\Users\Sony\Desktop\Gmer-19357.exe
2015-03-16 13:23 - 2015-03-16 13:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-16 13:15 - 2015-03-16 13:15 - 00000000 ____D () C:\Users\Sony\Downloads\FRST-OlderVersion
2015-03-16 13:09 - 2015-03-16 13:11 - 00000470 _____ () C:\Users\Sony\Downloads\defogger_disable.log
2015-03-16 13:09 - 2015-03-16 13:09 - 00000000 _____ () C:\Users\Sony\defogger_reenable
2015-03-16 12:09 - 2015-03-16 12:09 - 00050477 _____ () C:\Users\Sony\Downloads\Defogger.exe
2015-03-04 22:03 - 2015-03-16 13:19 - 00046779 _____ () C:\Users\Sony\Downloads\Addition.txt
2015-03-04 21:58 - 2015-03-16 13:19 - 00043427 _____ () C:\Users\Sony\Downloads\FRST.txt
2015-03-04 21:57 - 2015-03-18 07:52 - 00000000 ____D () C:\FRST
2015-03-04 21:57 - 2015-03-16 13:15 - 02095616 _____ (Farbar) C:\Users\Sony\Desktop\FRST64.exe
2015-03-04 21:44 - 2015-03-04 21:44 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\Sony\Downloads\SpyHunter-Installer.exe
2015-03-04 20:56 - 2015-03-04 20:57 - 00013097 _____ () C:\Users\Sony\Downloads\webscr.htm
2015-02-28 00:01 - 2015-03-03 22:22 - 00000000 ____D () C:\ProgramData\Sony
2015-02-27 21:16 - 2015-02-27 21:16 - 00000000 ____D () C:\Users\Sony\Downloads\hola_firefox_ext_1.6.785_www
2015-02-27 21:15 - 2015-02-27 21:15 - 00986085 _____ () C:\Users\Sony\Downloads\hola_firefox_ext_1.6.785_www.zip
2015-02-27 21:14 - 2015-02-27 21:14 - 00000000 ____D () C:\Users\Sony\AppData\Local\Macromedia
2015-02-27 21:12 - 2015-03-16 22:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-27 21:12 - 2015-03-03 22:22 - 00000000 ____D () C:\Users\Sony\AppData\Local\Mozilla
2015-02-27 21:12 - 2015-02-27 21:12 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-27 21:12 - 2015-02-27 21:12 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-02-27 21:12 - 2015-02-27 21:12 - 00000000 ____D () C:\ProgramData\Mozilla
2015-02-27 21:11 - 2015-02-27 21:11 - 00243576 _____ () C:\Users\Sony\Downloads\Firefox Setup Stub 36.0.exe
2015-02-26 08:19 - 2015-01-09 07:43 - 00951808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2015-02-26 08:19 - 2015-01-09 06:03 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2015-02-26 08:19 - 2015-01-09 00:52 - 00478296 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-26 08:19 - 2015-01-09 00:52 - 00478296 _____ () C:\Windows\system32\locale.nls
2015-02-25 21:50 - 2015-03-02 22:10 - 00002848 _____ () C:\Windows\DtcInstall.log
2015-02-25 21:44 - 2015-03-02 22:05 - 00006281 _____ () C:\Windows\comsetup.log
2015-02-21 18:15 - 2015-02-21 18:15 - 00000000 ____D () C:\Users\Sony\AppData\Local\Steam
2015-02-21 17:35 - 2015-03-02 22:11 - 02082155 _____ () C:\Windows\setupact.log
2015-02-21 17:35 - 2015-02-21 17:35 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-18 07:16 - 2015-02-18 07:17 - 00295296 _____ () C:\Windows\Minidump\021815-83343-01.dmp
2015-02-18 07:16 - 2015-02-18 07:16 - 515714717 _____ () C:\Windows\MEMORY.DMP

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-18 07:40 - 2014-11-07 22:40 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-18 07:17 - 2013-05-05 10:09 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-18 07:00 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru
2015-03-18 02:19 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\rescache
2015-03-18 01:00 - 2013-05-04 16:08 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-03-17 19:17 - 2013-05-05 10:09 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-17 19:13 - 2015-01-21 08:14 - 00008192 _____ () C:\Windows\SysWOW64\WDPABKP.dat
2015-03-17 19:12 - 2015-01-27 21:18 - 00002012 _____ () C:\Windows\PFRO.log
2015-03-17 19:12 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-17 19:11 - 2012-09-29 02:24 - 01532842 _____ () C:\Windows\WindowsUpdate.log
2015-03-17 18:59 - 2012-07-26 08:59 - 00000000 ____D () C:\Windows\CbsTemp
2015-03-16 22:22 - 2012-07-26 09:12 - 00000000 ___RD () C:\Windows\ToastData
2015-03-16 22:22 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-16 22:22 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-16 22:22 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\WinStore
2015-03-16 22:22 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-16 22:22 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-16 17:34 - 2013-05-05 10:33 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-16 17:28 - 2013-08-15 13:25 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-16 17:18 - 2013-05-05 17:34 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-16 13:09 - 2013-01-04 13:35 - 00000000 ____D () C:\Users\Sony
2015-03-16 11:36 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-03-16 10:08 - 2012-09-29 02:53 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2015-03-16 10:08 - 2012-09-29 02:53 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2015-03-16 10:08 - 2012-07-26 08:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-04 22:24 - 2014-11-17 15:48 - 00791496 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-04 22:24 - 2014-11-17 15:48 - 00177608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-04 21:34 - 2014-10-20 10:40 - 00000000 ____D () C:\Users\Sony\Documents\HUK24
2015-03-04 21:23 - 2014-11-21 22:57 - 00000000 ___HD () C:\$Windows.~BT
2015-03-03 22:34 - 2014-12-11 22:59 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-03 22:34 - 2014-10-31 13:12 - 00000000 ____D () C:\Windows\system32\AutoUpdateLicense
2015-03-03 22:34 - 2014-08-26 18:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-03-03 22:34 - 2014-07-17 19:07 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-03 22:34 - 2013-05-22 22:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2015-03-03 22:34 - 2013-05-22 21:53 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2015-03-03 22:34 - 2013-05-22 21:49 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Main
2015-03-03 22:34 - 2013-05-10 08:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-03-03 22:34 - 2013-01-04 13:42 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-03 22:34 - 2013-01-04 13:42 - 00000000 ____D () C:\Users\Gast
2015-03-03 22:34 - 2013-01-04 13:36 - 00000000 ____D () C:\Windows\SysWOW64\VAIO Startup Setting Tool
2015-03-03 22:34 - 2013-01-04 13:35 - 00000000 ___RD () C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-03 22:34 - 2012-09-29 03:11 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-03 22:34 - 2012-09-29 03:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 8
2015-03-03 22:34 - 2012-09-29 02:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
2015-03-03 22:34 - 2012-09-29 02:17 - 00000000 ____D () C:\Windows\SysWOW64\SDA
2015-03-03 22:34 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
2015-03-03 22:34 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\en-GB
2015-03-03 22:34 - 2012-07-26 08:52 - 00000000 ____D () C:\Windows\ShellNew
2015-03-03 22:34 - 2012-07-26 06:38 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-03-03 22:31 - 2015-01-25 19:40 - 00000000 __RHD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
2015-03-03 22:31 - 2015-01-21 08:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD SmartWare
2015-03-03 22:31 - 2015-01-01 20:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-03-03 22:31 - 2015-01-01 14:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-03-03 22:31 - 2015-01-01 13:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2015-03-03 22:31 - 2015-01-01 13:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2015-03-03 22:31 - 2014-10-31 17:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2015-03-03 22:31 - 2014-10-10 08:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-03-03 22:31 - 2014-05-12 18:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DeLano Scientific
2015-03-03 22:31 - 2014-01-04 12:56 - 00000000 ____D () C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-03-03 22:31 - 2014-01-02 19:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-03 22:31 - 2013-12-10 07:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2015-03-03 22:31 - 2013-09-29 09:27 - 00000000 ____D () C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-03 22:31 - 2013-08-14 11:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-03-03 22:31 - 2013-06-09 18:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-03-03 22:31 - 2013-05-12 13:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-03-03 22:31 - 2013-05-12 13:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Scan
2015-03-03 22:31 - 2013-05-10 08:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect
2015-03-03 22:31 - 2013-05-05 17:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChemOffice 2002
2015-03-03 22:31 - 2013-05-05 10:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-03 22:31 - 2012-09-29 02:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel AppUp(SM) center
2015-03-03 22:30 - 2012-08-22 02:30 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-03-03 22:26 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\registration
2015-03-03 22:25 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\spool
2015-03-03 22:25 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\Resources
2015-03-03 22:23 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\Help
2015-03-03 22:22 - 2013-05-09 16:07 - 00000000 ____D () C:\Users\Sony\AppData\Roaming\Mozilla
2015-03-03 22:22 - 2013-05-05 10:09 - 00000000 ____D () C:\Users\Sony\AppData\Local\Google
2015-03-03 22:22 - 2013-05-04 16:08 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2015-03-03 22:22 - 2013-01-04 13:35 - 00000000 ____D () C:\Users\Sony\AppData\Roaming\Intel
2015-03-03 22:22 - 2012-09-29 02:49 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-03 22:22 - 2012-09-29 02:28 - 00000000 ____D () C:\ProgramData\McAfee
2015-03-03 22:22 - 2012-09-29 02:16 - 00000000 ____D () C:\ProgramData\Intel
2015-03-03 22:22 - 2012-09-29 02:00 - 00000000 ____D () C:\ProgramData\Sony Corporation
2015-03-03 22:22 - 2012-07-26 09:12 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-03-03 22:22 - 2012-07-26 09:12 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-03-03 22:22 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AppCompat
2015-03-03 22:22 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-03-03 22:11 - 2012-09-29 04:02 - 00000000 ____D () C:\Windows\system32\%AppData%
2015-03-03 22:11 - 2012-09-29 02:52 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2015-03-03 22:11 - 2012-09-29 02:52 - 00000000 ____D () C:\Windows\SysWOW64\sysprep
2015-03-03 22:11 - 2012-09-29 02:52 - 00000000 ____D () C:\Windows\system32\WCN
2015-03-03 22:11 - 2012-08-03 03:25 - 00000000 ____D () C:\ProgramData\PRICache
2015-03-03 22:11 - 2012-07-26 09:18 - 00000000 ____D () C:\Windows\DigitalLocker
2015-03-03 22:11 - 2012-07-26 06:38 - 00000000 ____D () C:\Windows\SysWOW64\SMI
2015-03-03 21:36 - 2014-09-15 18:11 - 00000000 __SHD () C:\Recovery
2015-03-02 18:10 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2015-02-28 00:02 - 2012-09-29 02:54 - 00000000 ____D () C:\Program Files\Sony
2015-02-28 00:02 - 2012-09-29 02:31 - 00000000 ____D () C:\Program Files (x86)\Sony
2015-02-27 08:24 - 2014-09-14 16:23 - 00129543 _____ () C:\Windows\diagwrn.xml
2015-02-27 08:24 - 2014-09-14 16:23 - 00129543 _____ () C:\Windows\diagerr.xml
2015-02-25 21:52 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-02-23 08:41 - 2014-11-10 18:40 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-02-23 08:41 - 2014-11-10 18:40 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-23 08:41 - 2014-01-02 19:00 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-22 21:10 - 2013-01-11 09:38 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4200808153-2432618595-1589944039-1001
2015-02-21 17:35 - 2012-09-29 02:07 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-02-20 11:14 - 2013-08-09 16:24 - 00000000 ____D () C:\Users\Sony\AppData\Roaming\Skype
2015-02-19 21:07 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-18 07:16 - 2013-04-20 16:23 - 00000000 ____D () C:\Windows\Minidump
2015-02-17 20:06 - 2012-08-13 15:49 - 00177864 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys

==================== Files in the root of some directories =======

2012-09-29 02:08 - 2012-09-29 02:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Sony\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.812.exe
C:\Users\Sony\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.7.49.exe
C:\Users\Sony\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.7.5.exe
C:\Users\Sony\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Sony\AppData\Local\Temp\Quarantine.exe
C:\Users\Sony\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Sony\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-16 12:00

==================== End Of Log ============================

--- --- ---

--- --- ---

Addition

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Sony at 2015-03-18 07:53:35
Running from C:\Users\Sony\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{ECCD7F0B-2256-9B71-5B9D-3E78A4E6DF00}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Build-a-lot: On Vacation (x32 Version: 2.2.0.110 - WildTangent) Hidden
calibre (HKLM-x32\...\{C727544A-23E0-41A8-9901-2353CE3FE62A}) (Version: 2.14.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
ChemDraw Ultra 7.0 (HKLM-x32\...\{B1C145A4-E36E-4ABB-A8FA-EBD5168AFB45}) (Version: 7.0 - CambridgeSoft Corporation)
Chronicles of Albian (x32 Version: 2.2.0.110 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04059 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04059 - Cisco Systems, Inc.) Hidden
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Cubic Castles (HKLM-x32\...\Steam App 317470) (Version:  - Cosmic Cow LLC)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1923 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.5601.52 - CyberLink Corp.)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Echoes+ (HKLM-x32\...\Steam App 338000) (Version:  - Binary Zoo)
EPSON Copy Utility 3 (HKLM-x32\...\{67EDD823-135A-4D59-87BD-950616D6E857}) (Version: 3.2.0.0 - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.89 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Heroes of Hellas 3: Athens (x32 Version: 2.2.0.110 - WildTangent) Hidden
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 38645) (Version: 03.05.11 - Intel)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3097 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{E77289CF-12B9-4CAB-A49E-FEAE947F4D95}) (Version: 15.5.4.0423 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{DA2600C1-6BDF-4FD1-8F3D-148929CC1385}) (Version: 2.6.1210.0278 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.3.1004 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{EDBA2433-0910-4C72-8C5B-8FEDAE3EF18E}) (Version: 3.5.34.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{1593C708-5535-47A4-8C0F-F8D4BE2B4560}) (Version: 15.05.6000.1620 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java(TM) 7 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417005FF}) (Version: 7.0.50 - Oracle)
Kaspersky Internet Security 2013 (HKLM-x32\...\InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}) (Version: 13.0.1.4190 - Kaspersky Lab)
Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab) Hidden
KUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Luxor HD (x32 Version: 2.2.0.110 - WildTangent) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 36.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Networkx64 (Version: 1.0.0 - Sony Corporation) Hidden
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayMemories Home (HKLM-x32\...\{10DD6128-A810-4A90-9523-475D573FBB37}) (Version: 6.3.02.07270 - Sony Corporation)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
PyMOL (HKLM-x32\...\PyMOL) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6748 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.2.0.09270 - Sony Corporation) Hidden
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
SES Driver (HKLM\...\{D8CC254C-C671-4664-9A38-FA368D1E2C97}) (Version: 1.0.0 - Western Digital)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SPEEDLINK Strike 2 Gamepad (HKLM-x32\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.08.17 - )
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.16.2 - Synaptics Incorporated)
The Way of Life (HKLM-x32\...\Steam App 310370) (Version:  - Fabio Ferrara)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VAIO - Remote-Tastatur (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.2.0.09270 - Sony Corporation)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.0.1.10180 - Sony Corporation)
VAIO Care (HKLM\...\{EF649526-0134-46A8-8DF3-D7F9309E48DB}) (Version: 8.4.2.12046 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.0.0.08200 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.10.0.07270 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{14AC95A2-7675-4988-A5BD-3F5B943AED08}) (Version: 3.0.1.02270 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 3.0.0.08060 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.0.0.08240 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.0.0.08240 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.0.00.08170 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.0.00.08170 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.0.0.08090 - Sony Corporation)
VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.0.0.08240 - Sony Corporation)
VAIO Movie Creator Template Data (HKLM-x32\...\InstallShield_{00A663F1-6C03-48CA-8E85-55806AAE2615}) (Version: 4.0.00.08170 - Sony Corporation)
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VAIO*CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 3.0.0.08100 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.8.0.08212 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WD Quick View (HKLM-x32\...\{C58994CF-D15D-41E3-A03B-587B39EAA903}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{142D42E3-07A9-4AAC-BD3B-636392891706}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{604CB4FC-3D32-405F-A109-165F170529B6}) (Version: 1.2.0.8 - Western Digital)
WD SmartWare Installer (HKLM-x32\...\{1891b882-48f7-442d-98d0-c1ce533f25bd}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)
WildTangent Games App (x32 Version: 4.0.10.16 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent sony Master Uninstall) (Version: 1.0.3.0 - WildTangent)
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM  (01/19/2011 1.0.0009.0) (HKLM\...\4CA7CFBB29889F25ACB3DF6E3A42BAE29EB43B20) (Version: 01/19/2011 1.0.0009.0 - Western Digital Technologies)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

28-02-2015 19:06:03 Windows Update
04-03-2015 06:52:00 Windows Update
16-03-2015 11:55:54 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {033926BC-D1DC-450E-A67E-CAEB44D68CBF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {08C928A8-465F-43ED-BF66-6CB787577FFD} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {1821ED72-9CFE-40D5-822A-216F500107A9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-05] (Google Inc.)
Task: {209791FE-08F2-4E7B-9639-FC2E412BA8B5} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {2C5C339F-B005-4311-BC8A-B842A9F6D1A8} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {3E37D3B8-949E-4204-B537-57641289C7D9} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {3F24E3C1-D826-4966-961F-3C7B4E6E4298} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-03-16] (Microsoft Corporation)
Task: {3FC01EDE-9ECC-4821-A8A4-5762C008AC35} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-08-09] (Sony Corporation)
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - \Microsoft\Windows\Live\Roaming\SynchronizeWithStorage No Task File <==== ATTENTION
Task: {502975AC-39CF-4CD2-907E-2DD781A8BB61} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {509970C4-405E-4741-99B1-30C1C19A0DB6} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {50A86B07-41BA-4A7B-BE7B-11FA3654757F} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {53535DE2-A241-4B52-9039-B586210716A9} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {598F7663-FBE5-4E62-A5FD-AE83F493E8B0} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {6348E911-629D-435B-83D2-4CE024AA9BDA} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {6F06C696-C240-4060-8BE3-33E014FE735B} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {76DCFFD1-437C-4B95-BA02-E9C91512370D} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {77558AC1-3E5A-4468-80C6-058C7F41C289} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {7DFE9077-11E8-4A18-8057-B0376141BDFB} - System32\Tasks\Sony Corporation\VAIO Care\UpdateContacts => %ProgramData%\Sony Corporation\VAIO Care\UpdateContacts.exe
Task: {97849117-CB78-414A-B6F3-1C0BFD082478} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - \Microsoft\Windows\Live\Roaming\MaintenanceTask No Task File <==== ATTENTION
Task: {A8411474-9BBA-4D22-9D69-AC03C0DE5BB7} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-08-04] (Sony Corporation)
Task: {AC7EECA3-B343-4825-8F9A-DBA52BD60DD0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {AE72F5AF-4A7E-4415-9CD2-9EE89B8D21D7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-05] (Google Inc.)
Task: {AE900FF6-533D-4B5C-B58D-72A4245C7C46} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {AEFABA6E-F5F4-4361-81C3-E5CCE28679D6} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2012-10-19] (Sony Corporation)
Task: {BE932753-C6C2-4945-90E3-6EEC8319154E} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)
Task: {BEC773D4-8A54-4381-AE9E-9D6C040C6D39} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {C933BDDD-5D2F-4EDC-97F5-DA56432C4456} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {CBD6F0A6-A41A-4AF6-90D2-F6163BC30FD2} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2013-02-21] (Sony Corporation)
Task: {D6898C93-2CAA-4AF4-BA4E-D3ED77D839CB} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {E49BB4E5-806F-4520-8D96-1464C47E1E2C} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {F224C9DF-3FE4-4822-A3B4-D77EDB241825} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-12-03] (Sony Corporation)
Task: {F47A67B8-AFBB-49D3-954F-B59ED9472E54} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {F56253D4-6E87-4DD2-B227-612E6F364047} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)
Task: {FC4F7893-A09A-413C-B16F-2CC592151936} - System32\Tasks\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-07-31] (Sony Corporation)
Task: {FE0FF93E-8860-413E-9242-8C2ECF459C11} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2012-08-23 17:25 - 2012-08-22 14:05 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-06 10:54 - 2012-08-06 10:54 - 00369664 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-11-19 10:21 - 2013-11-19 10:21 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2013-06-19 16:00 - 2013-06-19 16:00 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-17 20:39 - 2013-05-04 16:19 - 01310136 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll
2012-09-29 02:52 - 2012-06-25 14:47 - 00891392 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll
2012-09-29 02:52 - 2012-06-25 14:47 - 02281984 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll
2012-09-29 02:52 - 2012-06-25 14:47 - 00015872 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2012-09-29 02:52 - 2012-06-25 14:47 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2012-09-29 02:52 - 2012-06-25 14:47 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2012-09-29 02:52 - 2012-06-25 14:47 - 00339456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll
2012-09-29 02:52 - 2012-06-25 14:47 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2012-09-29 02:52 - 2012-06-25 14:47 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2012-09-29 02:52 - 2012-06-25 14:47 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2012-09-29 02:52 - 2012-06-25 14:47 - 00443904 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2012-09-29 02:52 - 2012-06-25 14:47 - 00019456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2012-09-29 02:52 - 2012-06-25 14:47 - 00060928 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2012-08-17 20:38 - 2012-08-17 20:38 - 00479160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
2012-09-29 03:03 - 2012-06-08 04:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 10:34 - 2012-06-08 10:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2012-09-29 02:16 - 2012-07-25 03:52 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-11-19 10:21 - 2013-11-19 10:21 - 00347136 _____ () C:\Program Files\Sony\VAIO Care\Iolo\vosges.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sony\Pictures\Urlaub Malaga\Felix\CIMG9423.JPG
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "WDDMStatus.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WDSmartWare.lnk"
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "mcpltui_exe"
HKLM\...\StartupApproved\Run32: => "WD Quick View"
HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\...\StartupApproved\Run: => "Skype"

==================== Accounts: =============================

Administrator (S-1-5-21-4200808153-2432618595-1589944039-500 - Administrator - Disabled)
Gast (S-1-5-21-4200808153-2432618595-1589944039-501 - Limited - Disabled) => C:\Users\Gast
Sony (S-1-5-21-4200808153-2432618595-1589944039-1001 - Administrator - Enabled) => C:\Users\Sony

==================== Faulty Device Manager Devices =============

Name: USB-IF xHCI USB Host Controller
Description: USB-IF xHCI USB Host Controller
Class Guid: {8a2edc79-c759-46f2-88af-9d4efe3b5eee}
Manufacturer: Intel Corporation
Service: XHCIPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 52%
Total physical RAM: 3968.39 MB
Available physical RAM: 1875.96 MB
Total Pagefile: 8064.39 MB
Available Pagefile: 5362.43 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:434.36 GB) (Free:339.29 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 4CC9783F)

Partition: GPT Partition Type.

==================== End Of Log ============================

Dankeschön

schrauber · 18.03.2015, 17:14

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

aubergine13 · 22.03.2015, 11:16

Hallo Schrauber,

Sorry für die verspätete Antwort. War die Woche über busy.

Hier kommt das ESET log-file

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=6b41bfd31538d0488d52d2ef7ec2095b
# engine=22977
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-03-19 06:37:11
# local_time=2015-03-19 07:37:11 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1291 16777213 100 98 38125 81516953 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 209691 86253142 0 0
# scanned=33925
# found=1
# cleaned=0
# scan_time=821
sh=58495F0458EDDC16D9A14A6E84CEE9C61AAE5E52 ft=1 fh=85d80dff1da9eafb vn="Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Sony\AppData\Roaming\BabSolution\Shared\BabMaint.exe.vir"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=6b41bfd31538d0488d52d2ef7ec2095b
# engine=23016
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-03-21 09:34:04
# local_time=2015-03-21 10:34:04 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1291 16777213 100 98 193955 81743566 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 10410094 51854937 0 0
# scanned=293044
# found=1
# cleaned=0
# scan_time=15699
sh=58495F0458EDDC16D9A14A6E84CEE9C61AAE5E52 ft=1 fh=85d80dff1da9eafb vn="Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Sony\AppData\Roaming\BabSolution\Shared\BabMaint.exe.vir"

hier kommt das checkup file

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.97  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Kaspersky Internet Security   
Windows Defender              
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 71  
 Java 8 Update 31  
 Java version 32-bit out of Date! 
  Java 64-bit 8 Update 31  
 Adobe Flash Player 	16.0.0.305  
 Adobe Reader 10.1.12 Adobe Reader out of Date!  
 Mozilla Firefox (36.0.3) 
 Google Chrome (41.0.2272.101) 
 Google Chrome (41.0.2272.89) 
````````Process Check: objlist.exe by Laurent````````  
 Kaspersky Lab Kaspersky Internet Security 2013 avp.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````

FRST

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Sony (administrator) on VAIO on 22-03-2015 11:11:56
Running from C:\Users\Sony\Desktop
Loaded Profiles: Sony (Available profiles: Sony & Gast)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Memeo) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
() C:\Users\Sony\Desktop\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17246_none_fa4ae8e99b1f603c\TiWorker.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1230992 2012-09-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1230992 2012-09-27] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-09-27] (Synaptics Incorporated)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-17] (Sony Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2014-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [299648 2012-07-24] (McAfee, Inc.)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe [24504 2013-05-04] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [703888 2015-03-19] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5562736 2014-12-02] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\...\MountPoints2: {7493dba2-b57b-11e2-beda-84a6c876074f} - "F:\WD SmartWare.exe" autoplay=true
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDSmartWare.lnk
ShortcutTarget: WDSmartWare.lnk -> C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
Startup: C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}
HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}
HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001 -> {B2F3B569-0312-447A-8D01-175A19D55F59} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q312&_nkw={searchTerms}
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-12-10] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-05-23] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-29] (Oracle Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll [2013-12-10] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-29] (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll [2013-12-10] (Kaspersky Lab ZAO)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\Sony\MSS\3.8.141\McAfeeMSS_IE.dll [2014-01-16] (McAfee, Inc.)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-12-10] (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-05-23] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-23] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll [2013-12-10] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-23] (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll [2013-12-10] (Kaspersky Lab ZAO)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\fv3iurqu.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll [2012-09-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-09-29] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-07-25] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-07-25] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-23] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll [2014-01-16] (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2013-05-05] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-09-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4200808153-2432618595-1589944039-1001: @hola.org/vlc,version=1.7.78 -> C:\Users\Sony\AppData\Local\Hola\firefox\app\vlc [2015-03-19] ()
FF Extension: Hola Better Internet - C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\fv3iurqu.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2015-02-27]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013-05-04]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Kaspersky виртуелна тастатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013-05-04]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Gevaarlijke websiteblokkering - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013-05-04]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013-05-04]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013-05-04]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
CHR Profile: C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-30]
CHR Extension: (Google Docs) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-30]
CHR Extension: (Google Drive) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-30]
CHR Extension: (YouTube) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-30]
CHR Extension: (Google Search) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-30]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2015-01-30]
CHR Extension: (Google Sheets) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-30]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-16]
CHR Extension: (Kaspersky Protection) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh [2015-01-30]
CHR Extension: (Google Wallet) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-30]
CHR Extension: (Gmail) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-30]
CHR Extension: (Anti-Banner) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2015-01-30]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-08-17]
CHR HKLM-x32\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - https://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-08-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-13] (Kaspersky Lab ZAO)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-25] (Intel Corporation)
S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [220856 2012-07-24] (McAfee, Inc.)
S2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [220856 2012-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218320 2012-06-22] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [177144 2012-06-22] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-09-24] ()
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [639576 2013-05-10] (Sony Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-08-08] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1642544 2014-02-28] (Sony Corporation)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-12-02] (Western Digital Technologies, Inc.)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [129536 2009-11-13] (WDC) [File not signed]
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-12-02] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-11-21] (Microsoft Corporation)
R2 WDSmartWareBackgroundService; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-11-21] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [1153840 2012-09-24] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [37472 2013-02-14] (Advanced Micro Devices, Inc.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1337216 2012-10-01] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-10] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [627296 2014-05-23] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-12-10] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2013-10-13] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-13] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [50448 2013-05-04] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [177864 2015-02-17] (Kaspersky Lab ZAO)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [169320 2012-06-22] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [300392 2012-06-22] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [513456 2012-06-22] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [752672 2012-06-22] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [335784 2012-06-22] (McAfee, Inc.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
R3 rimssne; C:\Windows\System32\drivers\rimssne64.sys [103424 2012-08-23] (REDC)
R3 risdsnxc; C:\Windows\System32\drivers\risdsnxc64.sys [104960 2012-08-23] (REDC)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-01-25] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-09-27] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52080 2013-06-19] (Cisco Systems, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-11-21] (Microsoft Corporation)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-22 11:11 - 2015-03-22 11:11 - 00026506 _____ () C:\Users\Sony\Desktop\FRST.txt
2015-03-22 10:43 - 2015-03-22 10:43 - 00852604 _____ () C:\Users\Sony\Desktop\SecurityCheck.exe
2015-03-22 10:32 - 2015-03-22 10:32 - 00000808 _____ () C:\WINDOWS\PFRO.log
2015-03-21 10:28 - 2015-03-21 10:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-20 22:53 - 2015-03-20 22:53 - 00000797 _____ () C:\WINDOWS\setupact.log
2015-03-20 22:53 - 2015-03-20 22:53 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-03-20 15:22 - 2015-03-20 15:22 - 00000000 ____D () C:\Users\Sony\wekafiles
2015-03-20 13:55 - 2015-03-20 13:56 - 03082735 _____ () C:\Users\Sony\Downloads\Calibration(1).zip
2015-03-20 13:52 - 2015-03-20 14:41 - 00000254 _____ () C:\Users\Sony\.ImageJ_3D_Viewer.props
2015-03-19 17:42 - 2015-03-19 17:42 - 00000000 ____D () C:\ProgramData\ATI
2015-03-19 17:34 - 2015-03-19 17:38 - 00000000 ____D () C:\Program Files\ATI Technologies
2015-03-19 17:25 - 2015-03-19 17:30 - 248442448 _____ (Sony Corporation) C:\EP0000302733.exe
2015-03-19 16:49 - 2015-03-19 16:49 - 00000885 _____ () C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2015-03-19 16:49 - 2015-03-19 16:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2015-03-19 16:49 - 2015-03-19 16:49 - 00000000 ____D () C:\Program Files\CPUID
2015-03-19 16:47 - 2015-03-19 16:47 - 01582736 _____ ( ) C:\Users\Sony\Downloads\cpu-z_1.72_en.exe
2015-03-19 10:57 - 2015-03-19 10:57 - 00000000 ____D () C:\Users\Sony\.imagej
2015-03-19 10:52 - 2015-03-20 17:02 - 00000000 ____D () C:\Users\Sony\Desktop\fiji-win64
2015-03-19 10:48 - 2015-03-22 10:40 - 00003910 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{22F50FE3-B9A7-4387-B66D-928BE36B8C8F}
2015-03-19 10:48 - 2015-03-19 10:48 - 00000000 __SHD () C:\Users\Sony\AppData\Local\EmieUserList
2015-03-19 10:48 - 2015-03-19 10:48 - 00000000 __SHD () C:\Users\Sony\AppData\Local\EmieSiteList
2015-03-19 10:48 - 2015-03-19 10:48 - 00000000 __SHD () C:\Users\Sony\AppData\Local\EmieBrowserModeList
2015-03-19 10:35 - 2015-03-19 10:35 - 00001454 _____ () C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-19 10:34 - 2015-03-19 10:34 - 00000020 ___SH () C:\Users\Sony\ntuser.ini
2015-03-19 10:33 - 2015-03-19 10:33 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-03-19 10:33 - 2015-03-19 10:33 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-03-19 10:33 - 2015-03-19 10:33 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-03-19 10:33 - 2015-03-19 10:33 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-03-19 10:33 - 2015-03-19 10:33 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-03-19 10:33 - 2015-03-19 10:33 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-03-19 10:33 - 2015-03-19 10:33 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-03-19 10:33 - 2015-03-19 10:33 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-03-19 10:33 - 2015-03-19 10:33 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-03-19 10:33 - 2015-03-19 10:33 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-03-19 10:33 - 2015-03-19 10:33 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-03-19 10:33 - 2015-03-19 10:33 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-03-19 10:33 - 2015-03-19 10:33 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-03-19 10:33 - 2015-03-19 10:33 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-03-19 10:33 - 2015-03-19 10:33 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-03-19 10:33 - 2015-03-19 10:33 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-03-19 10:33 - 2015-03-19 10:33 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-03-19 10:31 - 2015-03-19 10:31 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-03-19 10:13 - 2015-03-19 10:13 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2015-03-19 10:13 - 2015-03-19 10:13 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2015-03-19 10:12 - 2015-03-19 10:12 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-19 10:02 - 2015-03-19 10:02 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2015-03-19 10:00 - 2015-03-20 15:22 - 00000000 ____D () C:\Users\Sony
2015-03-19 10:00 - 2015-03-19 10:31 - 00036198 _____ () C:\WINDOWS\diagwrn.xml
2015-03-19 10:00 - 2015-03-19 10:31 - 00036198 _____ () C:\WINDOWS\diagerr.xml
2015-03-19 10:00 - 2015-03-19 10:26 - 00000000 ____D () C:\Users\Gast
2015-03-19 10:00 - 2015-03-19 10:02 - 00000000 ___RD () C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-19 10:00 - 2015-03-19 10:01 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Sony\Vorlagen
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Sony\Startmenü
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Sony\Netzwerkumgebung
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Sony\Lokale Einstellungen
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Sony\Eigene Dateien
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Sony\Druckumgebung
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Sony\Documents\Eigene Musik
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Sony\Documents\Eigene Bilder
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Sony\AppData\Local\Verlauf
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Sony\AppData\Local\Anwendungsdaten
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Sony\Anwendungsdaten
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Gast\Vorlagen
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Gast\Startmenü
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Gast\Netzwerkumgebung
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Gast\Lokale Einstellungen
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Gast\Eigene Dateien
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Gast\Druckumgebung
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Gast\Documents\Eigene Musik
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Gast\Documents\Eigene Bilder
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Gast\AppData\Local\Verlauf
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Gast\AppData\Local\Anwendungsdaten
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Gast\Anwendungsdaten
2015-03-19 10:00 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-19 10:00 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-19 10:00 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-19 10:00 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-19 10:00 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-03-19 10:00 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-03-19 10:00 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-03-19 10:00 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-03-19 10:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-19 10:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-19 09:49 - 2015-03-22 11:08 - 01630961 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-19 09:46 - 2015-03-19 09:46 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
2015-03-19 09:46 - 2015-03-19 09:46 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2015-03-19 09:46 - 2015-03-19 09:46 - 00000000 ____D () C:\Program Files\Realtek
2015-03-19 09:45 - 2015-03-19 09:45 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2015-03-19 09:45 - 2015-03-19 09:45 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
2015-03-19 09:45 - 2015-03-19 09:45 - 00000000 ____D () C:\Program Files\Synaptics
2015-03-19 09:42 - 2015-03-21 12:59 - 00000000 ____D () C:\Windows.old
2015-03-19 09:42 - 2015-03-19 21:34 - 00000000 ___DC () C:\WINDOWS\Panther
2015-03-19 09:41 - 2015-03-19 09:41 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-03-19 09:38 - 2015-03-19 10:16 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-03-19 09:38 - 2015-03-19 09:38 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2015-03-19 09:38 - 2015-03-19 09:38 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-03-19 09:38 - 2015-03-19 09:38 - 00000000 ____D () C:\Program Files\MSBuild
2015-03-19 09:38 - 2015-03-19 09:38 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-03-19 09:37 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-03-19 09:37 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-03-19 09:37 - 2013-08-03 05:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-03-19 09:37 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-03-19 09:37 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-03-19 09:37 - 2013-08-03 05:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-03-18 22:10 - 2015-03-18 22:11 - 02347384 _____ (ESET) C:\Users\Sony\Downloads\esetsmartinstaller_deu.exe
2015-03-18 08:45 - 2015-03-18 18:43 - 00000000 ____D () C:\Users\Sony\Documents\elektr. Lohnzettel
2015-03-17 19:54 - 2015-03-17 19:54 - 01388672 _____ (Thisisu) C:\Users\Sony\Desktop\JRT.exe
2015-03-17 19:23 - 2015-03-17 19:23 - 00000000 ____D () C:\Users\Sony\AppData\Local\Hola
2015-03-17 19:08 - 2015-03-17 19:11 - 00000000 ____D () C:\AdwCleaner
2015-03-17 19:07 - 2015-03-17 19:07 - 02171392 _____ () C:\Users\Sony\Downloads\AdwCleaner_4.112.exe
2015-03-17 18:09 - 2015-03-17 18:10 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Sony\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-16 18:14 - 2015-03-16 18:14 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Sony\Desktop\tdsskiller.exe
2015-03-16 15:25 - 2015-03-17 18:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-16 15:24 - 2015-03-16 15:59 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-16 15:23 - 2015-03-16 15:59 - 00000000 ____D () C:\Users\Sony\Desktop\mbar
2015-03-16 15:22 - 2015-03-16 15:22 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Sony\Downloads\mbar-1.09.1.1004.exe
2015-03-16 13:23 - 2015-03-16 13:23 - 00380416 _____ () C:\Users\Sony\Desktop\Gmer-19357.exe
2015-03-16 13:15 - 2015-03-16 13:15 - 00000000 ____D () C:\Users\Sony\Downloads\FRST-OlderVersion
2015-03-16 13:09 - 2015-03-16 13:11 - 00000470 _____ () C:\Users\Sony\Downloads\defogger_disable.log
2015-03-16 13:09 - 2015-03-16 13:09 - 00000000 _____ () C:\Users\Sony\defogger_reenable
2015-03-16 12:09 - 2015-03-16 12:09 - 00050477 _____ () C:\Users\Sony\Downloads\Defogger.exe
2015-03-04 22:03 - 2015-03-16 13:19 - 00046779 _____ () C:\Users\Sony\Downloads\Addition.txt
2015-03-04 21:58 - 2015-03-16 13:19 - 00043427 _____ () C:\Users\Sony\Downloads\FRST.txt
2015-03-04 21:57 - 2015-03-22 11:12 - 00000000 ____D () C:\FRST
2015-03-04 21:57 - 2015-03-16 13:15 - 02095616 _____ (Farbar) C:\Users\Sony\Desktop\FRST64.exe
2015-03-04 21:44 - 2015-03-04 21:44 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\Sony\Downloads\SpyHunter-Installer.exe
2015-03-04 20:56 - 2015-03-04 20:57 - 00013097 _____ () C:\Users\Sony\Downloads\webscr.htm
2015-02-28 00:01 - 2015-03-03 22:22 - 00000000 ____D () C:\ProgramData\Sony
2015-02-27 21:16 - 2015-02-27 21:16 - 00000000 ____D () C:\Users\Sony\Downloads\hola_firefox_ext_1.6.785_www
2015-02-27 21:15 - 2015-02-27 21:15 - 00986085 _____ () C:\Users\Sony\Downloads\hola_firefox_ext_1.6.785_www.zip
2015-02-27 21:14 - 2015-02-27 21:14 - 00000000 ____D () C:\Users\Sony\AppData\Local\Macromedia
2015-02-27 21:12 - 2015-03-22 10:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-27 21:12 - 2015-03-03 22:22 - 00000000 ____D () C:\Users\Sony\AppData\Local\Mozilla
2015-02-27 21:12 - 2015-02-27 21:12 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-27 21:12 - 2015-02-27 21:12 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-02-27 21:12 - 2015-02-27 21:12 - 00000000 ____D () C:\ProgramData\Mozilla
2015-02-27 21:11 - 2015-02-27 21:11 - 00243576 _____ () C:\Users\Sony\Downloads\Firefox Setup Stub 36.0.exe
2015-02-21 18:15 - 2015-02-21 18:15 - 00000000 ____D () C:\Users\Sony\AppData\Local\Steam

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-22 11:11 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-03-22 11:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-03-22 10:40 - 2014-11-21 04:35 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-22 10:40 - 2014-11-21 03:45 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-03-22 10:40 - 2014-11-21 03:45 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-03-22 10:40 - 2014-11-07 22:40 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-03-22 10:38 - 2013-01-11 09:38 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4200808153-2432618595-1589944039-1001
2015-03-22 10:36 - 2013-05-05 10:09 - 00001124 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-22 10:34 - 2015-01-21 08:14 - 00008192 _____ () C:\WINDOWS\SysWOW64\WDPABKP.dat
2015-03-22 10:34 - 2013-05-04 16:08 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-03-22 10:32 - 2014-10-31 13:12 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense
2015-03-22 10:32 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-22 10:31 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-03-21 22:18 - 2013-05-05 10:09 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-20 13:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-03-20 13:20 - 2013-01-04 13:35 - 00000000 ____D () C:\Users\Sony\AppData\Local\Packages
2015-03-19 23:35 - 2013-08-09 16:24 - 00000000 ____D () C:\Users\Sony\AppData\Roaming\Skype
2015-03-19 17:38 - 2012-09-29 02:03 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-03-19 17:37 - 2012-09-29 02:11 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2015-03-19 10:34 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-03-19 10:33 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-03-19 10:33 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2015-03-19 10:31 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration
2015-03-19 10:29 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-03-19 10:29 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-03-19 10:18 - 2013-08-22 15:44 - 00484488 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-03-19 10:16 - 2015-01-25 19:40 - 00000000 __RHD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
2015-03-19 10:16 - 2015-01-21 08:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD SmartWare
2015-03-19 10:16 - 2015-01-01 20:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-03-19 10:16 - 2015-01-01 14:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-03-19 10:16 - 2015-01-01 13:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2015-03-19 10:16 - 2015-01-01 13:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2015-03-19 10:16 - 2014-11-21 04:13 - 00000000 ____D () C:\WINDOWS\ShellNew
2015-03-19 10:16 - 2014-10-31 17:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2015-03-19 10:16 - 2014-10-10 08:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-03-19 10:16 - 2014-08-26 18:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-03-19 10:16 - 2014-05-12 18:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DeLano Scientific
2015-03-19 10:16 - 2014-01-04 12:56 - 00000000 ____D () C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-03-19 10:16 - 2014-01-02 19:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-19 10:16 - 2013-12-10 07:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2015-03-19 10:16 - 2013-09-29 09:27 - 00000000 ____D () C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-19 10:16 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-03-19 10:16 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-03-19 10:16 - 2013-08-22 14:25 - 00008192 ___SH () C:\WINDOWS\system32\config\ELAM
2015-03-19 10:16 - 2013-08-14 11:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-03-19 10:16 - 2013-06-09 18:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-03-19 10:16 - 2013-05-22 21:53 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2015-03-19 10:16 - 2013-05-12 13:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-03-19 10:16 - 2013-05-12 13:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Scan
2015-03-19 10:16 - 2013-05-10 08:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect
2015-03-19 10:16 - 2013-05-10 08:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-03-19 10:16 - 2013-05-05 17:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChemOffice 2002
2015-03-19 10:16 - 2013-05-05 10:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-19 10:16 - 2013-01-04 13:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\VAIO Startup Setting Tool
2015-03-19 10:16 - 2012-09-29 03:11 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-19 10:16 - 2012-09-29 03:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 8
2015-03-19 10:16 - 2012-09-29 02:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel AppUp(SM) center
2015-03-19 10:16 - 2012-09-29 02:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
2015-03-19 10:13 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2015-03-19 10:12 - 2014-11-21 11:51 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-03-19 10:12 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\winrm
2015-03-19 10:12 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-03-19 10:12 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-03-19 10:12 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\slmgr
2015-03-19 10:12 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2015-03-19 10:12 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\winrm
2015-03-19 10:12 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-03-19 10:12 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\slmgr
2015-03-19 10:12 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\Printing_Admin_Scripts
2015-03-19 10:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-03-19 10:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-03-19 10:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-03-19 10:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2015-03-19 10:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\en-GB
2015-03-19 10:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2015-03-19 10:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2015-03-19 10:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-03-19 10:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-03-19 10:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-03-19 10:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2015-03-19 10:12 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2015-03-19 10:12 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2015-03-19 10:12 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-03-19 10:12 - 2012-09-29 02:17 - 00000000 ____D () C:\WINDOWS\SysWOW64\SDA
2015-03-19 10:10 - 2014-12-11 22:59 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-03-19 10:10 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Resources
2015-03-19 10:10 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-03-19 10:10 - 2012-09-29 04:02 - 00000000 ____D () C:\WINDOWS\system32\%AppData%
2015-03-19 10:09 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-03-19 10:09 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-03-19 10:09 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME
2015-03-19 10:09 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2015-03-19 10:09 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-03-19 10:07 - 2015-01-21 08:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2015-03-19 10:07 - 2014-11-21 04:13 - 00000000 ____D () C:\Program Files\Windows Journal
2015-03-19 10:07 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-03-19 10:07 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-03-19 10:07 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-03-19 10:07 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-03-19 10:07 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-03-19 10:07 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-03-19 10:07 - 2013-07-17 23:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2015-03-19 10:07 - 2013-05-22 21:49 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Main
2015-03-19 10:07 - 2013-05-12 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Creativity Suite
2015-03-19 10:07 - 2012-09-29 03:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2015-03-19 10:07 - 2012-09-29 02:12 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2015-03-19 10:07 - 2012-08-03 03:25 - 00000000 ____D () C:\ProgramData\PRICache
2015-03-19 10:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-03-19 10:01 - 2013-01-04 13:42 - 00000000 ____D () C:\Users\Gast\AppData\Local\Packages
2015-03-19 09:50 - 2014-09-15 18:11 - 00000000 __SHD () C:\Recovery
2015-03-19 09:42 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-03-18 18:00 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2015-03-16 17:34 - 2013-05-05 10:33 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-16 17:28 - 2013-08-15 13:25 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-16 17:18 - 2013-05-05 17:34 - 122905848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-03-04 21:34 - 2014-10-20 10:40 - 00000000 ____D () C:\Users\Sony\Documents\HUK24
2015-03-03 22:22 - 2013-05-09 16:07 - 00000000 ____D () C:\Users\Sony\AppData\Roaming\Mozilla
2015-03-03 22:22 - 2013-05-05 10:09 - 00000000 ____D () C:\Users\Sony\AppData\Local\Google
2015-03-03 22:22 - 2013-05-04 16:08 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2015-03-03 22:22 - 2013-01-04 13:35 - 00000000 ____D () C:\Users\Sony\AppData\Roaming\Intel
2015-03-03 22:22 - 2012-09-29 02:49 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-03 22:22 - 2012-09-29 02:28 - 00000000 ____D () C:\ProgramData\McAfee
2015-03-03 22:22 - 2012-09-29 02:16 - 00000000 ____D () C:\ProgramData\Intel
2015-03-03 22:22 - 2012-09-29 02:00 - 00000000 ____D () C:\ProgramData\Sony Corporation
2015-02-28 00:02 - 2012-09-29 02:54 - 00000000 ____D () C:\Program Files\Sony
2015-02-28 00:02 - 2012-09-29 02:31 - 00000000 ____D () C:\Program Files (x86)\Sony
2015-02-23 08:41 - 2014-11-10 18:40 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-02-23 08:41 - 2014-11-10 18:40 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-23 08:41 - 2014-01-02 19:00 - 00000000 ____D () C:\ProgramData\Oracle

==================== Files in the root of some directories =======

2012-09-29 02:08 - 2012-09-29 02:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Sony\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.7.78.exe
C:\Users\Sony\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Sony\AppData\Local\Temp\turbojpeg1685101729958577987.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-19 09:44

==================== End Of Log ============================

--- --- ---

--- --- ---

Addition

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Sony at 2015-03-22 11:13:17
Running from C:\Users\Sony\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{CC608842-EFFB-2528-BE17-98B97F22FD5D}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Build-a-lot: On Vacation (x32 Version: 2.2.0.110 - WildTangent) Hidden
calibre (HKLM-x32\...\{C727544A-23E0-41A8-9901-2353CE3FE62A}) (Version: 2.14.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
ChemDraw Ultra 7.0 (HKLM-x32\...\{B1C145A4-E36E-4ABB-A8FA-EBD5168AFB45}) (Version: 7.0 - CambridgeSoft Corporation)
Chronicles of Albian (x32 Version: 2.2.0.110 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04059 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04059 - Cisco Systems, Inc.) Hidden
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Cubic Castles (HKLM-x32\...\Steam App 317470) (Version:  - Cosmic Cow LLC)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1923 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.5601.52 - CyberLink Corp.)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Echoes+ (HKLM-x32\...\Steam App 338000) (Version:  - Binary Zoo)
EPSON Copy Utility 3 (HKLM-x32\...\{67EDD823-135A-4D59-87BD-950616D6E857}) (Version: 3.2.0.0 - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Heroes of Hellas 3: Athens (x32 Version: 2.2.0.110 - WildTangent) Hidden
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 38645) (Version: 03.05.11 - Intel)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3097 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{E77289CF-12B9-4CAB-A49E-FEAE947F4D95}) (Version: 15.5.4.0423 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{DA2600C1-6BDF-4FD1-8F3D-148929CC1385}) (Version: 2.6.1210.0278 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.3.1004 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{EDBA2433-0910-4C72-8C5B-8FEDAE3EF18E}) (Version: 3.5.34.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{1593C708-5535-47A4-8C0F-F8D4BE2B4560}) (Version: 15.05.6000.1620 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java(TM) 7 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417005FF}) (Version: 7.0.50 - Oracle)
Kaspersky Internet Security 2013 (HKLM-x32\...\InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}) (Version: 13.0.1.4190 - Kaspersky Lab)
Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab) Hidden
KUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Luxor HD (x32 Version: 2.2.0.110 - WildTangent) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 36.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.3 (x86 de)) (Version: 36.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Networkx64 (Version: 1.0.0 - Sony Corporation) Hidden
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayMemories Home (HKLM-x32\...\{10DD6128-A810-4A90-9523-475D573FBB37}) (Version: 6.3.02.07270 - Sony Corporation)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
PyMOL (HKLM-x32\...\PyMOL) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6748 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.2.0.09270 - Sony Corporation) Hidden
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
SES Driver (HKLM\...\{D8CC254C-C671-4664-9A38-FA368D1E2C97}) (Version: 1.0.0 - Western Digital)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SPEEDLINK Strike 2 Gamepad (HKLM-x32\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.08.17 - )
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.16.2 - Synaptics Incorporated)
The Way of Life (HKLM-x32\...\Steam App 310370) (Version:  - Fabio Ferrara)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VAIO - Remote-Tastatur (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.2.0.09270 - Sony Corporation)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.0.1.10180 - Sony Corporation)
VAIO Care (HKLM\...\{EF649526-0134-46A8-8DF3-D7F9309E48DB}) (Version: 8.4.2.12046 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.0.0.08200 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.10.0.07270 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{14AC95A2-7675-4988-A5BD-3F5B943AED08}) (Version: 3.0.1.02270 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 3.0.0.08060 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.0.0.08240 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.0.0.08240 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.0.00.08170 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.0.00.08170 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.0.0.08090 - Sony Corporation)
VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.0.0.08240 - Sony Corporation)
VAIO Movie Creator Template Data (HKLM-x32\...\InstallShield_{00A663F1-6C03-48CA-8E85-55806AAE2615}) (Version: 4.0.00.08170 - Sony Corporation)
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VAIO*CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 3.0.0.08100 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.8.0.08212 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WD Quick View (HKLM-x32\...\{C58994CF-D15D-41E3-A03B-587B39EAA903}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{142D42E3-07A9-4AAC-BD3B-636392891706}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{604CB4FC-3D32-405F-A109-165F170529B6}) (Version: 1.2.0.8 - Western Digital)
WD SmartWare Installer (HKLM-x32\...\{1891b882-48f7-442d-98d0-c1ce533f25bd}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)
WildTangent Games App (x32 Version: 4.0.10.16 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent sony Master Uninstall) (Version: 1.0.3.0 - WildTangent)
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM  (01/19/2011 1.0.0009.0) (HKLM\...\4CA7CFBB29889F25ACB3DF6E3A42BAE29EB43B20) (Version: 01/19/2011 1.0.0009.0 - Western Digital Technologies)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

ATTENTION: System Restore is disabled.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {033926BC-D1DC-450E-A67E-CAEB44D68CBF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {08C928A8-465F-43ED-BF66-6CB787577FFD} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {1821ED72-9CFE-40D5-822A-216F500107A9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-05] (Google Inc.)
Task: {209791FE-08F2-4E7B-9639-FC2E412BA8B5} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {2C5C339F-B005-4311-BC8A-B842A9F6D1A8} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {3E37D3B8-949E-4204-B537-57641289C7D9} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {3FC01EDE-9ECC-4821-A8A4-5762C008AC35} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-08-09] (Sony Corporation)
Task: {502975AC-39CF-4CD2-907E-2DD781A8BB61} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {509970C4-405E-4741-99B1-30C1C19A0DB6} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {50A86B07-41BA-4A7B-BE7B-11FA3654757F} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {53535DE2-A241-4B52-9039-B586210716A9} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {598F7663-FBE5-4E62-A5FD-AE83F493E8B0} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {5E436ACC-8353-42E8-A077-1130BA05762E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-03-16] (Microsoft Corporation)
Task: {6348E911-629D-435B-83D2-4CE024AA9BDA} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {6F06C696-C240-4060-8BE3-33E014FE735B} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {77558AC1-3E5A-4468-80C6-058C7F41C289} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {7DFE9077-11E8-4A18-8057-B0376141BDFB} - System32\Tasks\Sony Corporation\VAIO Care\UpdateContacts => %ProgramData%\Sony Corporation\VAIO Care\UpdateContacts.exe
Task: {7E23C25F-9129-4F1F-8C38-D84F4B71F735} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {97849117-CB78-414A-B6F3-1C0BFD082478} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {A8411474-9BBA-4D22-9D69-AC03C0DE5BB7} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-08-04] (Sony Corporation)
Task: {AC7EECA3-B343-4825-8F9A-DBA52BD60DD0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {AE72F5AF-4A7E-4415-9CD2-9EE89B8D21D7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-05] (Google Inc.)
Task: {AE900FF6-533D-4B5C-B58D-72A4245C7C46} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {AEFABA6E-F5F4-4361-81C3-E5CCE28679D6} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2012-10-19] (Sony Corporation)
Task: {BE932753-C6C2-4945-90E3-6EEC8319154E} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)
Task: {BEC773D4-8A54-4381-AE9E-9D6C040C6D39} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {C933BDDD-5D2F-4EDC-97F5-DA56432C4456} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {CBD6F0A6-A41A-4AF6-90D2-F6163BC30FD2} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2013-02-21] (Sony Corporation)
Task: {D6898C93-2CAA-4AF4-BA4E-D3ED77D839CB} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {E49BB4E5-806F-4520-8D96-1464C47E1E2C} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {F224C9DF-3FE4-4822-A3B4-D77EDB241825} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-12-03] (Sony Corporation)
Task: {F47A67B8-AFBB-49D3-954F-B59ED9472E54} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {F56253D4-6E87-4DD2-B227-612E6F364047} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)
Task: {FC4F7893-A09A-413C-B16F-2CC592151936} - System32\Tasks\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-07-31] (Sony Corporation)
Task: {FE0FF93E-8860-413E-9242-8C2ECF459C11} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2013-05-31 04:35 - 2013-05-31 04:35 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-03-22 10:43 - 2015-03-22 10:43 - 00852604 _____ () C:\Users\Sony\Desktop\SecurityCheck.exe
2013-11-19 10:21 - 2013-11-19 10:21 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2013-06-19 16:00 - 2013-06-19 16:00 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-17 20:39 - 2013-05-04 16:19 - 01310136 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll
2012-09-29 03:03 - 2012-06-08 04:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 10:34 - 2012-06-08 10:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2012-08-17 20:38 - 2012-08-17 20:38 - 00479160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
2012-09-29 02:16 - 2012-07-25 03:52 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\Drivers\btmhsf.sys:Microsoft_Appcompat_ReinstallUpgrade

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sony\Pictures\Urlaub Malaga\Felix\CIMG9423.JPG
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "WDDMStatus.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WDSmartWare.lnk"
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKLM\...\StartupApproved\Run32: => "Intel AppUp(SM) center"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "mcpltui_exe"
HKLM\...\StartupApproved\Run32: => "WD Quick View"
HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\...\StartupApproved\Run: => "Skype"

==================== Accounts: =============================

Administrator (S-1-5-21-4200808153-2432618595-1589944039-500 - Administrator - Disabled)
Gast (S-1-5-21-4200808153-2432618595-1589944039-501 - Limited - Disabled) => C:\Users\Gast
Sony (S-1-5-21-4200808153-2432618595-1589944039-1001 - Administrator - Enabled) => C:\Users\Sony

==================== Faulty Device Manager Devices =============

Name: USB-IF xHCI USB Host Controller
Description: USB-IF xHCI USB Host Controller
Class Guid: {8a2edc79-c759-46f2-88af-9d4efe3b5eee}
Manufacturer: Intel Corporation
Service: XHCIPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/22/2015 10:34:13 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (03/22/2015 10:33:37 AM) (Source: WDSmartWareBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.WDSmartWareBackgroundService.OnStart(String[] args)

Error: (03/22/2015 10:30:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VCAgent.exe, Version: 8.4.2.12030, Zeitstempel: 0x5476d099
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00007ffc9a58db31
ID des fehlerhaften Prozesses: 0x164c
Startzeit der fehlerhaften Anwendung: 0xVCAgent.exe0
Pfad der fehlerhaften Anwendung: VCAgent.exe1
Pfad des fehlerhaften Moduls: VCAgent.exe2
Berichtskennung: VCAgent.exe3
Vollständiger Name des fehlerhaften Pakets: VCAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VCAgent.exe5

Error: (03/22/2015 10:30:43 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: VCAgent.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
   bei VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   bei System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
   bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   bei System.Windows.Application.RunInternal(System.Windows.Window)
   bei System.Windows.Application.Run()
   bei VCAgent.App.Main()

Error: (03/21/2015 10:40:08 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (03/21/2015 06:11:10 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (03/21/2015 06:11:09 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (03/21/2015 06:11:05 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (03/21/2015 00:58:52 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (03/20/2015 10:53:08 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.


System errors:
=============
Error: (03/22/2015 10:33:52 AM) (Source: DCOM) (EventID: 10016) (User: VAIO)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}VAIOSonyS-1-5-21-4200808153-2432618595-1589944039-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/22/2015 10:33:52 AM) (Source: DCOM) (EventID: 10016) (User: VAIO)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}VAIOSonyS-1-5-21-4200808153-2432618595-1589944039-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/22/2015 10:33:52 AM) (Source: DCOM) (EventID: 10016) (User: VAIO)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}VAIOSonyS-1-5-21-4200808153-2432618595-1589944039-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/22/2015 10:33:52 AM) (Source: DCOM) (EventID: 10016) (User: VAIO)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}VAIOSonyS-1-5-21-4200808153-2432618595-1589944039-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/22/2015 10:33:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Platform Services" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (03/22/2015 10:33:03 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee Platform Services erreicht.

Error: (03/22/2015 10:31:16 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst WDSmartWareBackgroundService erreicht.

Error: (03/22/2015 10:31:15 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst WDBackup erreicht.

Error: (03/22/2015 10:31:08 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {78FD0120-D39C-45D8-A9BE-2B802B3C23E5}

Error: (03/22/2015 10:31:08 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {78FD0120-D39C-45D8-A9BE-2B802B3C23E5}


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 44%
Total physical RAM: 3968.39 MB
Available physical RAM: 2213.76 MB
Total Pagefile: 5376.39 MB
Available Pagefile: 2738.96 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:434.36 GB) (Free:357.82 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 4CC9783F)

Partition: GPT Partition Type.

==================== End Of Log ============================

Dankeschön!

aubergine13 · 22.03.2015, 11:17

FRST

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Sony (administrator) on VAIO on 22-03-2015 11:11:56
Running from C:\Users\Sony\Desktop
Loaded Profiles: Sony (Available profiles: Sony & Gast)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Memeo) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
() C:\Users\Sony\Desktop\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17246_none_fa4ae8e99b1f603c\TiWorker.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1230992 2012-09-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1230992 2012-09-27] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-09-27] (Synaptics Incorporated)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-17] (Sony Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2014-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [299648 2012-07-24] (McAfee, Inc.)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe [24504 2013-05-04] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [703888 2015-03-19] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5562736 2014-12-02] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\...\MountPoints2: {7493dba2-b57b-11e2-beda-84a6c876074f} - "F:\WD SmartWare.exe" autoplay=true
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDSmartWare.lnk
ShortcutTarget: WDSmartWare.lnk -> C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
Startup: C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}
HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}
HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001 -> {B2F3B569-0312-447A-8D01-175A19D55F59} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q312&_nkw={searchTerms}
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-12-10] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-05-23] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-29] (Oracle Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll [2013-12-10] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-29] (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll [2013-12-10] (Kaspersky Lab ZAO)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\Sony\MSS\3.8.141\McAfeeMSS_IE.dll [2014-01-16] (McAfee, Inc.)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-12-10] (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-05-23] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-23] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll [2013-12-10] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-23] (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll [2013-12-10] (Kaspersky Lab ZAO)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\fv3iurqu.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll [2012-09-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-09-29] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-07-25] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-07-25] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-23] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll [2014-01-16] (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2013-05-05] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-09-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4200808153-2432618595-1589944039-1001: @hola.org/vlc,version=1.7.78 -> C:\Users\Sony\AppData\Local\Hola\firefox\app\vlc [2015-03-19] ()
FF Extension: Hola Better Internet - C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\fv3iurqu.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2015-02-27]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013-05-04]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Kaspersky виртуелна тастатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013-05-04]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Gevaarlijke websiteblokkering - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013-05-04]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013-05-04]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013-05-04]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
CHR Profile: C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-30]
CHR Extension: (Google Docs) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-30]
CHR Extension: (Google Drive) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-30]
CHR Extension: (YouTube) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-30]
CHR Extension: (Google Search) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-30]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2015-01-30]
CHR Extension: (Google Sheets) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-30]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-16]
CHR Extension: (Kaspersky Protection) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh [2015-01-30]
CHR Extension: (Google Wallet) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-30]
CHR Extension: (Gmail) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-30]
CHR Extension: (Anti-Banner) - C:\Users\Sony\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2015-01-30]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-08-17]
CHR HKLM-x32\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - https://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-08-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-13] (Kaspersky Lab ZAO)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-25] (Intel Corporation)
S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [220856 2012-07-24] (McAfee, Inc.)
S2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [220856 2012-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218320 2012-06-22] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [177144 2012-06-22] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-09-24] ()
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [639576 2013-05-10] (Sony Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-08-08] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1642544 2014-02-28] (Sony Corporation)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-12-02] (Western Digital Technologies, Inc.)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [129536 2009-11-13] (WDC) [File not signed]
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-12-02] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-11-21] (Microsoft Corporation)
R2 WDSmartWareBackgroundService; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-11-21] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [1153840 2012-09-24] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [37472 2013-02-14] (Advanced Micro Devices, Inc.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1337216 2012-10-01] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-10] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [627296 2014-05-23] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-12-10] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2013-10-13] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-13] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [50448 2013-05-04] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [177864 2015-02-17] (Kaspersky Lab ZAO)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [169320 2012-06-22] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [300392 2012-06-22] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [513456 2012-06-22] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [752672 2012-06-22] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [335784 2012-06-22] (McAfee, Inc.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
R3 rimssne; C:\Windows\System32\drivers\rimssne64.sys [103424 2012-08-23] (REDC)
R3 risdsnxc; C:\Windows\System32\drivers\risdsnxc64.sys [104960 2012-08-23] (REDC)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-01-25] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-09-27] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52080 2013-06-19] (Cisco Systems, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-11-21] (Microsoft Corporation)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-22 11:11 - 2015-03-22 11:11 - 00026506 _____ () C:\Users\Sony\Desktop\FRST.txt
2015-03-22 10:43 - 2015-03-22 10:43 - 00852604 _____ () C:\Users\Sony\Desktop\SecurityCheck.exe
2015-03-22 10:32 - 2015-03-22 10:32 - 00000808 _____ () C:\WINDOWS\PFRO.log
2015-03-21 10:28 - 2015-03-21 10:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-20 22:53 - 2015-03-20 22:53 - 00000797 _____ () C:\WINDOWS\setupact.log
2015-03-20 22:53 - 2015-03-20 22:53 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-03-20 15:22 - 2015-03-20 15:22 - 00000000 ____D () C:\Users\Sony\wekafiles
2015-03-20 13:55 - 2015-03-20 13:56 - 03082735 _____ () C:\Users\Sony\Downloads\Calibration(1).zip
2015-03-20 13:52 - 2015-03-20 14:41 - 00000254 _____ () C:\Users\Sony\.ImageJ_3D_Viewer.props
2015-03-19 17:42 - 2015-03-19 17:42 - 00000000 ____D () C:\ProgramData\ATI
2015-03-19 17:34 - 2015-03-19 17:38 - 00000000 ____D () C:\Program Files\ATI Technologies
2015-03-19 17:25 - 2015-03-19 17:30 - 248442448 _____ (Sony Corporation) C:\EP0000302733.exe
2015-03-19 16:49 - 2015-03-19 16:49 - 00000885 _____ () C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2015-03-19 16:49 - 2015-03-19 16:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2015-03-19 16:49 - 2015-03-19 16:49 - 00000000 ____D () C:\Program Files\CPUID
2015-03-19 16:47 - 2015-03-19 16:47 - 01582736 _____ ( ) C:\Users\Sony\Downloads\cpu-z_1.72_en.exe
2015-03-19 10:57 - 2015-03-19 10:57 - 00000000 ____D () C:\Users\Sony\.imagej
2015-03-19 10:52 - 2015-03-20 17:02 - 00000000 ____D () C:\Users\Sony\Desktop\fiji-win64
2015-03-19 10:48 - 2015-03-22 10:40 - 00003910 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{22F50FE3-B9A7-4387-B66D-928BE36B8C8F}
2015-03-19 10:48 - 2015-03-19 10:48 - 00000000 __SHD () C:\Users\Sony\AppData\Local\EmieUserList
2015-03-19 10:48 - 2015-03-19 10:48 - 00000000 __SHD () C:\Users\Sony\AppData\Local\EmieSiteList
2015-03-19 10:48 - 2015-03-19 10:48 - 00000000 __SHD () C:\Users\Sony\AppData\Local\EmieBrowserModeList
2015-03-19 10:35 - 2015-03-19 10:35 - 00001454 _____ () C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-19 10:34 - 2015-03-19 10:34 - 00000020 ___SH () C:\Users\Sony\ntuser.ini
2015-03-19 10:33 - 2015-03-19 10:33 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-03-19 10:33 - 2015-03-19 10:33 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-03-19 10:33 - 2015-03-19 10:33 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-03-19 10:33 - 2015-03-19 10:33 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-03-19 10:33 - 2015-03-19 10:33 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-03-19 10:33 - 2015-03-19 10:33 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-03-19 10:33 - 2015-03-19 10:33 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-03-19 10:33 - 2015-03-19 10:33 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-03-19 10:33 - 2015-03-19 10:33 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-03-19 10:33 - 2015-03-19 10:33 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-03-19 10:33 - 2015-03-19 10:33 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-03-19 10:33 - 2015-03-19 10:33 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-03-19 10:33 - 2015-03-19 10:33 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-03-19 10:33 - 2015-03-19 10:33 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-03-19 10:33 - 2015-03-19 10:33 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-03-19 10:33 - 2015-03-19 10:33 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-03-19 10:33 - 2015-03-19 10:33 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-03-19 10:31 - 2015-03-19 10:31 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-03-19 10:13 - 2015-03-19 10:13 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2015-03-19 10:13 - 2015-03-19 10:13 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2015-03-19 10:12 - 2015-03-19 10:12 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-19 10:02 - 2015-03-19 10:02 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2015-03-19 10:00 - 2015-03-20 15:22 - 00000000 ____D () C:\Users\Sony
2015-03-19 10:00 - 2015-03-19 10:31 - 00036198 _____ () C:\WINDOWS\diagwrn.xml
2015-03-19 10:00 - 2015-03-19 10:31 - 00036198 _____ () C:\WINDOWS\diagerr.xml
2015-03-19 10:00 - 2015-03-19 10:26 - 00000000 ____D () C:\Users\Gast
2015-03-19 10:00 - 2015-03-19 10:02 - 00000000 ___RD () C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-19 10:00 - 2015-03-19 10:01 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Sony\Vorlagen
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Sony\Startmenü
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Sony\Netzwerkumgebung
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Sony\Lokale Einstellungen
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Sony\Eigene Dateien
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Sony\Druckumgebung
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Sony\Documents\Eigene Musik
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Sony\Documents\Eigene Bilder
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Sony\AppData\Local\Verlauf
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Sony\AppData\Local\Anwendungsdaten
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Sony\Anwendungsdaten
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Gast\Vorlagen
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Gast\Startmenü
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Gast\Netzwerkumgebung
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Gast\Lokale Einstellungen
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Gast\Eigene Dateien
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Gast\Druckumgebung
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Gast\Documents\Eigene Musik
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Gast\Documents\Eigene Bilder
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Gast\AppData\Local\Verlauf
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Gast\AppData\Local\Anwendungsdaten
2015-03-19 10:00 - 2015-03-19 10:00 - 00000000 _SHDL () C:\Users\Gast\Anwendungsdaten
2015-03-19 10:00 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-19 10:00 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-19 10:00 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-19 10:00 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-19 10:00 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-03-19 10:00 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-03-19 10:00 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-03-19 10:00 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-03-19 10:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-19 10:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-19 09:49 - 2015-03-22 11:08 - 01630961 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-19 09:46 - 2015-03-19 09:46 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
2015-03-19 09:46 - 2015-03-19 09:46 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2015-03-19 09:46 - 2015-03-19 09:46 - 00000000 ____D () C:\Program Files\Realtek
2015-03-19 09:45 - 2015-03-19 09:45 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2015-03-19 09:45 - 2015-03-19 09:45 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
2015-03-19 09:45 - 2015-03-19 09:45 - 00000000 ____D () C:\Program Files\Synaptics
2015-03-19 09:42 - 2015-03-21 12:59 - 00000000 ____D () C:\Windows.old
2015-03-19 09:42 - 2015-03-19 21:34 - 00000000 ___DC () C:\WINDOWS\Panther
2015-03-19 09:41 - 2015-03-19 09:41 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-03-19 09:38 - 2015-03-19 10:16 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-03-19 09:38 - 2015-03-19 09:38 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2015-03-19 09:38 - 2015-03-19 09:38 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-03-19 09:38 - 2015-03-19 09:38 - 00000000 ____D () C:\Program Files\MSBuild
2015-03-19 09:38 - 2015-03-19 09:38 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-03-19 09:37 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-03-19 09:37 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-03-19 09:37 - 2013-08-03 05:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-03-19 09:37 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-03-19 09:37 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-03-19 09:37 - 2013-08-03 05:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-03-18 22:10 - 2015-03-18 22:11 - 02347384 _____ (ESET) C:\Users\Sony\Downloads\esetsmartinstaller_deu.exe
2015-03-18 08:45 - 2015-03-18 18:43 - 00000000 ____D () C:\Users\Sony\Documents\elektr. Lohnzettel
2015-03-17 19:54 - 2015-03-17 19:54 - 01388672 _____ (Thisisu) C:\Users\Sony\Desktop\JRT.exe
2015-03-17 19:23 - 2015-03-17 19:23 - 00000000 ____D () C:\Users\Sony\AppData\Local\Hola
2015-03-17 19:08 - 2015-03-17 19:11 - 00000000 ____D () C:\AdwCleaner
2015-03-17 19:07 - 2015-03-17 19:07 - 02171392 _____ () C:\Users\Sony\Downloads\AdwCleaner_4.112.exe
2015-03-17 18:09 - 2015-03-17 18:10 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Sony\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-16 18:14 - 2015-03-16 18:14 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Sony\Desktop\tdsskiller.exe
2015-03-16 15:25 - 2015-03-17 18:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-16 15:24 - 2015-03-16 15:59 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-16 15:23 - 2015-03-16 15:59 - 00000000 ____D () C:\Users\Sony\Desktop\mbar
2015-03-16 15:22 - 2015-03-16 15:22 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Sony\Downloads\mbar-1.09.1.1004.exe
2015-03-16 13:23 - 2015-03-16 13:23 - 00380416 _____ () C:\Users\Sony\Desktop\Gmer-19357.exe
2015-03-16 13:15 - 2015-03-16 13:15 - 00000000 ____D () C:\Users\Sony\Downloads\FRST-OlderVersion
2015-03-16 13:09 - 2015-03-16 13:11 - 00000470 _____ () C:\Users\Sony\Downloads\defogger_disable.log
2015-03-16 13:09 - 2015-03-16 13:09 - 00000000 _____ () C:\Users\Sony\defogger_reenable
2015-03-16 12:09 - 2015-03-16 12:09 - 00050477 _____ () C:\Users\Sony\Downloads\Defogger.exe
2015-03-04 22:03 - 2015-03-16 13:19 - 00046779 _____ () C:\Users\Sony\Downloads\Addition.txt
2015-03-04 21:58 - 2015-03-16 13:19 - 00043427 _____ () C:\Users\Sony\Downloads\FRST.txt
2015-03-04 21:57 - 2015-03-22 11:12 - 00000000 ____D () C:\FRST
2015-03-04 21:57 - 2015-03-16 13:15 - 02095616 _____ (Farbar) C:\Users\Sony\Desktop\FRST64.exe
2015-03-04 21:44 - 2015-03-04 21:44 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\Sony\Downloads\SpyHunter-Installer.exe
2015-03-04 20:56 - 2015-03-04 20:57 - 00013097 _____ () C:\Users\Sony\Downloads\webscr.htm
2015-02-28 00:01 - 2015-03-03 22:22 - 00000000 ____D () C:\ProgramData\Sony
2015-02-27 21:16 - 2015-02-27 21:16 - 00000000 ____D () C:\Users\Sony\Downloads\hola_firefox_ext_1.6.785_www
2015-02-27 21:15 - 2015-02-27 21:15 - 00986085 _____ () C:\Users\Sony\Downloads\hola_firefox_ext_1.6.785_www.zip
2015-02-27 21:14 - 2015-02-27 21:14 - 00000000 ____D () C:\Users\Sony\AppData\Local\Macromedia
2015-02-27 21:12 - 2015-03-22 10:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-27 21:12 - 2015-03-03 22:22 - 00000000 ____D () C:\Users\Sony\AppData\Local\Mozilla
2015-02-27 21:12 - 2015-02-27 21:12 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-27 21:12 - 2015-02-27 21:12 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-02-27 21:12 - 2015-02-27 21:12 - 00000000 ____D () C:\ProgramData\Mozilla
2015-02-27 21:11 - 2015-02-27 21:11 - 00243576 _____ () C:\Users\Sony\Downloads\Firefox Setup Stub 36.0.exe
2015-02-21 18:15 - 2015-02-21 18:15 - 00000000 ____D () C:\Users\Sony\AppData\Local\Steam

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-22 11:11 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-03-22 11:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-03-22 10:40 - 2014-11-21 04:35 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-22 10:40 - 2014-11-21 03:45 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-03-22 10:40 - 2014-11-21 03:45 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-03-22 10:40 - 2014-11-07 22:40 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-03-22 10:38 - 2013-01-11 09:38 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4200808153-2432618595-1589944039-1001
2015-03-22 10:36 - 2013-05-05 10:09 - 00001124 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-22 10:34 - 2015-01-21 08:14 - 00008192 _____ () C:\WINDOWS\SysWOW64\WDPABKP.dat
2015-03-22 10:34 - 2013-05-04 16:08 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-03-22 10:32 - 2014-10-31 13:12 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense
2015-03-22 10:32 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-22 10:31 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-03-21 22:18 - 2013-05-05 10:09 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-20 13:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-03-20 13:20 - 2013-01-04 13:35 - 00000000 ____D () C:\Users\Sony\AppData\Local\Packages
2015-03-19 23:35 - 2013-08-09 16:24 - 00000000 ____D () C:\Users\Sony\AppData\Roaming\Skype
2015-03-19 17:38 - 2012-09-29 02:03 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-03-19 17:37 - 2012-09-29 02:11 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2015-03-19 10:34 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-03-19 10:33 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-03-19 10:33 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2015-03-19 10:31 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration
2015-03-19 10:29 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-03-19 10:29 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-03-19 10:18 - 2013-08-22 15:44 - 00484488 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-03-19 10:16 - 2015-01-25 19:40 - 00000000 __RHD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
2015-03-19 10:16 - 2015-01-21 08:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD SmartWare
2015-03-19 10:16 - 2015-01-01 20:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-03-19 10:16 - 2015-01-01 14:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-03-19 10:16 - 2015-01-01 13:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2015-03-19 10:16 - 2015-01-01 13:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2015-03-19 10:16 - 2014-11-21 04:13 - 00000000 ____D () C:\WINDOWS\ShellNew
2015-03-19 10:16 - 2014-10-31 17:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2015-03-19 10:16 - 2014-10-10 08:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-03-19 10:16 - 2014-08-26 18:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-03-19 10:16 - 2014-05-12 18:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DeLano Scientific
2015-03-19 10:16 - 2014-01-04 12:56 - 00000000 ____D () C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-03-19 10:16 - 2014-01-02 19:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-19 10:16 - 2013-12-10 07:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2015-03-19 10:16 - 2013-09-29 09:27 - 00000000 ____D () C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-19 10:16 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-03-19 10:16 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-03-19 10:16 - 2013-08-22 14:25 - 00008192 ___SH () C:\WINDOWS\system32\config\ELAM
2015-03-19 10:16 - 2013-08-14 11:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-03-19 10:16 - 2013-06-09 18:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-03-19 10:16 - 2013-05-22 21:53 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2015-03-19 10:16 - 2013-05-12 13:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-03-19 10:16 - 2013-05-12 13:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Scan
2015-03-19 10:16 - 2013-05-10 08:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect
2015-03-19 10:16 - 2013-05-10 08:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-03-19 10:16 - 2013-05-05 17:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChemOffice 2002
2015-03-19 10:16 - 2013-05-05 10:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-19 10:16 - 2013-01-04 13:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\VAIO Startup Setting Tool
2015-03-19 10:16 - 2012-09-29 03:11 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-19 10:16 - 2012-09-29 03:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 8
2015-03-19 10:16 - 2012-09-29 02:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel AppUp(SM) center
2015-03-19 10:16 - 2012-09-29 02:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
2015-03-19 10:13 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2015-03-19 10:12 - 2014-11-21 11:51 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-03-19 10:12 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\winrm
2015-03-19 10:12 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-03-19 10:12 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-03-19 10:12 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\slmgr
2015-03-19 10:12 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2015-03-19 10:12 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\winrm
2015-03-19 10:12 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-03-19 10:12 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\slmgr
2015-03-19 10:12 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\Printing_Admin_Scripts
2015-03-19 10:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-03-19 10:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-03-19 10:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-03-19 10:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2015-03-19 10:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\en-GB
2015-03-19 10:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2015-03-19 10:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2015-03-19 10:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-03-19 10:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-03-19 10:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-03-19 10:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2015-03-19 10:12 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2015-03-19 10:12 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2015-03-19 10:12 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-03-19 10:12 - 2012-09-29 02:17 - 00000000 ____D () C:\WINDOWS\SysWOW64\SDA
2015-03-19 10:10 - 2014-12-11 22:59 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-03-19 10:10 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Resources
2015-03-19 10:10 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-03-19 10:10 - 2012-09-29 04:02 - 00000000 ____D () C:\WINDOWS\system32\%AppData%
2015-03-19 10:09 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-03-19 10:09 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-03-19 10:09 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME
2015-03-19 10:09 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2015-03-19 10:09 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-03-19 10:07 - 2015-01-21 08:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2015-03-19 10:07 - 2014-11-21 04:13 - 00000000 ____D () C:\Program Files\Windows Journal
2015-03-19 10:07 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-03-19 10:07 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-03-19 10:07 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-03-19 10:07 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-03-19 10:07 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-03-19 10:07 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-03-19 10:07 - 2013-07-17 23:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2015-03-19 10:07 - 2013-05-22 21:49 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Main
2015-03-19 10:07 - 2013-05-12 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Creativity Suite
2015-03-19 10:07 - 2012-09-29 03:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2015-03-19 10:07 - 2012-09-29 02:12 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2015-03-19 10:07 - 2012-08-03 03:25 - 00000000 ____D () C:\ProgramData\PRICache
2015-03-19 10:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-03-19 10:01 - 2013-01-04 13:42 - 00000000 ____D () C:\Users\Gast\AppData\Local\Packages
2015-03-19 09:50 - 2014-09-15 18:11 - 00000000 __SHD () C:\Recovery
2015-03-19 09:42 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-03-18 18:00 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2015-03-16 17:34 - 2013-05-05 10:33 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-16 17:28 - 2013-08-15 13:25 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-16 17:18 - 2013-05-05 17:34 - 122905848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-03-04 21:34 - 2014-10-20 10:40 - 00000000 ____D () C:\Users\Sony\Documents\HUK24
2015-03-03 22:22 - 2013-05-09 16:07 - 00000000 ____D () C:\Users\Sony\AppData\Roaming\Mozilla
2015-03-03 22:22 - 2013-05-05 10:09 - 00000000 ____D () C:\Users\Sony\AppData\Local\Google
2015-03-03 22:22 - 2013-05-04 16:08 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2015-03-03 22:22 - 2013-01-04 13:35 - 00000000 ____D () C:\Users\Sony\AppData\Roaming\Intel
2015-03-03 22:22 - 2012-09-29 02:49 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-03 22:22 - 2012-09-29 02:28 - 00000000 ____D () C:\ProgramData\McAfee
2015-03-03 22:22 - 2012-09-29 02:16 - 00000000 ____D () C:\ProgramData\Intel
2015-03-03 22:22 - 2012-09-29 02:00 - 00000000 ____D () C:\ProgramData\Sony Corporation
2015-02-28 00:02 - 2012-09-29 02:54 - 00000000 ____D () C:\Program Files\Sony
2015-02-28 00:02 - 2012-09-29 02:31 - 00000000 ____D () C:\Program Files (x86)\Sony
2015-02-23 08:41 - 2014-11-10 18:40 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-02-23 08:41 - 2014-11-10 18:40 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-23 08:41 - 2014-01-02 19:00 - 00000000 ____D () C:\ProgramData\Oracle

==================== Files in the root of some directories =======

2012-09-29 02:08 - 2012-09-29 02:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Sony\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.7.78.exe
C:\Users\Sony\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Sony\AppData\Local\Temp\turbojpeg1685101729958577987.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-19 09:44

==================== End Of Log ============================

--- --- ---

Addition

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Sony at 2015-03-22 11:13:17
Running from C:\Users\Sony\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{CC608842-EFFB-2528-BE17-98B97F22FD5D}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Build-a-lot: On Vacation (x32 Version: 2.2.0.110 - WildTangent) Hidden
calibre (HKLM-x32\...\{C727544A-23E0-41A8-9901-2353CE3FE62A}) (Version: 2.14.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
ChemDraw Ultra 7.0 (HKLM-x32\...\{B1C145A4-E36E-4ABB-A8FA-EBD5168AFB45}) (Version: 7.0 - CambridgeSoft Corporation)
Chronicles of Albian (x32 Version: 2.2.0.110 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04059 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04059 - Cisco Systems, Inc.) Hidden
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Cubic Castles (HKLM-x32\...\Steam App 317470) (Version:  - Cosmic Cow LLC)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1923 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.5601.52 - CyberLink Corp.)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Echoes+ (HKLM-x32\...\Steam App 338000) (Version:  - Binary Zoo)
EPSON Copy Utility 3 (HKLM-x32\...\{67EDD823-135A-4D59-87BD-950616D6E857}) (Version: 3.2.0.0 - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Heroes of Hellas 3: Athens (x32 Version: 2.2.0.110 - WildTangent) Hidden
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 38645) (Version: 03.05.11 - Intel)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3097 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{E77289CF-12B9-4CAB-A49E-FEAE947F4D95}) (Version: 15.5.4.0423 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{DA2600C1-6BDF-4FD1-8F3D-148929CC1385}) (Version: 2.6.1210.0278 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.3.1004 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{EDBA2433-0910-4C72-8C5B-8FEDAE3EF18E}) (Version: 3.5.34.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{1593C708-5535-47A4-8C0F-F8D4BE2B4560}) (Version: 15.05.6000.1620 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java(TM) 7 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417005FF}) (Version: 7.0.50 - Oracle)
Kaspersky Internet Security 2013 (HKLM-x32\...\InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}) (Version: 13.0.1.4190 - Kaspersky Lab)
Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab) Hidden
KUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Luxor HD (x32 Version: 2.2.0.110 - WildTangent) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 36.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.3 (x86 de)) (Version: 36.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Networkx64 (Version: 1.0.0 - Sony Corporation) Hidden
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayMemories Home (HKLM-x32\...\{10DD6128-A810-4A90-9523-475D573FBB37}) (Version: 6.3.02.07270 - Sony Corporation)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
PyMOL (HKLM-x32\...\PyMOL) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6748 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.2.0.09270 - Sony Corporation) Hidden
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
SES Driver (HKLM\...\{D8CC254C-C671-4664-9A38-FA368D1E2C97}) (Version: 1.0.0 - Western Digital)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SPEEDLINK Strike 2 Gamepad (HKLM-x32\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.08.17 - )
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.16.2 - Synaptics Incorporated)
The Way of Life (HKLM-x32\...\Steam App 310370) (Version:  - Fabio Ferrara)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VAIO - Remote-Tastatur (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.2.0.09270 - Sony Corporation)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.0.1.10180 - Sony Corporation)
VAIO Care (HKLM\...\{EF649526-0134-46A8-8DF3-D7F9309E48DB}) (Version: 8.4.2.12046 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.0.0.08200 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.10.0.07270 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{14AC95A2-7675-4988-A5BD-3F5B943AED08}) (Version: 3.0.1.02270 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 3.0.0.08060 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.0.0.08240 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.0.0.08240 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.0.00.08170 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.0.00.08170 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.0.0.08090 - Sony Corporation)
VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.0.0.08240 - Sony Corporation)
VAIO Movie Creator Template Data (HKLM-x32\...\InstallShield_{00A663F1-6C03-48CA-8E85-55806AAE2615}) (Version: 4.0.00.08170 - Sony Corporation)
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VAIO*CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 3.0.0.08100 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.8.0.08212 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WD Quick View (HKLM-x32\...\{C58994CF-D15D-41E3-A03B-587B39EAA903}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{142D42E3-07A9-4AAC-BD3B-636392891706}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{604CB4FC-3D32-405F-A109-165F170529B6}) (Version: 1.2.0.8 - Western Digital)
WD SmartWare Installer (HKLM-x32\...\{1891b882-48f7-442d-98d0-c1ce533f25bd}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)
WildTangent Games App (x32 Version: 4.0.10.16 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent sony Master Uninstall) (Version: 1.0.3.0 - WildTangent)
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM  (01/19/2011 1.0.0009.0) (HKLM\...\4CA7CFBB29889F25ACB3DF6E3A42BAE29EB43B20) (Version: 01/19/2011 1.0.0009.0 - Western Digital Technologies)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4200808153-2432618595-1589944039-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

ATTENTION: System Restore is disabled.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {033926BC-D1DC-450E-A67E-CAEB44D68CBF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {08C928A8-465F-43ED-BF66-6CB787577FFD} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {1821ED72-9CFE-40D5-822A-216F500107A9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-05] (Google Inc.)
Task: {209791FE-08F2-4E7B-9639-FC2E412BA8B5} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {2C5C339F-B005-4311-BC8A-B842A9F6D1A8} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {3E37D3B8-949E-4204-B537-57641289C7D9} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {3FC01EDE-9ECC-4821-A8A4-5762C008AC35} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-08-09] (Sony Corporation)
Task: {502975AC-39CF-4CD2-907E-2DD781A8BB61} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {509970C4-405E-4741-99B1-30C1C19A0DB6} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {50A86B07-41BA-4A7B-BE7B-11FA3654757F} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {53535DE2-A241-4B52-9039-B586210716A9} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {598F7663-FBE5-4E62-A5FD-AE83F493E8B0} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {5E436ACC-8353-42E8-A077-1130BA05762E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-03-16] (Microsoft Corporation)
Task: {6348E911-629D-435B-83D2-4CE024AA9BDA} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {6F06C696-C240-4060-8BE3-33E014FE735B} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {77558AC1-3E5A-4468-80C6-058C7F41C289} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {7DFE9077-11E8-4A18-8057-B0376141BDFB} - System32\Tasks\Sony Corporation\VAIO Care\UpdateContacts => %ProgramData%\Sony Corporation\VAIO Care\UpdateContacts.exe
Task: {7E23C25F-9129-4F1F-8C38-D84F4B71F735} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {97849117-CB78-414A-B6F3-1C0BFD082478} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {A8411474-9BBA-4D22-9D69-AC03C0DE5BB7} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-08-04] (Sony Corporation)
Task: {AC7EECA3-B343-4825-8F9A-DBA52BD60DD0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {AE72F5AF-4A7E-4415-9CD2-9EE89B8D21D7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-05] (Google Inc.)
Task: {AE900FF6-533D-4B5C-B58D-72A4245C7C46} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {AEFABA6E-F5F4-4361-81C3-E5CCE28679D6} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2012-10-19] (Sony Corporation)
Task: {BE932753-C6C2-4945-90E3-6EEC8319154E} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)
Task: {BEC773D4-8A54-4381-AE9E-9D6C040C6D39} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {C933BDDD-5D2F-4EDC-97F5-DA56432C4456} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {CBD6F0A6-A41A-4AF6-90D2-F6163BC30FD2} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2013-02-21] (Sony Corporation)
Task: {D6898C93-2CAA-4AF4-BA4E-D3ED77D839CB} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {E49BB4E5-806F-4520-8D96-1464C47E1E2C} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {F224C9DF-3FE4-4822-A3B4-D77EDB241825} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-12-03] (Sony Corporation)
Task: {F47A67B8-AFBB-49D3-954F-B59ED9472E54} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {F56253D4-6E87-4DD2-B227-612E6F364047} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)
Task: {FC4F7893-A09A-413C-B16F-2CC592151936} - System32\Tasks\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-07-31] (Sony Corporation)
Task: {FE0FF93E-8860-413E-9242-8C2ECF459C11} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2013-05-31 04:35 - 2013-05-31 04:35 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-03-22 10:43 - 2015-03-22 10:43 - 00852604 _____ () C:\Users\Sony\Desktop\SecurityCheck.exe
2013-11-19 10:21 - 2013-11-19 10:21 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2013-06-19 16:00 - 2013-06-19 16:00 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-17 20:39 - 2013-05-04 16:19 - 01310136 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll
2012-09-29 03:03 - 2012-06-08 04:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 10:34 - 2012-06-08 10:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2012-08-17 20:38 - 2012-08-17 20:38 - 00479160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
2012-09-29 02:16 - 2012-07-25 03:52 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\Drivers\btmhsf.sys:Microsoft_Appcompat_ReinstallUpgrade

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sony\Pictures\Urlaub Malaga\Felix\CIMG9423.JPG
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "WDDMStatus.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WDSmartWare.lnk"
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKLM\...\StartupApproved\Run32: => "Intel AppUp(SM) center"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "mcpltui_exe"
HKLM\...\StartupApproved\Run32: => "WD Quick View"
HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-4200808153-2432618595-1589944039-1001\...\StartupApproved\Run: => "Skype"

==================== Accounts: =============================

Administrator (S-1-5-21-4200808153-2432618595-1589944039-500 - Administrator - Disabled)
Gast (S-1-5-21-4200808153-2432618595-1589944039-501 - Limited - Disabled) => C:\Users\Gast
Sony (S-1-5-21-4200808153-2432618595-1589944039-1001 - Administrator - Enabled) => C:\Users\Sony

==================== Faulty Device Manager Devices =============

Name: USB-IF xHCI USB Host Controller
Description: USB-IF xHCI USB Host Controller
Class Guid: {8a2edc79-c759-46f2-88af-9d4efe3b5eee}
Manufacturer: Intel Corporation
Service: XHCIPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/22/2015 10:34:13 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (03/22/2015 10:33:37 AM) (Source: WDSmartWareBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.WDSmartWareBackgroundService.OnStart(String[] args)

Error: (03/22/2015 10:30:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VCAgent.exe, Version: 8.4.2.12030, Zeitstempel: 0x5476d099
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00007ffc9a58db31
ID des fehlerhaften Prozesses: 0x164c
Startzeit der fehlerhaften Anwendung: 0xVCAgent.exe0
Pfad der fehlerhaften Anwendung: VCAgent.exe1
Pfad des fehlerhaften Moduls: VCAgent.exe2
Berichtskennung: VCAgent.exe3
Vollständiger Name des fehlerhaften Pakets: VCAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VCAgent.exe5

Error: (03/22/2015 10:30:43 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: VCAgent.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
   bei VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   bei System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
   bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   bei System.Windows.Application.RunInternal(System.Windows.Window)
   bei System.Windows.Application.Run()
   bei VCAgent.App.Main()

Error: (03/21/2015 10:40:08 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (03/21/2015 06:11:10 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (03/21/2015 06:11:09 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (03/21/2015 06:11:05 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (03/21/2015 00:58:52 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (03/20/2015 10:53:08 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.


System errors:
=============
Error: (03/22/2015 10:33:52 AM) (Source: DCOM) (EventID: 10016) (User: VAIO)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}VAIOSonyS-1-5-21-4200808153-2432618595-1589944039-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/22/2015 10:33:52 AM) (Source: DCOM) (EventID: 10016) (User: VAIO)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}VAIOSonyS-1-5-21-4200808153-2432618595-1589944039-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/22/2015 10:33:52 AM) (Source: DCOM) (EventID: 10016) (User: VAIO)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}VAIOSonyS-1-5-21-4200808153-2432618595-1589944039-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/22/2015 10:33:52 AM) (Source: DCOM) (EventID: 10016) (User: VAIO)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}VAIOSonyS-1-5-21-4200808153-2432618595-1589944039-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/22/2015 10:33:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Platform Services" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (03/22/2015 10:33:03 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee Platform Services erreicht.

Error: (03/22/2015 10:31:16 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst WDSmartWareBackgroundService erreicht.

Error: (03/22/2015 10:31:15 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst WDBackup erreicht.

Error: (03/22/2015 10:31:08 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {78FD0120-D39C-45D8-A9BE-2B802B3C23E5}

Error: (03/22/2015 10:31:08 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {78FD0120-D39C-45D8-A9BE-2B802B3C23E5}


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 44%
Total physical RAM: 3968.39 MB
Available physical RAM: 2213.76 MB
Total Pagefile: 5376.39 MB
Available Pagefile: 2738.96 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:434.36 GB) (Free:357.82 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 4CC9783F)

Partition: GPT Partition Type.

==================== End Of Log ============================

Dankeschön!

schrauber · 22.03.2015, 17:47

Java und Adobe updaten.

Hast Du die Systemwiederherstellung mit Absicht abgeschaltet?

aubergine13 · 23.03.2015, 08:06

Hallo Schrauber,

danke für die Info. Ich werde Java und Adobe updaten.
Ich habe erst kürzlich von Windows8 auf Windows8.1 upgedated. Liegt es vlt daran, dass die Systemwiederherstellung nicht aktiviert ist? Habe jetzt mal unter Computerschutz nachgeschaut und der war für meinen lokalen Datenträger aktiviert. Zusätzlich wurden mir noch zwei Dateien namens Windows RE tools und Recovery angezeigt, für die der Scutz nicht aktiviert war. Ich habe die jetzt auch aktiviert und einen Systemwiederherstellungspunkt erstellt.

Liebe Grüße

schrauber · 23.03.2015, 15:50

fertig

Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren

Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
Klicke auf OK.
Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:

Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:

NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie

.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

aubergine13 · 24.03.2015, 20:23

Hallo Schrauber,

vielen Dank für deine Hilfe. Es hat mir sehr weitergeholfen. Ich bin sehr zufrieden mit deiner Hilfe gewesen. Vielen Dank nochmal!

Liebe Grüße

schrauber · 25.03.2015, 12:33

Gern Geschehen

22.03.2015, 17:47	#10
schrauber /// the machine /// TB-Ausbilder	Windows 8: Trojaner (Backdoor.Win32.Androm.gjvy) auf Computer nach öffnen einer Email für pay pal Rechnung Java und Adobe updaten. Hast Du die Systemwiederherstellung mit Absicht abgeschaltet? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

25.03.2015, 12:33	#14
schrauber /// the machine /// TB-Ausbilder	Windows 8: Trojaner (Backdoor.Win32.Androm.gjvy) auf Computer nach öffnen einer Email für pay pal Rechnung Gern Geschehen __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Windows 8: Trojaner (Backdoor.Win32.Androm.gjvy) auf Computer nach öffnen einer Email für pay pal Rechnung

Log-Analyse und Auswertung: Windows 8: Trojaner (Backdoor.Win32.Androm.gjvy) auf Computer nach öffnen einer Email für pay pal Rechnung