Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: tr/atraps.gen2 gefunden und Registryänderungen festgestellt

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 18.06.2012, 00:10   #1
Sabishii
 
tr/atraps.gen2 gefunden und Registryänderungen festgestellt - Unglücklich

tr/atraps.gen2 gefunden und Registryänderungen festgestellt



Eines vorweg: Ich bin gerade ein wenig panisch. Sobald etwas mit meinem Laptop nicht stimmt, drehe ich immer gleich am Rad. Aber ich versuche mich zusammenzureißen, weil ich weiß das einem hier stets geholfen wird..

Folgendes Problem:
Seit heute Abend schlägt Avira bei mir öfters an, also ich höre den Avira-Sound. Allerdings ploppt keine Meldung auf. Bis auf vorhin, da kam eine Meldung von Avira, es sei der Trojaner "tr/atraps.gen2" gefunden worden. Ich habe daraufhin mal Spybot Search & Destroy suchen lassen. Das hat festgestellt, dass wohl zwei Registry-Änderungen gemacht wurden, die das Starten des Microsoft Security Centers ausschalten. Sprich: Ich traue mich nun nicht meinen Laptop neu zu starten. (Spybot hat diese Änderungen zwar rückgängig gemacht, aber ich habe so meine Zweifel, dass sich die Sache damit endgültig hat...)

Wäre sehr nett wenn jemand versuchen könnte mir zu helfen. Eigentlich wollte ich ins Bett, aber jetzt bin ich zu nervös.

Alt 18.06.2012, 08:45   #2
Chris4You
 
tr/atraps.gen2 gefunden und Registryänderungen festgestellt - Standard

tr/atraps.gen2 gefunden und Registryänderungen festgestellt



Hi,

dann hoffen wir mal, dass Du trotzdem etwas Schlaf gefunden hast...

Das dürfte ein Rootkit sein, muss aber erst wissen was für ein System du hast...

OTL
Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop
  • Vista/Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt (OTL.TXT und EXTRAS.TXT)
  • Poste die Logfiles hier in den Thread

TDSS-Killer
Download und Anweisung unter: Wie werden Schadprogramme der Familie Rootkit.Win32.TDSS bekämpft?
Entpacke alle Dateien in einem eigenen Verzeichnis (z. B: C:\TDSS)!
Aufruf über den Explorer duch Doppelklick auf die TDSSKiller.exe.
Stelle den Killer wir folgt ein:

Dann den Scan starten durch (Start Scan).
Wenn der Scan fertig ist bitte "Report" anwählen (eventuelle Funde erstmal mit Skip übergehen). Es öffnet sich ein Fenster, den Text abkopieren und hier posten...

chris
__________________

__________________

Alt 18.06.2012, 09:06   #3
Sabishii
 
tr/atraps.gen2 gefunden und Registryänderungen festgestellt - Standard

tr/atraps.gen2 gefunden und Registryänderungen festgestellt



Ja danke, ich bin einfach irgendwann weggepennt. xD

OTL läuft gerade durch.
Hab währenddessen eine Frage:
Hatte gestern auch Malwarebytes mal suchen lassen, woraufhin 4 Dinge gefunden und in Quarantäne gesteckt wurden. Allerdings verlangt Malwarebytes ja einen Neustart um die Dinge löschen zu können, und den Neustart hab ich mich ja gestern nicht getraut zu machen (Laptop lief die Nacht über im Standbymodus). Soll ich das vielleicht doch noch versuchen bevor ich mich hier dumm und dämlich scanne? Oder die Funde während den Scans in Quarantäne lassen?

EDIT:
Habe die Funde jetzt während den Scans in Quarantäne gelassen, bitte korrigieren falls das falsch war.

OTL:
Code:
ATTFilter
OTL logfile created on: 18.06.2012 09:01:13 - Run 1
OTL by OldTimer - Version 3.2.49.0     Folder = C:\Users\Nadja\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 2,17 Gb Available Physical Memory | 56,28% Memory free
11,58 Gb Paging File | 9,55 Gb Available in Paging File | 82,49% Paging File free
Paging file location(s): c:\pagefile.sys 7905 7905 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452,34 Gb Total Space | 368,02 Gb Free Space | 81,36% Space Free | Partition Type: NTFS
 
Computer Name: NADJA-NOTEBOOK | User Name: Nadja | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Nadja\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Care\listener.exe (Sony of America Corporation)
PRC - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\MausII\MausII.exe (www.ALGOMAHE.de)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
PRC - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe (Brother Industries, Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\262285b3d0afafc5059f3fe9be69bff5\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8177623eac8f15cf95b587625439eac7\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\5be773440afa1e1f565f9021d8fd9730\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a1c4a635721f85bef0ea4194b888b871\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Program Files (x86)\MausII\MausII.dll ()
MOD - C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll ()
MOD - C:\Program Files (x86)\WinRAR\rarext.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (Akamai) -- c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll ()
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update Common\VUAgent.exe (Sony Corporation)
SRV - (VcmIAlzMgr) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV - (VCService) -- C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation)
SRV - (VcmINSMgr) -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation)
SRV - (VcmXmlIfHelper) -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)
SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (VSNService) -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation)
SRV - (SpfService) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation)
SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (StarWindServiceAE) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
SRV - (AdobeActiveFileMonitor8.0) -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (HPub4DE3) USB Mouse Low Filter Driver_4DE3 (WDF Version) -- C:\Windows\SysNative\drivers\HPub4DE3.sys (TPMX Electronics Ltd.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HPMo4DE3) Mouse Suite Driver_4DE3 (WDF Version) -- C:\Windows\SysNative\drivers\HPMo4DE3.sys (TPMX Electronics Ltd.)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (IntcDAud) Intel(R) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (btwampfl) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (risdsnpe) -- C:\Windows\SysNative\drivers\risdsne64.sys (REDC)
DRV:64bit: - (rimspci) -- C:\Windows\SysNative\drivers\rimssne64.sys (REDC)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)
DRV:64bit: - (SCDEmu) -- C:\Windows\SysNative\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{49617DE8-6AB3-4157-A35F-ED9BC249E64E}: "URL" = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
IE - HKCU\..\SearchScopes\{5FEF25B0-7B10-4E3C-92F5-1CFADE371A77}: "URL" = hxxp://de.shopping.com/?linkin_id=8056363
IE - HKCU\..\SearchScopes\{898E5F44-1F4A-442C-9EAD-15AF6410DA4A}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;192.168.*.*;127.0.0.1:9421;
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.8
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: html5notifications@paxal.net:0.7.2
FF - prefs.js..extensions.enabledItems: selectionlinks@floriangilles.com:0.0.4
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.2.1: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.03.09 20:12:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.03.09 20:12:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.04.25 10:59:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.07.31 23:51:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.04.25 10:59:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.07.31 23:51:55 | 000,000,000 | ---D | M]
 
[2010.12.28 18:08:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nadja\AppData\Roaming\mozilla\Extensions
[2012.05.17 21:43:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nadja\AppData\Roaming\mozilla\Firefox\Profiles\6fwi0ip4.default\extensions
[2012.03.05 21:06:31 | 000,000,000 | ---D | M] (Buyertools) -- C:\Users\Nadja\AppData\Roaming\mozilla\Firefox\Profiles\6fwi0ip4.default\extensions\{411F2F11-830F-4AB5-B7F0-FBC77B870B5A}
[2012.03.30 13:51:24 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Nadja\AppData\Roaming\mozilla\Firefox\Profiles\6fwi0ip4.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.05.17 21:43:45 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Nadja\AppData\Roaming\mozilla\Firefox\Profiles\6fwi0ip4.default\extensions\ich@maltegoetz.de
[2011.06.22 01:47:12 | 000,000,000 | ---D | M] (Selection Links) -- C:\Users\Nadja\AppData\Roaming\mozilla\Firefox\Profiles\6fwi0ip4.default\extensions\selectionlinks@floriangilles.com
[2011.11.09 16:05:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.01.06 00:45:21 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\NADJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6FWI0IP4.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012.02.26 01:59:24 | 000,046,888 | ---- | M] () (No name found) -- C:\USERS\NADJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6FWI0IP4.DEFAULT\EXTENSIONS\HTML5NOTIFICATIONS@PAXAL.NET.XPI
[2011.06.22 22:35:26 | 000,024,747 | ---- | M] () (No name found) -- C:\USERS\NADJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6FWI0IP4.DEFAULT\EXTENSIONS\LINKY@GEMAL.DK.XPI
[2011.12.27 01:58:35 | 000,038,090 | ---- | M] () (No name found) -- C:\USERS\NADJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6FWI0IP4.DEFAULT\EXTENSIONS\MULTILINKS@PLUGIN.XPI
[2012.04.25 10:59:51 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.04.14 05:08:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.02.14 15:07:10 | 000,000,960 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 alcohol-soft.com
O1 - Hosts: 127.0.0.1 images.alcohol-soft.com
O1 - Hosts: 127.0.0.1 mermaidconsulting.dk
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKCU..\Run: [MausII - algomahe.de] C:\Program Files (x86)\MausII\MausII.exe (www.ALGOMAHE.de)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC863AAA-54E2-4F05-A57B-5B003D0368DB}: DhcpNameServer = 172.16.16.19
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C3FA99C0-6D20-46D3-A571-87208C430CB4}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\autorun_setup.bat
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.06.18 08:59:18 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Nadja\Desktop\OTL.exe
[2012.06.17 23:46:47 | 000,000,000 | ---D | C] -- C:\Users\Nadja\AppData\Roaming\Malwarebytes
[2012.06.17 23:46:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.06.17 23:46:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.06.17 23:46:40 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.06.17 23:46:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.06.16 08:47:28 | 000,000,000 | ---D | C] -- C:\Users\Nadja\AppData\Local\Macromedia
[2012.05.19 23:32:50 | 002,557,952 | ---- | C] (Nokia Corporation and/or its subsidiary(-ies)) -- C:\Windows\SysWow64\QtCore4.dll
[2011.01.04 13:28:27 | 000,437,248 | ---- | C] (Microsoft Corporation) -- C:\Program Files\mspaint.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
File not found -- C:\Windows\SysNative\
[2012.06.18 08:59:19 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Nadja\Desktop\OTL.exe
[2012.06.18 08:44:53 | 000,013,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.18 08:44:53 | 000,013,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.18 08:29:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.17 23:46:42 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.06.17 23:20:22 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.06.17 10:13:18 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.06.17 10:13:18 | 000,697,082 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.06.17 10:13:18 | 000,652,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.06.17 10:13:18 | 000,148,346 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.06.17 10:13:18 | 000,121,292 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.06.17 09:57:47 | 3106,480,128 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.16 23:57:26 | 000,001,205 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Status Monitor.lnk
[2012.06.16 08:19:41 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.06.16 08:19:41 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.06.08 10:50:03 | 000,000,805 | ---- | M] () -- C:\Windows\ULEAD32.INI
[2012.05.19 23:32:50 | 000,002,232 | ---- | M] () -- C:\Users\Nadja\Desktop\Free Audio Converter.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
File not found -- C:\Windows\SysNative\
[2012.06.18 02:49:16 | 000,022,016 | ---- | C] () -- C:\Windows\Installer\{f9365b67-4dbf-fa77-e471-0b88407f90f7}\U\800000cb.@
[2012.06.18 01:19:40 | 000,016,896 | ---- | C] () -- C:\Windows\Installer\{f9365b67-4dbf-fa77-e471-0b88407f90f7}\U\80000000.@
[2012.06.18 01:19:40 | 000,001,648 | ---- | C] () -- C:\Windows\Installer\{f9365b67-4dbf-fa77-e471-0b88407f90f7}\U\00000001.@
[2012.06.17 23:46:42 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.05.19 23:32:50 | 000,002,232 | ---- | C] () -- C:\Users\Nadja\Desktop\Free Audio Converter.lnk
[2012.04.07 14:23:03 | 000,004,439 | ---- | C] () -- C:\Users\Nadja\AppData\Roaming\CamStudio.cfg
[2012.04.07 14:23:03 | 000,000,115 | ---- | C] () -- C:\Users\Nadja\AppData\Roaming\Camdata.ini
[2012.04.07 14:23:02 | 000,000,408 | ---- | C] () -- C:\Users\Nadja\AppData\Roaming\CamShapes.ini
[2012.04.07 14:23:02 | 000,000,408 | ---- | C] () -- C:\Users\Nadja\AppData\Roaming\CamLayout.ini
[2012.03.16 00:56:16 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll
[2012.03.14 00:51:42 | 000,000,149 | ---- | C] () -- C:\Windows\MausII-Cfg.INI
[2012.01.11 21:48:05 | 000,015,873 | ---- | C] () -- C:\Windows\SysWow64\Inetde.dll
[2012.01.11 10:54:40 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{f9365b67-4dbf-fa77-e471-0b88407f90f7}\@
[2012.01.11 10:54:40 | 000,002,048 | -HS- | C] () -- C:\Users\Nadja\AppData\Local\{f9365b67-4dbf-fa77-e471-0b88407f90f7}\@
[2011.11.16 09:52:10 | 000,001,890 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011.11.16 09:52:10 | 000,000,088 | RHS- | C] () -- C:\ProgramData\B63FEA3E66.sys
[2011.05.29 10:11:59 | 000,714,526 | ---- | C] () -- C:\Windows\unins000.exe
[2011.05.29 10:11:59 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2011.05.29 10:11:59 | 000,001,996 | ---- | C] () -- C:\Windows\unins000.dat
[2011.05.29 00:20:22 | 000,001,474 | ---- | C] () -- C:\Users\Nadja\AppData\Local\RecConfig.xml
[2011.05.28 11:07:37 | 000,005,632 | ---- | C] () -- C:\Users\Nadja\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.27 22:57:59 | 001,591,234 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.03.21 19:56:22 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.03.11 10:32:30 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011.03.11 10:32:30 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2011.02.26 23:21:18 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2011.02.26 23:20:56 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2011.02.22 20:33:33 | 000,000,805 | ---- | C] () -- C:\Windows\ULEAD32.INI
[2011.02.14 14:03:25 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.02.01 16:37:40 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\BrMuSNMP.dll
[2011.01.29 18:00:22 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011.01.29 18:00:22 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.01.29 18:00:22 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.01.29 18:00:22 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.01.24 05:57:11 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2010.12.31 01:51:07 | 000,017,408 | ---- | C] () -- C:\Users\Nadja\AppData\Local\WebpageIcons.db
[2010.12.29 01:12:59 | 000,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010.12.29 01:12:56 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2010.12.29 01:12:56 | 000,755,027 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.12.29 01:12:56 | 000,159,839 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010.12.29 01:12:55 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010.12.29 00:59:53 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.10.08 08:55:10 | 000,002,023 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.07.13 00:11:37 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.07.12 22:27:34 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2010.07.12 22:27:34 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010.07.12 22:27:34 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010.07.12 22:27:33 | 000,104,636 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2010.07.12 22:27:32 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010.07.12 22:27:25 | 000,028,732 | ---- | C] () -- C:\Windows\SysWow64\ativvsny.dat
[2010.07.12 22:27:25 | 000,026,936 | ---- | C] () -- C:\Windows\SysWow64\ativvsnl.dat
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 24 bytes -> C:\Windows:AFF2E49F2F588B4A

< End of report >
         

OTL Extras:
Code:
ATTFilter
OTL logfile created on: 18.06.2012 09:01:13 - Run 1
OTL by OldTimer - Version 3.2.49.0     Folder = C:\Users\Nadja\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 2,17 Gb Available Physical Memory | 56,28% Memory free
11,58 Gb Paging File | 9,55 Gb Available in Paging File | 82,49% Paging File free
Paging file location(s): c:\pagefile.sys 7905 7905 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452,34 Gb Total Space | 368,02 Gb Free Space | 81,36% Space Free | Partition Type: NTFS
 
Computer Name: NADJA-NOTEBOOK | User Name: Nadja | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Nadja\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Care\listener.exe (Sony of America Corporation)
PRC - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\MausII\MausII.exe (www.ALGOMAHE.de)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
PRC - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe (Brother Industries, Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\262285b3d0afafc5059f3fe9be69bff5\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8177623eac8f15cf95b587625439eac7\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\5be773440afa1e1f565f9021d8fd9730\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a1c4a635721f85bef0ea4194b888b871\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Program Files (x86)\MausII\MausII.dll ()
MOD - C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll ()
MOD - C:\Program Files (x86)\WinRAR\rarext.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (Akamai) -- c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll ()
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update Common\VUAgent.exe (Sony Corporation)
SRV - (VcmIAlzMgr) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV - (VCService) -- C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation)
SRV - (VcmINSMgr) -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation)
SRV - (VcmXmlIfHelper) -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)
SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (VSNService) -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation)
SRV - (SpfService) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation)
SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (StarWindServiceAE) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
SRV - (AdobeActiveFileMonitor8.0) -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (HPub4DE3) USB Mouse Low Filter Driver_4DE3 (WDF Version) -- C:\Windows\SysNative\drivers\HPub4DE3.sys (TPMX Electronics Ltd.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HPMo4DE3) Mouse Suite Driver_4DE3 (WDF Version) -- C:\Windows\SysNative\drivers\HPMo4DE3.sys (TPMX Electronics Ltd.)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (IntcDAud) Intel(R) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (btwampfl) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (risdsnpe) -- C:\Windows\SysNative\drivers\risdsne64.sys (REDC)
DRV:64bit: - (rimspci) -- C:\Windows\SysNative\drivers\rimssne64.sys (REDC)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)
DRV:64bit: - (SCDEmu) -- C:\Windows\SysNative\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{49617DE8-6AB3-4157-A35F-ED9BC249E64E}: "URL" = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
IE - HKCU\..\SearchScopes\{5FEF25B0-7B10-4E3C-92F5-1CFADE371A77}: "URL" = hxxp://de.shopping.com/?linkin_id=8056363
IE - HKCU\..\SearchScopes\{898E5F44-1F4A-442C-9EAD-15AF6410DA4A}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;192.168.*.*;127.0.0.1:9421;
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.8
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: html5notifications@paxal.net:0.7.2
FF - prefs.js..extensions.enabledItems: selectionlinks@floriangilles.com:0.0.4
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.2.1: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.03.09 20:12:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.03.09 20:12:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.04.25 10:59:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.07.31 23:51:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.04.25 10:59:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.07.31 23:51:55 | 000,000,000 | ---D | M]
 
[2010.12.28 18:08:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nadja\AppData\Roaming\mozilla\Extensions
[2012.05.17 21:43:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nadja\AppData\Roaming\mozilla\Firefox\Profiles\6fwi0ip4.default\extensions
[2012.03.05 21:06:31 | 000,000,000 | ---D | M] (Buyertools) -- C:\Users\Nadja\AppData\Roaming\mozilla\Firefox\Profiles\6fwi0ip4.default\extensions\{411F2F11-830F-4AB5-B7F0-FBC77B870B5A}
[2012.03.30 13:51:24 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Nadja\AppData\Roaming\mozilla\Firefox\Profiles\6fwi0ip4.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.05.17 21:43:45 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Nadja\AppData\Roaming\mozilla\Firefox\Profiles\6fwi0ip4.default\extensions\ich@maltegoetz.de
[2011.06.22 01:47:12 | 000,000,000 | ---D | M] (Selection Links) -- C:\Users\Nadja\AppData\Roaming\mozilla\Firefox\Profiles\6fwi0ip4.default\extensions\selectionlinks@floriangilles.com
[2011.11.09 16:05:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.01.06 00:45:21 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\NADJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6FWI0IP4.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012.02.26 01:59:24 | 000,046,888 | ---- | M] () (No name found) -- C:\USERS\NADJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6FWI0IP4.DEFAULT\EXTENSIONS\HTML5NOTIFICATIONS@PAXAL.NET.XPI
[2011.06.22 22:35:26 | 000,024,747 | ---- | M] () (No name found) -- C:\USERS\NADJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6FWI0IP4.DEFAULT\EXTENSIONS\LINKY@GEMAL.DK.XPI
[2011.12.27 01:58:35 | 000,038,090 | ---- | M] () (No name found) -- C:\USERS\NADJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6FWI0IP4.DEFAULT\EXTENSIONS\MULTILINKS@PLUGIN.XPI
[2012.04.25 10:59:51 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.04.14 05:08:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.02.14 15:07:10 | 000,000,960 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 alcohol-soft.com
O1 - Hosts: 127.0.0.1 images.alcohol-soft.com
O1 - Hosts: 127.0.0.1 mermaidconsulting.dk
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKCU..\Run: [MausII - algomahe.de] C:\Program Files (x86)\MausII\MausII.exe (www.ALGOMAHE.de)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC863AAA-54E2-4F05-A57B-5B003D0368DB}: DhcpNameServer = 172.16.16.19
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C3FA99C0-6D20-46D3-A571-87208C430CB4}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\autorun_setup.bat
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.06.18 08:59:18 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Nadja\Desktop\OTL.exe
[2012.06.17 23:46:47 | 000,000,000 | ---D | C] -- C:\Users\Nadja\AppData\Roaming\Malwarebytes
[2012.06.17 23:46:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.06.17 23:46:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.06.17 23:46:40 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.06.17 23:46:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.06.16 08:47:28 | 000,000,000 | ---D | C] -- C:\Users\Nadja\AppData\Local\Macromedia
[2012.05.19 23:32:50 | 002,557,952 | ---- | C] (Nokia Corporation and/or its subsidiary(-ies)) -- C:\Windows\SysWow64\QtCore4.dll
[2011.01.04 13:28:27 | 000,437,248 | ---- | C] (Microsoft Corporation) -- C:\Program Files\mspaint.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
File not found -- C:\Windows\SysNative\
[2012.06.18 08:59:19 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Nadja\Desktop\OTL.exe
[2012.06.18 08:44:53 | 000,013,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.18 08:44:53 | 000,013,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.18 08:29:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.17 23:46:42 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.06.17 23:20:22 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.06.17 10:13:18 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.06.17 10:13:18 | 000,697,082 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.06.17 10:13:18 | 000,652,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.06.17 10:13:18 | 000,148,346 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.06.17 10:13:18 | 000,121,292 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.06.17 09:57:47 | 3106,480,128 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.16 23:57:26 | 000,001,205 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Status Monitor.lnk
[2012.06.16 08:19:41 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.06.16 08:19:41 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.06.08 10:50:03 | 000,000,805 | ---- | M] () -- C:\Windows\ULEAD32.INI
[2012.05.19 23:32:50 | 000,002,232 | ---- | M] () -- C:\Users\Nadja\Desktop\Free Audio Converter.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
File not found -- C:\Windows\SysNative\
[2012.06.18 02:49:16 | 000,022,016 | ---- | C] () -- C:\Windows\Installer\{f9365b67-4dbf-fa77-e471-0b88407f90f7}\U\800000cb.@
[2012.06.18 01:19:40 | 000,016,896 | ---- | C] () -- C:\Windows\Installer\{f9365b67-4dbf-fa77-e471-0b88407f90f7}\U\80000000.@
[2012.06.18 01:19:40 | 000,001,648 | ---- | C] () -- C:\Windows\Installer\{f9365b67-4dbf-fa77-e471-0b88407f90f7}\U\00000001.@
[2012.06.17 23:46:42 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.05.19 23:32:50 | 000,002,232 | ---- | C] () -- C:\Users\Nadja\Desktop\Free Audio Converter.lnk
[2012.04.07 14:23:03 | 000,004,439 | ---- | C] () -- C:\Users\Nadja\AppData\Roaming\CamStudio.cfg
[2012.04.07 14:23:03 | 000,000,115 | ---- | C] () -- C:\Users\Nadja\AppData\Roaming\Camdata.ini
[2012.04.07 14:23:02 | 000,000,408 | ---- | C] () -- C:\Users\Nadja\AppData\Roaming\CamShapes.ini
[2012.04.07 14:23:02 | 000,000,408 | ---- | C] () -- C:\Users\Nadja\AppData\Roaming\CamLayout.ini
[2012.03.16 00:56:16 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll
[2012.03.14 00:51:42 | 000,000,149 | ---- | C] () -- C:\Windows\MausII-Cfg.INI
[2012.01.11 21:48:05 | 000,015,873 | ---- | C] () -- C:\Windows\SysWow64\Inetde.dll
[2012.01.11 10:54:40 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{f9365b67-4dbf-fa77-e471-0b88407f90f7}\@
[2012.01.11 10:54:40 | 000,002,048 | -HS- | C] () -- C:\Users\Nadja\AppData\Local\{f9365b67-4dbf-fa77-e471-0b88407f90f7}\@
[2011.11.16 09:52:10 | 000,001,890 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011.11.16 09:52:10 | 000,000,088 | RHS- | C] () -- C:\ProgramData\B63FEA3E66.sys
[2011.05.29 10:11:59 | 000,714,526 | ---- | C] () -- C:\Windows\unins000.exe
[2011.05.29 10:11:59 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2011.05.29 10:11:59 | 000,001,996 | ---- | C] () -- C:\Windows\unins000.dat
[2011.05.29 00:20:22 | 000,001,474 | ---- | C] () -- C:\Users\Nadja\AppData\Local\RecConfig.xml
[2011.05.28 11:07:37 | 000,005,632 | ---- | C] () -- C:\Users\Nadja\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.27 22:57:59 | 001,591,234 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.03.21 19:56:22 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.03.11 10:32:30 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011.03.11 10:32:30 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2011.02.26 23:21:18 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2011.02.26 23:20:56 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2011.02.22 20:33:33 | 000,000,805 | ---- | C] () -- C:\Windows\ULEAD32.INI
[2011.02.14 14:03:25 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.02.01 16:37:40 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\BrMuSNMP.dll
[2011.01.29 18:00:22 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011.01.29 18:00:22 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.01.29 18:00:22 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.01.29 18:00:22 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.01.24 05:57:11 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2010.12.31 01:51:07 | 000,017,408 | ---- | C] () -- C:\Users\Nadja\AppData\Local\WebpageIcons.db
[2010.12.29 01:12:59 | 000,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010.12.29 01:12:56 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2010.12.29 01:12:56 | 000,755,027 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.12.29 01:12:56 | 000,159,839 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010.12.29 01:12:55 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010.12.29 00:59:53 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.10.08 08:55:10 | 000,002,023 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.07.13 00:11:37 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.07.12 22:27:34 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2010.07.12 22:27:34 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010.07.12 22:27:34 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010.07.12 22:27:33 | 000,104,636 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2010.07.12 22:27:32 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010.07.12 22:27:25 | 000,028,732 | ---- | C] () -- C:\Windows\SysWow64\ativvsny.dat
[2010.07.12 22:27:25 | 000,026,936 | ---- | C] () -- C:\Windows\SysWow64\ativvsnl.dat
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 24 bytes -> C:\Windows:AFF2E49F2F588B4A

< End of report >
         
__________________

Geändert von Sabishii (18.06.2012 um 09:28 Uhr)

Alt 18.06.2012, 09:27   #4
Sabishii
 
tr/atraps.gen2 gefunden und Registryänderungen festgestellt - Standard

tr/atraps.gen2 gefunden und Registryänderungen festgestellt



TDSS-Killer:

Code:
ATTFilter
09:13:58.0300 4524	TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
09:13:58.0393 4524	============================================================
09:13:58.0393 4524	Current date / time: 2012/06/18 09:13:58.0393
09:13:58.0393 4524	SystemInfo:
09:13:58.0393 4524	
09:13:58.0393 4524	OS Version: 6.1.7601 ServicePack: 1.0
09:13:58.0393 4524	Product type: Workstation
09:13:58.0393 4524	ComputerName: NADJA-NOTEBOOK
09:13:58.0393 4524	UserName: Nadja
09:13:58.0393 4524	Windows directory: C:\Windows
09:13:58.0393 4524	System windows directory: C:\Windows
09:13:58.0393 4524	Running under WOW64
09:13:58.0393 4524	Processor architecture: Intel x64
09:13:58.0393 4524	Number of processors: 4
09:13:58.0393 4524	Page size: 0x1000
09:13:58.0393 4524	Boot type: Normal boot
09:13:58.0393 4524	============================================================
09:13:58.0814 4524	Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:13:58.0814 4524	============================================================
09:13:58.0814 4524	\Device\Harddisk0\DR0:
09:13:58.0814 4524	MBR partitions:
09:13:58.0814 4524	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1AA7000, BlocksNum 0x32000
09:13:58.0814 4524	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1AD9000, BlocksNum 0x388AC830
09:13:58.0814 4524	============================================================
09:13:58.0846 4524	C: <-> \Device\Harddisk0\DR0\Partition1
09:13:58.0846 4524	============================================================
09:13:58.0846 4524	Initialize success
09:13:58.0846 4524	============================================================
09:13:59.0953 7076	============================================================
09:13:59.0953 7076	Scan started
09:13:59.0953 7076	Mode: Manual; 
09:13:59.0953 7076	============================================================
09:14:00.0374 7076	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
09:14:00.0390 7076	1394ohci - ok
09:14:00.0484 7076	ACDaemon        (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
09:14:00.0484 7076	ACDaemon - ok
09:14:00.0562 7076	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
09:14:00.0562 7076	ACPI - ok
09:14:00.0608 7076	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
09:14:00.0608 7076	AcpiPmi - ok
09:14:00.0702 7076	AdobeActiveFileMonitor8.0 (34400005de52842c4d6d4ee978b4d7ce) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
09:14:00.0702 7076	AdobeActiveFileMonitor8.0 - ok
09:14:00.0796 7076	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
09:14:00.0811 7076	adp94xx - ok
09:14:00.0874 7076	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
09:14:00.0874 7076	adpahci - ok
09:14:00.0936 7076	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
09:14:00.0952 7076	adpu320 - ok
09:14:00.0983 7076	AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
09:14:00.0983 7076	AeLookupSvc - ok
09:14:01.0076 7076	AFD             (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
09:14:01.0076 7076	AFD - ok
09:14:01.0123 7076	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
09:14:01.0139 7076	agp440 - ok
09:14:01.0529 7076	Akamai          (c775d704feb2b600a5bf7b0b088546af) c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll
09:14:01.0529 7076	Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll. md5: c775d704feb2b600a5bf7b0b088546af
09:14:01.0529 7076	Akamai ( HiddenFile.Multi.Generic ) - warning
09:14:01.0529 7076	Akamai - detected HiddenFile.Multi.Generic (1)
09:14:01.0700 7076	ALG             (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
09:14:01.0700 7076	ALG - ok
09:14:01.0763 7076	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
09:14:01.0763 7076	aliide - ok
09:14:01.0825 7076	AMD External Events Utility (3f9b03b72577a6a7405bf30801cbd159) C:\Windows\system32\atiesrxx.exe
09:14:01.0825 7076	AMD External Events Utility - ok
09:14:01.0872 7076	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
09:14:01.0888 7076	amdide - ok
09:14:01.0919 7076	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
09:14:01.0919 7076	AmdK8 - ok
09:14:02.0512 7076	amdkmdag        (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys
09:14:02.0558 7076	amdkmdag - ok
09:14:02.0746 7076	amdkmdap        (dca6e341a4a7c31ea8a14c6166c9b249) C:\Windows\system32\DRIVERS\atikmpag.sys
09:14:02.0746 7076	amdkmdap - ok
09:14:02.0777 7076	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
09:14:02.0777 7076	AmdPPM - ok
09:14:02.0824 7076	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
09:14:02.0824 7076	amdsata - ok
09:14:02.0886 7076	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
09:14:02.0886 7076	amdsbs - ok
09:14:02.0917 7076	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
09:14:02.0917 7076	amdxata - ok
09:14:03.0026 7076	AntiVirSchedulerService (a122d68ea2541453f787f341877cb40b) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
09:14:03.0042 7076	AntiVirSchedulerService - ok
09:14:03.0089 7076	AntiVirService  (2fe359edeb34efcf42574752f8aebd3f) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
09:14:03.0089 7076	AntiVirService - ok
09:14:03.0182 7076	ApfiltrService  (2d45f2dfbc3d8f53df7ebeffa8c9bc38) C:\Windows\system32\drivers\Apfiltr.sys
09:14:03.0198 7076	ApfiltrService - ok
09:14:03.0245 7076	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
09:14:03.0245 7076	AppID - ok
09:14:03.0276 7076	AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
09:14:03.0292 7076	AppIDSvc - ok
09:14:03.0323 7076	Appinfo         (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
09:14:03.0338 7076	Appinfo - ok
09:14:03.0385 7076	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
09:14:03.0385 7076	arc - ok
09:14:03.0432 7076	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
09:14:03.0432 7076	arcsas - ok
09:14:03.0448 7076	ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
09:14:03.0448 7076	ArcSoftKsUFilter - ok
09:14:03.0572 7076	aspnet_state    (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:14:03.0572 7076	aspnet_state - ok
09:14:03.0604 7076	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
09:14:03.0604 7076	AsyncMac - ok
09:14:03.0666 7076	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
09:14:03.0666 7076	atapi - ok
09:14:03.0822 7076	athr            (cca705cdf038d5bc243203ce4416b345) C:\Windows\system32\DRIVERS\athrx.sys
09:14:03.0853 7076	athr - ok
09:14:04.0555 7076	atikmdag        (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys
09:14:04.0602 7076	atikmdag - ok
09:14:04.0820 7076	atksgt          (fc0e8778c000291caf60eb88c011e931) C:\Windows\system32\DRIVERS\atksgt.sys
09:14:04.0836 7076	atksgt - ok
09:14:04.0930 7076	AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
09:14:04.0945 7076	AudioEndpointBuilder - ok
09:14:04.0961 7076	AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
09:14:04.0961 7076	AudioSrv - ok
09:14:05.0023 7076	avgntflt        (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
09:14:05.0023 7076	avgntflt - ok
09:14:05.0086 7076	avipbb          (852e3c0a60d368c487949e55ad52a47f) C:\Windows\system32\DRIVERS\avipbb.sys
09:14:05.0101 7076	avipbb - ok
09:14:05.0117 7076	avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
09:14:05.0117 7076	avkmgr - ok
09:14:05.0195 7076	AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
09:14:05.0195 7076	AxInstSV - ok
09:14:05.0257 7076	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
09:14:05.0273 7076	b06bdrv - ok
09:14:05.0320 7076	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
09:14:05.0335 7076	b57nd60a - ok
09:14:05.0382 7076	BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
09:14:05.0398 7076	BDESVC - ok
09:14:05.0413 7076	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
09:14:05.0413 7076	Beep - ok
09:14:05.0522 7076	BFE             (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
09:14:05.0522 7076	BFE - ok
09:14:05.0632 7076	BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
09:14:05.0647 7076	BITS - ok
09:14:05.0710 7076	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
09:14:05.0710 7076	blbdrive - ok
09:14:05.0772 7076	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
09:14:05.0772 7076	bowser - ok
09:14:05.0803 7076	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
09:14:05.0819 7076	BrFiltLo - ok
09:14:05.0834 7076	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
09:14:05.0834 7076	BrFiltUp - ok
09:14:05.0881 7076	Browser         (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
09:14:05.0881 7076	Browser - ok
09:14:05.0928 7076	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
09:14:05.0944 7076	Brserid - ok
09:14:05.0975 7076	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
09:14:05.0975 7076	BrSerWdm - ok
09:14:06.0022 7076	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
09:14:06.0022 7076	BrUsbMdm - ok
09:14:06.0053 7076	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
09:14:06.0053 7076	BrUsbSer - ok
09:14:06.0115 7076	BthEnum         (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
09:14:06.0131 7076	BthEnum - ok
09:14:06.0146 7076	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
09:14:06.0146 7076	BTHMODEM - ok
09:14:06.0209 7076	BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
09:14:06.0209 7076	BthPan - ok
09:14:06.0271 7076	BTHPORT         (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
09:14:06.0287 7076	BTHPORT - ok
09:14:06.0349 7076	bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
09:14:06.0349 7076	bthserv - ok
09:14:06.0365 7076	BTHUSB          (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
09:14:06.0365 7076	BTHUSB - ok
09:14:06.0443 7076	btwampfl        (59e3510784548c6939c1b3b985c232e3) C:\Windows\system32\drivers\btwampfl.sys
09:14:06.0458 7076	btwampfl - ok
09:14:06.0490 7076	btwaudio        (1872074ed0a3fb22e3f1e3197b984bfa) C:\Windows\system32\drivers\btwaudio.sys
09:14:06.0490 7076	btwaudio - ok
09:14:06.0552 7076	btwavdt         (691cf076c33ab1c3a5b2fd5450300733) C:\Windows\system32\drivers\btwavdt.sys
09:14:06.0568 7076	btwavdt - ok
09:14:06.0739 7076	btwdins         (8ba6e93a182126781952a7895ec1e4b2) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
09:14:06.0755 7076	btwdins - ok
09:14:06.0802 7076	btwl2cap        (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
09:14:06.0817 7076	btwl2cap - ok
09:14:06.0848 7076	btwrchid        (c9273b20dec8ce38dbce5d29de63c907) C:\Windows\system32\DRIVERS\btwrchid.sys
09:14:06.0848 7076	btwrchid - ok
09:14:06.0880 7076	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
09:14:06.0880 7076	cdfs - ok
09:14:06.0958 7076	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
09:14:06.0958 7076	cdrom - ok
09:14:07.0004 7076	CertPropSvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
09:14:07.0004 7076	CertPropSvc - ok
09:14:07.0051 7076	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
09:14:07.0051 7076	circlass - ok
09:14:07.0114 7076	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
09:14:07.0129 7076	CLFS - ok
09:14:07.0192 7076	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:14:07.0192 7076	clr_optimization_v2.0.50727_32 - ok
09:14:07.0238 7076	clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:14:07.0238 7076	clr_optimization_v2.0.50727_64 - ok
09:14:07.0332 7076	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:14:07.0332 7076	clr_optimization_v4.0.30319_32 - ok
09:14:07.0379 7076	clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:14:07.0379 7076	clr_optimization_v4.0.30319_64 - ok
09:14:07.0426 7076	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
09:14:07.0426 7076	CmBatt - ok
09:14:07.0472 7076	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
09:14:07.0472 7076	cmdide - ok
09:14:07.0550 7076	CNG             (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
09:14:07.0566 7076	CNG - ok
09:14:07.0628 7076	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
09:14:07.0628 7076	Compbatt - ok
09:14:07.0675 7076	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
09:14:07.0675 7076	CompositeBus - ok
09:14:07.0691 7076	COMSysApp - ok
09:14:07.0706 7076	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
09:14:07.0722 7076	crcdisk - ok
09:14:07.0784 7076	CryptSvc        (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
09:14:07.0784 7076	CryptSvc - ok
09:14:07.0862 7076	DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
09:14:07.0862 7076	DcomLaunch - ok
09:14:07.0909 7076	defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
09:14:07.0909 7076	defragsvc - ok
09:14:07.0972 7076	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
09:14:07.0972 7076	DfsC - ok
09:14:08.0018 7076	dgderdrv - ok
09:14:08.0081 7076	Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
09:14:08.0081 7076	Dhcp - ok
09:14:08.0112 7076	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
09:14:08.0112 7076	discache - ok
09:14:08.0159 7076	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
09:14:08.0174 7076	Disk - ok
09:14:08.0221 7076	Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
09:14:08.0221 7076	Dnscache - ok
09:14:08.0284 7076	dot3svc         (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
09:14:08.0299 7076	dot3svc - ok
09:14:08.0362 7076	DPS             (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
09:14:08.0377 7076	DPS - ok
09:14:08.0408 7076	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
09:14:08.0408 7076	drmkaud - ok
09:14:08.0518 7076	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
09:14:08.0533 7076	DXGKrnl - ok
09:14:08.0564 7076	EagleX64 - ok
09:14:08.0627 7076	EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
09:14:08.0627 7076	EapHost - ok
09:14:08.0908 7076	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
09:14:08.0923 7076	ebdrv - ok
09:14:09.0079 7076	EFS             (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
09:14:09.0079 7076	EFS - ok
09:14:09.0204 7076	ehRecvr         (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
09:14:09.0220 7076	ehRecvr - ok
09:14:09.0251 7076	ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
09:14:09.0251 7076	ehSched - ok
09:14:09.0344 7076	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
09:14:09.0360 7076	elxstor - ok
09:14:09.0407 7076	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
09:14:09.0407 7076	ErrDev - ok
09:14:09.0469 7076	EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
09:14:09.0485 7076	EventSystem - ok
09:14:09.0532 7076	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
09:14:09.0532 7076	exfat - ok
09:14:09.0578 7076	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
09:14:09.0578 7076	fastfat - ok
09:14:09.0688 7076	Fax             (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
09:14:09.0703 7076	Fax - ok
09:14:09.0734 7076	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
09:14:09.0734 7076	fdc - ok
09:14:09.0781 7076	fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
09:14:09.0781 7076	fdPHost - ok
09:14:09.0797 7076	FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
09:14:09.0797 7076	FDResPub - ok
09:14:09.0828 7076	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
09:14:09.0828 7076	FileInfo - ok
09:14:09.0844 7076	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
09:14:09.0859 7076	Filetrace - ok
09:14:10.0124 7076	FirebirdServerMAGIXInstance (167d24a045499ebef438f231976158df) C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe
09:14:10.0156 7076	FirebirdServerMAGIXInstance - ok
09:14:10.0265 7076	FLEXnet Licensing Service (abedfd48ac042c6aaad32452e77217a1) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:14:10.0280 7076	FLEXnet Licensing Service - ok
09:14:10.0421 7076	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
09:14:10.0421 7076	flpydisk - ok
09:14:10.0483 7076	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
09:14:10.0483 7076	FltMgr - ok
09:14:10.0624 7076	FontCache       (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
09:14:10.0655 7076	FontCache - ok
09:14:10.0748 7076	FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:14:10.0748 7076	FontCache3.0.0.0 - ok
09:14:10.0795 7076	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
09:14:10.0811 7076	FsDepends - ok
09:14:10.0842 7076	Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
09:14:10.0858 7076	Fs_Rec - ok
09:14:10.0920 7076	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
09:14:10.0920 7076	fvevol - ok
09:14:10.0967 7076	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
09:14:10.0967 7076	gagp30kx - ok
09:14:11.0060 7076	gpsvc           (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
09:14:11.0076 7076	gpsvc - ok
09:14:11.0107 7076	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
09:14:11.0107 7076	hcw85cir - ok
09:14:11.0201 7076	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
09:14:11.0201 7076	HdAudAddService - ok
09:14:11.0263 7076	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
09:14:11.0279 7076	HDAudBus - ok
09:14:11.0310 7076	HECIx64         (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\drivers\HECIx64.sys
09:14:11.0310 7076	HECIx64 - ok
09:14:11.0341 7076	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
09:14:11.0357 7076	HidBatt - ok
09:14:11.0388 7076	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
09:14:11.0404 7076	HidBth - ok
09:14:11.0419 7076	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
09:14:11.0419 7076	HidIr - ok
09:14:11.0466 7076	hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
09:14:11.0466 7076	hidserv - ok
09:14:11.0513 7076	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
09:14:11.0513 7076	HidUsb - ok
09:14:11.0560 7076	hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
09:14:11.0575 7076	hkmsvc - ok
09:14:11.0638 7076	HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
09:14:11.0653 7076	HomeGroupListener - ok
09:14:11.0684 7076	HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
09:14:11.0700 7076	HomeGroupProvider - ok
09:14:11.0747 7076	HPMo4DE3        (502433044773567f6ce942f8e0a621ca) C:\Windows\system32\DRIVERS\HPMo4DE3.sys
09:14:11.0747 7076	HPMo4DE3 - ok
09:14:11.0794 7076	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
09:14:11.0809 7076	HpSAMD - ok
09:14:11.0825 7076	HPub4DE3        (a635ddb3ed98953bb4d42079017b4e30) C:\Windows\system32\Drivers\HPub4DE3.sys
09:14:11.0825 7076	HPub4DE3 - ok
09:14:11.0934 7076	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
09:14:11.0934 7076	HTTP - ok
09:14:11.0965 7076	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
09:14:11.0981 7076	hwpolicy - ok
09:14:12.0043 7076	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
09:14:12.0043 7076	i8042prt - ok
09:14:12.0121 7076	iaStor          (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\drivers\iaStor.sys
09:14:12.0137 7076	iaStor - ok
09:14:12.0246 7076	IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
09:14:12.0246 7076	IAStorDataMgrSvc - ok
09:14:12.0293 7076	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
09:14:12.0308 7076	iaStorV - ok
09:14:12.0464 7076	idsvc           (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:14:12.0496 7076	idsvc - ok
09:14:13.0260 7076	igfx            (2a22ab054f4630d2ef4bab2853f6d5f6) C:\Windows\system32\DRIVERS\igdkmd64.sys
09:14:13.0463 7076	igfx - ok
09:14:13.0634 7076	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
09:14:13.0634 7076	iirsp - ok
09:14:13.0744 7076	IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
09:14:13.0759 7076	IKEEXT - ok
09:14:13.0837 7076	Impcd           (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
09:14:13.0837 7076	Impcd - ok
09:14:14.0118 7076	IntcAzAudAddService (26407a11d7e222afb7ce32700abbd9d1) C:\Windows\system32\drivers\RTKVHD64.sys
09:14:14.0180 7076	IntcAzAudAddService - ok
09:14:14.0383 7076	IntcDAud        (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
09:14:14.0383 7076	IntcDAud - ok
09:14:14.0414 7076	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
09:14:14.0414 7076	intelide - ok
09:14:14.0461 7076	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
09:14:14.0477 7076	intelppm - ok
09:14:14.0524 7076	IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
09:14:14.0539 7076	IPBusEnum - ok
09:14:14.0586 7076	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:14:14.0586 7076	IpFilterDriver - ok
09:14:14.0633 7076	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
09:14:14.0633 7076	IPMIDRV - ok
09:14:14.0664 7076	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
09:14:14.0664 7076	IPNAT - ok
09:14:14.0711 7076	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
09:14:14.0711 7076	IRENUM - ok
09:14:14.0742 7076	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
09:14:14.0742 7076	isapnp - ok
09:14:14.0804 7076	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
09:14:14.0804 7076	iScsiPrt - ok
09:14:14.0836 7076	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
09:14:14.0851 7076	kbdclass - ok
09:14:14.0898 7076	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
09:14:14.0898 7076	kbdhid - ok
09:14:14.0945 7076	KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:14:14.0945 7076	KeyIso - ok
09:14:14.0960 7076	KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
09:14:14.0960 7076	KSecDD - ok
09:14:14.0992 7076	KSecPkg         (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
09:14:14.0992 7076	KSecPkg - ok
09:14:15.0038 7076	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
09:14:15.0054 7076	ksthunk - ok
09:14:15.0101 7076	KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
09:14:15.0116 7076	KtmRm - ok
09:14:15.0179 7076	LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
09:14:15.0179 7076	LanmanServer - ok
09:14:15.0241 7076	LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
09:14:15.0257 7076	LanmanWorkstation - ok
09:14:15.0304 7076	lirsgt          (156ab2e56dc3ca0b582e3362e07cded7) C:\Windows\system32\DRIVERS\lirsgt.sys
09:14:15.0319 7076	lirsgt - ok
09:14:15.0366 7076	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
09:14:15.0366 7076	lltdio - ok
09:14:15.0413 7076	lltdsvc         (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
09:14:15.0413 7076	lltdsvc - ok
09:14:15.0460 7076	lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
09:14:15.0460 7076	lmhosts - ok
09:14:15.0569 7076	LMS             (3d23191672d83e90d1cf63927ee98136) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
09:14:15.0569 7076	LMS - ok
09:14:15.0631 7076	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
09:14:15.0631 7076	LSI_FC - ok
09:14:15.0647 7076	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
09:14:15.0662 7076	LSI_SAS - ok
09:14:15.0694 7076	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
09:14:15.0694 7076	LSI_SAS2 - ok
09:14:15.0725 7076	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
09:14:15.0725 7076	LSI_SCSI - ok
09:14:15.0787 7076	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
09:14:15.0787 7076	luafv - ok
09:14:15.0850 7076	Mcx2Svc         (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
09:14:15.0850 7076	Mcx2Svc - ok
09:14:15.0881 7076	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
09:14:15.0881 7076	megasas - ok
09:14:15.0943 7076	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
09:14:15.0959 7076	MegaSR - ok
09:14:15.0990 7076	MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:14:15.0990 7076	MMCSS - ok
09:14:16.0021 7076	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
09:14:16.0021 7076	Modem - ok
09:14:16.0052 7076	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
09:14:16.0052 7076	monitor - ok
09:14:16.0084 7076	motmodem - ok
09:14:16.0130 7076	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
09:14:16.0130 7076	mouclass - ok
09:14:16.0177 7076	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
09:14:16.0177 7076	mouhid - ok
09:14:16.0224 7076	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
09:14:16.0240 7076	mountmgr - ok
09:14:16.0318 7076	MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:14:16.0333 7076	MozillaMaintenance - ok
09:14:16.0364 7076	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
09:14:16.0380 7076	mpio - ok
09:14:16.0427 7076	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
09:14:16.0442 7076	mpsdrv - ok
09:14:16.0489 7076	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
09:14:16.0489 7076	MRxDAV - ok
09:14:16.0536 7076	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:14:16.0552 7076	mrxsmb - ok
09:14:16.0598 7076	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:14:16.0614 7076	mrxsmb10 - ok
09:14:16.0661 7076	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:14:16.0661 7076	mrxsmb20 - ok
09:14:16.0708 7076	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
09:14:16.0708 7076	msahci - ok
09:14:16.0754 7076	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
09:14:16.0754 7076	msdsm - ok
09:14:16.0801 7076	MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
09:14:16.0817 7076	MSDTC - ok
09:14:16.0864 7076	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
09:14:16.0864 7076	Msfs - ok
09:14:16.0895 7076	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
09:14:16.0895 7076	mshidkmdf - ok
09:14:16.0942 7076	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
09:14:16.0942 7076	msisadrv - ok
09:14:16.0973 7076	MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
09:14:16.0973 7076	MSiSCSI - ok
09:14:16.0988 7076	msiserver - ok
09:14:17.0020 7076	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
09:14:17.0020 7076	MSKSSRV - ok
09:14:17.0035 7076	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
09:14:17.0035 7076	MSPCLOCK - ok
09:14:17.0051 7076	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
09:14:17.0051 7076	MSPQM - ok
09:14:17.0113 7076	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
09:14:17.0129 7076	MsRPC - ok
09:14:17.0160 7076	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
09:14:17.0160 7076	mssmbios - ok
09:14:17.0176 7076	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
09:14:17.0176 7076	MSTEE - ok
09:14:17.0207 7076	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
09:14:17.0207 7076	MTConfig - ok
09:14:17.0222 7076	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
09:14:17.0222 7076	Mup - ok
09:14:17.0300 7076	napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
09:14:17.0300 7076	napagent - ok
09:14:17.0378 7076	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
09:14:17.0394 7076	NativeWifiP - ok
09:14:17.0519 7076	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
09:14:17.0534 7076	NDIS - ok
09:14:17.0566 7076	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
09:14:17.0566 7076	NdisCap - ok
09:14:17.0597 7076	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
09:14:17.0597 7076	NdisTapi - ok
09:14:17.0644 7076	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
09:14:17.0644 7076	Ndisuio - ok
09:14:17.0675 7076	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
09:14:17.0675 7076	NdisWan - ok
09:14:17.0722 7076	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
09:14:17.0722 7076	NDProxy - ok
09:14:17.0753 7076	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
09:14:17.0753 7076	NetBIOS - ok
09:14:17.0815 7076	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
09:14:17.0831 7076	NetBT - ok
09:14:17.0878 7076	Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:14:17.0878 7076	Netlogon - ok
09:14:17.0940 7076	Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
09:14:17.0940 7076	Netman - ok
09:14:18.0065 7076	NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:14:18.0065 7076	NetMsmqActivator - ok
09:14:18.0065 7076	NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:14:18.0080 7076	NetPipeActivator - ok
09:14:18.0143 7076	netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
09:14:18.0158 7076	netprofm - ok
09:14:18.0190 7076	NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:14:18.0190 7076	NetTcpActivator - ok
09:14:18.0190 7076	NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:14:18.0190 7076	NetTcpPortSharing - ok
09:14:18.0268 7076	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
09:14:18.0268 7076	nfrd960 - ok
09:14:18.0346 7076	NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
09:14:18.0361 7076	NlaSvc - ok
09:14:18.0517 7076	NMIndexingService (a328a46d87bb92ce4d8a4528e9d84787) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
09:14:18.0517 7076	NMIndexingService - ok
09:14:18.0548 7076	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
09:14:18.0564 7076	Npfs - ok
09:14:18.0595 7076	nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
09:14:18.0595 7076	nsi - ok
09:14:18.0611 7076	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
09:14:18.0611 7076	nsiproxy - ok
09:14:18.0782 7076	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
09:14:18.0814 7076	Ntfs - ok
09:14:18.0954 7076	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
09:14:18.0954 7076	Null - ok
09:14:19.0001 7076	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
09:14:19.0016 7076	nvraid - ok
09:14:19.0063 7076	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
09:14:19.0063 7076	nvstor - ok
09:14:19.0094 7076	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
09:14:19.0110 7076	nv_agp - ok
09:14:19.0141 7076	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
09:14:19.0141 7076	ohci1394 - ok
09:14:19.0219 7076	ose             (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:14:19.0235 7076	ose - ok
09:14:19.0282 7076	p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:14:19.0282 7076	p2pimsvc - ok
09:14:19.0344 7076	p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
09:14:19.0360 7076	p2psvc - ok
09:14:19.0391 7076	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
09:14:19.0391 7076	Parport - ok
09:14:19.0438 7076	partmgr         (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
09:14:19.0438 7076	partmgr - ok
09:14:19.0484 7076	PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
09:14:19.0500 7076	PcaSvc - ok
09:14:19.0547 7076	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
09:14:19.0547 7076	pci - ok
09:14:19.0609 7076	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
09:14:19.0609 7076	pciide - ok
09:14:19.0640 7076	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
09:14:19.0656 7076	pcmcia - ok
09:14:19.0687 7076	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
09:14:19.0703 7076	pcw - ok
09:14:19.0781 7076	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
09:14:19.0796 7076	PEAUTH - ok
09:14:19.0906 7076	PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
09:14:19.0906 7076	PerfHost - ok
09:14:20.0140 7076	pla             (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
09:14:20.0171 7076	pla - ok
09:14:20.0249 7076	PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
09:14:20.0264 7076	PlugPlay - ok
09:14:20.0405 7076	PMBDeviceInfoProvider (80e85394d8cd7f84340b1c6f4b9d698f) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
09:14:20.0405 7076	PMBDeviceInfoProvider - ok
09:14:20.0436 7076	PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
09:14:20.0436 7076	PNRPAutoReg - ok
09:14:20.0467 7076	PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:14:20.0467 7076	PNRPsvc - ok
09:14:20.0545 7076	PolicyAgent     (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
09:14:20.0545 7076	PolicyAgent - ok
09:14:20.0608 7076	Power           (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
09:14:20.0623 7076	Power - ok
09:14:20.0686 7076	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
09:14:20.0701 7076	PptpMiniport - ok
09:14:20.0732 7076	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
09:14:20.0732 7076	Processor - ok
09:14:20.0795 7076	ProfSvc         (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
09:14:20.0795 7076	ProfSvc - ok
09:14:20.0842 7076	ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:14:20.0857 7076	ProtectedStorage - ok
09:14:20.0904 7076	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
09:14:20.0904 7076	Psched - ok
09:14:20.0920 7076	PxHlpa64        (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
09:14:20.0920 7076	PxHlpa64 - ok
09:14:21.0076 7076	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
09:14:21.0122 7076	ql2300 - ok
09:14:21.0278 7076	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
09:14:21.0294 7076	ql40xx - ok
09:14:21.0325 7076	QWAVE           (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
09:14:21.0341 7076	QWAVE - ok
09:14:21.0372 7076	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
09:14:21.0372 7076	QWAVEdrv - ok
09:14:21.0388 7076	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
09:14:21.0388 7076	RasAcd - ok
09:14:21.0434 7076	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
09:14:21.0434 7076	RasAgileVpn - ok
09:14:21.0481 7076	RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
09:14:21.0497 7076	RasAuto - ok
09:14:21.0544 7076	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:14:21.0544 7076	Rasl2tp - ok
09:14:21.0606 7076	RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
09:14:21.0606 7076	RasMan - ok
09:14:21.0653 7076	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
09:14:21.0668 7076	RasPppoe - ok
09:14:21.0684 7076	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
09:14:21.0684 7076	RasSstp - ok
09:14:21.0746 7076	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
09:14:21.0762 7076	rdbss - ok
09:14:21.0778 7076	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
09:14:21.0778 7076	rdpbus - ok
09:14:21.0809 7076	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:14:21.0824 7076	RDPCDD - ok
09:14:21.0856 7076	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
09:14:21.0856 7076	RDPENCDD - ok
09:14:21.0871 7076	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
09:14:21.0871 7076	RDPREFMP - ok
09:14:21.0934 7076	RDPWD           (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
09:14:21.0934 7076	RDPWD - ok
09:14:21.0996 7076	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
09:14:22.0012 7076	rdyboost - ok
09:14:22.0043 7076	RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
09:14:22.0043 7076	RemoteAccess - ok
09:14:22.0090 7076	RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
09:14:22.0105 7076	RemoteRegistry - ok
09:14:22.0136 7076	RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
09:14:22.0152 7076	RFCOMM - ok
09:14:22.0199 7076	rimspci         (fa6abc06b629da29634d31f1fe0347bd) C:\Windows\system32\drivers\rimssne64.sys
09:14:22.0214 7076	rimspci - ok
09:14:22.0261 7076	risdsnpe        (8f8539a7f5c117d4407b2985995671f2) C:\Windows\system32\drivers\risdsne64.sys
09:14:22.0277 7076	risdsnpe - ok
09:14:22.0308 7076	RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
09:14:22.0308 7076	RpcEptMapper - ok
09:14:22.0339 7076	RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
09:14:22.0339 7076	RpcLocator - ok
09:14:22.0417 7076	RpcSs           (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
09:14:22.0433 7076	RpcSs - ok
09:14:22.0464 7076	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
09:14:22.0480 7076	rspndr - ok
09:14:22.0542 7076	RTHDMIAzAudService (c20f64fcd5e2b40310a1774495877acd) C:\Windows\system32\drivers\RtHDMIVX.sys
09:14:22.0558 7076	RTHDMIAzAudService - ok
09:14:22.0667 7076	SamSs           (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:14:22.0667 7076	SamSs - ok
09:14:22.0698 7076	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
09:14:22.0714 7076	sbp2port - ok
09:14:22.0885 7076	SBSDWSCService  (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
09:14:22.0901 7076	SBSDWSCService - ok
09:14:22.0932 7076	SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
09:14:22.0948 7076	SCardSvr - ok
09:14:23.0026 7076	SCDEmu          (6ce6f98ea3d07a9c2ce3cd0a5a86352d) C:\Windows\system32\drivers\SCDEmu.sys
09:14:23.0026 7076	SCDEmu - ok
09:14:23.0072 7076	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
09:14:23.0072 7076	scfilter - ok
09:14:23.0197 7076	Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
09:14:23.0213 7076	Schedule - ok
09:14:23.0260 7076	SCPolicySvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
09:14:23.0260 7076	SCPolicySvc - ok
09:14:23.0338 7076	sdbus           (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
09:14:23.0338 7076	sdbus - ok
09:14:23.0384 7076	SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
09:14:23.0400 7076	SDRSVC - ok
09:14:23.0447 7076	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
09:14:23.0447 7076	secdrv - ok
09:14:23.0462 7076	seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
09:14:23.0462 7076	seclogon - ok
09:14:23.0509 7076	SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
09:14:23.0509 7076	SENS - ok
09:14:23.0525 7076	SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
09:14:23.0540 7076	SensrSvc - ok
09:14:23.0556 7076	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
09:14:23.0556 7076	Serenum - ok
09:14:23.0587 7076	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
09:14:23.0587 7076	Serial - ok
09:14:23.0634 7076	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
09:14:23.0650 7076	sermouse - ok
09:14:23.0696 7076	SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
09:14:23.0712 7076	SessionEnv - ok
09:14:23.0743 7076	SFEP            (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
09:14:23.0743 7076	SFEP - ok
09:14:23.0774 7076	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
09:14:23.0790 7076	sffdisk - ok
09:14:23.0806 7076	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
09:14:23.0806 7076	sffp_mmc - ok
09:14:23.0806 7076	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
09:14:23.0821 7076	sffp_sd - ok
09:14:23.0852 7076	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
09:14:23.0852 7076	sfloppy - ok
09:14:23.0930 7076	SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
09:14:23.0946 7076	SharedAccess - ok
09:14:24.0008 7076	ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
09:14:24.0024 7076	ShellHWDetection - ok
09:14:24.0071 7076	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
09:14:24.0071 7076	SiSRaid2 - ok
09:14:24.0102 7076	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
09:14:24.0118 7076	SiSRaid4 - ok
09:14:24.0149 7076	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
09:14:24.0149 7076	Smb - ok
09:14:24.0196 7076	SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
09:14:24.0196 7076	SNMPTRAP - ok
09:14:24.0289 7076	SOHCImp         (c3e69db0a4e59564230e053232f39ac7) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
09:14:24.0305 7076	SOHCImp - ok
09:14:24.0367 7076	SOHDms          (65cc4779a29c3e82b987bd4961790dff) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
09:14:24.0367 7076	SOHDms - ok
09:14:24.0383 7076	SOHDs           (f47d75cee1844eef4a9ea6ee768828fb) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
09:14:24.0398 7076	SOHDs - ok
09:14:24.0523 7076	speedfan        (5f9785e7535f8f602cb294a54962c9e7) C:\Windows\syswow64\speedfan.sys
09:14:24.0523 7076	speedfan - ok
09:14:24.0632 7076	SpfService      (5449fc97476f52e027409e703791e6a9) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
09:14:24.0632 7076	SpfService - ok
09:14:24.0757 7076	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
09:14:24.0757 7076	spldr - ok
09:14:24.0851 7076	Spooler         (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
09:14:24.0866 7076	Spooler - ok
09:14:25.0178 7076	sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
09:14:25.0225 7076	sppsvc - ok
09:14:25.0366 7076	sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
09:14:25.0366 7076	sppuinotify - ok
09:14:25.0522 7076	sptd            (34f974f8b3c86de03a30dcbe79091c97) C:\Windows\system32\Drivers\sptd.sys
09:14:25.0522 7076	Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 34f974f8b3c86de03a30dcbe79091c97
09:14:25.0537 7076	sptd ( LockedFile.Multi.Generic ) - warning
09:14:25.0537 7076	sptd - detected LockedFile.Multi.Generic (1)
09:14:25.0615 7076	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
09:14:25.0631 7076	srv - ok
09:14:25.0693 7076	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
09:14:25.0693 7076	srv2 - ok
09:14:25.0740 7076	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
09:14:25.0740 7076	srvnet - ok
09:14:25.0787 7076	SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
09:14:25.0802 7076	SSDPSRV - ok
09:14:25.0818 7076	SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
09:14:25.0818 7076	SstpSvc - ok
09:14:26.0005 7076	StarWindServiceAE (e5c796b621f6fba8616511063d7f0ffe) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
09:14:26.0005 7076	StarWindServiceAE - ok
09:14:26.0021 7076	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
09:14:26.0021 7076	stexstor - ok
09:14:26.0114 7076	stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
09:14:26.0114 7076	stisvc - ok
09:14:26.0161 7076	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
09:14:26.0161 7076	swenum - ok
09:14:26.0239 7076	swprv           (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
09:14:26.0255 7076	swprv - ok
09:14:26.0270 7076	SysInfo - ok
09:14:26.0442 7076	SysMain         (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
09:14:26.0473 7076	SysMain - ok
09:14:26.0629 7076	TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
09:14:26.0629 7076	TabletInputService - ok
09:14:26.0692 7076	TapiSrv         (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
09:14:26.0692 7076	TapiSrv - ok
09:14:26.0723 7076	TBS             (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
09:14:26.0738 7076	TBS - ok
09:14:26.0941 7076	Tcpip           (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
09:14:26.0988 7076	Tcpip - ok
09:14:27.0300 7076	TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
09:14:27.0316 7076	TCPIP6 - ok
09:14:27.0487 7076	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
09:14:27.0503 7076	tcpipreg - ok
09:14:27.0565 7076	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
09:14:27.0565 7076	TDPIPE - ok
09:14:27.0612 7076	TDTCP           (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
09:14:27.0612 7076	TDTCP - ok
09:14:27.0643 7076	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
09:14:27.0643 7076	tdx - ok
09:14:27.0690 7076	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
09:14:27.0690 7076	TermDD - ok
09:14:27.0784 7076	TermService     (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
09:14:27.0784 7076	TermService - ok
09:14:27.0815 7076	Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
09:14:27.0815 7076	Themes - ok
09:14:27.0862 7076	THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:14:27.0862 7076	THREADORDER - ok
09:14:27.0877 7076	TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
09:14:27.0877 7076	TrkWks - ok
09:14:27.0971 7076	TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
09:14:27.0971 7076	TrustedInstaller - ok
09:14:28.0018 7076	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:14:28.0018 7076	tssecsrv - ok
09:14:28.0049 7076	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
09:14:28.0064 7076	TsUsbFlt - ok
09:14:28.0096 7076	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
09:14:28.0096 7076	tunnel - ok
09:14:28.0127 7076	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
09:14:28.0127 7076	uagp35 - ok
09:14:28.0220 7076	uCamMonitor     (63f6d08c54d5b3c1b12a6172032055c7) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
09:14:28.0220 7076	uCamMonitor - ok
09:14:28.0283 7076	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
09:14:28.0298 7076	udfs - ok
09:14:28.0345 7076	UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
09:14:28.0345 7076	UI0Detect - ok
09:14:28.0408 7076	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
09:14:28.0408 7076	uliagpkx - ok
09:14:28.0470 7076	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
09:14:28.0470 7076	umbus - ok
09:14:28.0501 7076	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
09:14:28.0517 7076	UmPass - ok
09:14:28.0798 7076	UNS             (11a559e0f10cc5e788984023df400a6f) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
09:14:28.0844 7076	UNS - ok
09:14:29.0016 7076	upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
09:14:29.0016 7076	upnphost - ok
09:14:29.0110 7076	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
09:14:29.0110 7076	usbccgp - ok
09:14:29.0172 7076	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
09:14:29.0188 7076	usbcir - ok
09:14:29.0203 7076	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
09:14:29.0219 7076	usbehci - ok
09:14:29.0266 7076	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
09:14:29.0281 7076	usbhub - ok
09:14:29.0312 7076	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
09:14:29.0312 7076	usbohci - ok
09:14:29.0344 7076	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
09:14:29.0344 7076	usbprint - ok
09:14:29.0406 7076	usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
09:14:29.0406 7076	usbscan - ok
09:14:29.0453 7076	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
09:14:29.0453 7076	USBSTOR - ok
09:14:29.0468 7076	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
09:14:29.0468 7076	usbuhci - ok
09:14:29.0531 7076	usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
09:14:29.0531 7076	usbvideo - ok
09:14:29.0562 7076	UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
09:14:29.0562 7076	UxSms - ok
09:14:29.0671 7076	VAIO Event Service (a60605fc66552b421ee1f3d4ebb9a4e0) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
09:14:29.0671 7076	VAIO Event Service - ok
09:14:29.0796 7076	VAIO Power Management (d469be2723f79cf4b384680b1fdc577d) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
09:14:29.0812 7076	VAIO Power Management - ok
09:14:29.0858 7076	VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:14:29.0858 7076	VaultSvc - ok
09:14:30.0014 7076	VCFw            (6888526aeb8ddabde6f778fd40fc0693) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
09:14:30.0030 7076	VCFw - ok
09:14:30.0202 7076	VcmIAlzMgr      (07f47a1df726537313c1023515175532) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
09:14:30.0202 7076	VcmIAlzMgr - ok
09:14:30.0280 7076	VcmINSMgr       (cbb9f0d1017e0bed4cb5bbc0ebf26dc1) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
09:14:30.0280 7076	VcmINSMgr - ok
09:14:30.0373 7076	VcmXmlIfHelper  (c8e3ba694cc5eacec4c01660ace40d56) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
09:14:30.0373 7076	VcmXmlIfHelper - ok
09:14:30.0482 7076	VCService       (d347d3abe070aa09c22fc37121555d52) C:\Program Files\Sony\VAIO Care\VCService.exe
09:14:30.0482 7076	VCService - ok
09:14:30.0638 7076	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
09:14:30.0654 7076	vdrvroot - ok
09:14:30.0748 7076	vds             (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
09:14:30.0763 7076	vds - ok
09:14:30.0794 7076	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
09:14:30.0810 7076	vga - ok
09:14:30.0826 7076	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
09:14:30.0826 7076	VgaSave - ok
09:14:30.0872 7076	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
09:14:30.0872 7076	vhdmp - ok
09:14:30.0919 7076	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
09:14:30.0919 7076	viaide - ok
09:14:30.0935 7076	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
09:14:30.0935 7076	volmgr - ok
09:14:30.0997 7076	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
09:14:30.0997 7076	volmgrx - ok
09:14:31.0060 7076	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
09:14:31.0075 7076	volsnap - ok
09:14:31.0106 7076	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
09:14:31.0106 7076	vsmraid - ok
09:14:31.0309 7076	VSNService      (a7eb62c664a03901165290a714bd48d0) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
09:14:31.0325 7076	VSNService - ok
09:14:31.0450 7076	VSS             (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
09:14:31.0465 7076	VSS - ok
09:14:31.0730 7076	VUAgent         (fb4a1695d2d74f9c92ca5e84795cdbe1) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
09:14:31.0762 7076	VUAgent - ok
09:14:31.0918 7076	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
09:14:31.0918 7076	vwifibus - ok
09:14:31.0964 7076	vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
09:14:31.0964 7076	vwififlt - ok
09:14:32.0027 7076	W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
09:14:32.0042 7076	W32Time - ok
09:14:32.0074 7076	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
09:14:32.0074 7076	WacomPen - ok
09:14:32.0136 7076	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
09:14:32.0136 7076	WANARP - ok
09:14:32.0136 7076	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
09:14:32.0136 7076	Wanarpv6 - ok
09:14:32.0292 7076	wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
09:14:32.0339 7076	wbengine - ok
09:14:32.0510 7076	WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
09:14:32.0526 7076	WbioSrvc - ok
09:14:32.0588 7076	wcncsvc         (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
09:14:32.0604 7076	wcncsvc - ok
09:14:32.0635 7076	WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
09:14:32.0635 7076	WcsPlugInService - ok
09:14:32.0698 7076	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
09:14:32.0713 7076	Wd - ok
09:14:32.0791 7076	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
09:14:32.0822 7076	Wdf01000 - ok
09:14:32.0869 7076	WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:14:32.0869 7076	WdiServiceHost - ok
09:14:32.0869 7076	WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:14:32.0869 7076	WdiSystemHost - ok
09:14:32.0932 7076	WebClient       (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
09:14:32.0932 7076	WebClient - ok
09:14:32.0978 7076	Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
09:14:32.0994 7076	Wecsvc - ok
09:14:33.0010 7076	wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
09:14:33.0010 7076	wercplsupport - ok
09:14:33.0056 7076	WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
09:14:33.0056 7076	WerSvc - ok
09:14:33.0134 7076	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
09:14:33.0134 7076	WfpLwf - ok
09:14:33.0166 7076	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
09:14:33.0166 7076	WIMMount - ok
09:14:33.0181 7076	WinHttpAutoProxySvc - ok
09:14:33.0275 7076	Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
09:14:33.0275 7076	Winmgmt - ok
09:14:33.0478 7076	WinRM           (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
09:14:33.0509 7076	WinRM - ok
09:14:33.0743 7076	Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
09:14:33.0758 7076	Wlansvc - ok
09:14:33.0836 7076	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
09:14:33.0852 7076	WmiAcpi - ok
09:14:33.0930 7076	wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
09:14:33.0930 7076	wmiApSrv - ok
09:14:33.0992 7076	WMPNetworkSvc - ok
09:14:34.0039 7076	WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
09:14:34.0039 7076	WPCSvc - ok
09:14:34.0070 7076	WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
09:14:34.0086 7076	WPDBusEnum - ok
09:14:34.0102 7076	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
09:14:34.0102 7076	ws2ifsl - ok
09:14:34.0133 7076	wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
09:14:34.0133 7076	wscsvc - ok
09:14:34.0133 7076	WSearch - ok
09:14:34.0351 7076	wuauserv        (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
09:14:34.0398 7076	wuauserv - ok
09:14:34.0585 7076	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
09:14:34.0585 7076	WudfPf - ok
09:14:34.0632 7076	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
09:14:34.0632 7076	WUDFRd - ok
09:14:34.0648 7076	wudfsvc         (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
09:14:34.0648 7076	wudfsvc - ok
09:14:34.0710 7076	WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
09:14:34.0726 7076	WwanSvc - ok
09:14:34.0804 7076	X6va007 - ok
09:14:34.0866 7076	yukonw7         (5250193ef8e173aa7491250f00eb367f) C:\Windows\system32\DRIVERS\yk62x64.sys
09:14:34.0882 7076	yukonw7 - ok
09:14:34.0913 7076	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
09:14:35.0537 7076	\Device\Harddisk0\DR0 - ok
09:14:35.0552 7076	Boot (0x1200)   (166f3974c1b00ef8ad1c2a6bdfafab78) \Device\Harddisk0\DR0\Partition0
09:14:35.0552 7076	\Device\Harddisk0\DR0\Partition0 - ok
09:14:35.0552 7076	Boot (0x1200)   (04b5292c98f9300b2cf612e6ae4a0609) \Device\Harddisk0\DR0\Partition1
09:14:35.0552 7076	\Device\Harddisk0\DR0\Partition1 - ok
09:14:35.0552 7076	============================================================
09:14:35.0552 7076	Scan finished
09:14:35.0552 7076	============================================================
09:14:35.0568 4412	Detected object count: 2
09:14:35.0568 4412	Actual detected object count: 2
09:14:55.0193 4412	Akamai ( HiddenFile.Multi.Generic ) - skipped by user
09:14:55.0193 4412	Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 
09:14:55.0193 4412	sptd ( LockedFile.Multi.Generic ) - skipped by user
09:14:55.0193 4412	sptd ( LockedFile.Multi.Generic ) - User select action: Skip 
09:15:10.0528 2960	============================================================
09:15:10.0528 2960	Scan started
09:15:10.0528 2960	Mode: Manual; 
09:15:10.0528 2960	============================================================
09:15:10.0762 2960	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
09:15:10.0762 2960	1394ohci - ok
09:15:10.0840 2960	ACDaemon        (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
09:15:10.0840 2960	ACDaemon - ok
09:15:10.0902 2960	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
09:15:10.0918 2960	ACPI - ok
09:15:10.0965 2960	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
09:15:10.0965 2960	AcpiPmi - ok
09:15:11.0027 2960	AdobeActiveFileMonitor8.0 (34400005de52842c4d6d4ee978b4d7ce) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
09:15:11.0027 2960	AdobeActiveFileMonitor8.0 - ok
09:15:11.0105 2960	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
09:15:11.0121 2960	adp94xx - ok
09:15:11.0183 2960	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
09:15:11.0183 2960	adpahci - ok
09:15:11.0230 2960	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
09:15:11.0230 2960	adpu320 - ok
09:15:11.0277 2960	AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
09:15:11.0277 2960	AeLookupSvc - ok
09:15:11.0355 2960	AFD             (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
09:15:11.0370 2960	AFD - ok
09:15:11.0417 2960	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
09:15:11.0417 2960	agp440 - ok
09:15:11.0776 2960	Akamai          (c775d704feb2b600a5bf7b0b088546af) c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll
09:15:11.0776 2960	Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll. md5: c775d704feb2b600a5bf7b0b088546af
09:15:11.0776 2960	Akamai ( HiddenFile.Multi.Generic ) - warning
09:15:11.0776 2960	Akamai - detected HiddenFile.Multi.Generic (1)
09:15:11.0932 2960	ALG             (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
09:15:11.0932 2960	ALG - ok
09:15:11.0979 2960	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
09:15:11.0979 2960	aliide - ok
09:15:12.0041 2960	AMD External Events Utility (3f9b03b72577a6a7405bf30801cbd159) C:\Windows\system32\atiesrxx.exe
09:15:12.0041 2960	AMD External Events Utility - ok
09:15:12.0072 2960	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
09:15:12.0088 2960	amdide - ok
09:15:12.0119 2960	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
09:15:12.0135 2960	AmdK8 - ok
09:15:12.0665 2960	amdkmdag        (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys
09:15:12.0712 2960	amdkmdag - ok
09:15:12.0868 2960	amdkmdap        (dca6e341a4a7c31ea8a14c6166c9b249) C:\Windows\system32\DRIVERS\atikmpag.sys
09:15:12.0868 2960	amdkmdap - ok
09:15:12.0899 2960	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
09:15:12.0899 2960	AmdPPM - ok
09:15:12.0946 2960	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
09:15:12.0946 2960	amdsata - ok
09:15:12.0993 2960	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
09:15:13.0008 2960	amdsbs - ok
09:15:13.0039 2960	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
09:15:13.0039 2960	amdxata - ok
09:15:13.0117 2960	AntiVirSchedulerService (a122d68ea2541453f787f341877cb40b) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
09:15:13.0117 2960	AntiVirSchedulerService - ok
09:15:13.0149 2960	AntiVirService  (2fe359edeb34efcf42574752f8aebd3f) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
09:15:13.0149 2960	AntiVirService - ok
09:15:13.0195 2960	ApfiltrService  (2d45f2dfbc3d8f53df7ebeffa8c9bc38) C:\Windows\system32\drivers\Apfiltr.sys
09:15:13.0211 2960	ApfiltrService - ok
09:15:13.0242 2960	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
09:15:13.0258 2960	AppID - ok
09:15:13.0289 2960	AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
09:15:13.0305 2960	AppIDSvc - ok
09:15:13.0320 2960	Appinfo         (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
09:15:13.0320 2960	Appinfo - ok
09:15:13.0367 2960	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
09:15:13.0367 2960	arc - ok
09:15:13.0398 2960	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
09:15:13.0398 2960	arcsas - ok
09:15:13.0414 2960	ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
09:15:13.0414 2960	ArcSoftKsUFilter - ok
09:15:13.0554 2960	aspnet_state    (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:15:13.0554 2960	aspnet_state - ok
09:15:13.0570 2960	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
09:15:13.0570 2960	AsyncMac - ok
09:15:13.0601 2960	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
09:15:13.0617 2960	atapi - ok
09:15:13.0773 2960	athr            (cca705cdf038d5bc243203ce4416b345) C:\Windows\system32\DRIVERS\athrx.sys
09:15:13.0788 2960	athr - ok
09:15:14.0443 2960	atikmdag        (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys
09:15:14.0475 2960	atikmdag - ok
09:15:14.0677 2960	atksgt          (fc0e8778c000291caf60eb88c011e931) C:\Windows\system32\DRIVERS\atksgt.sys
09:15:14.0693 2960	atksgt - ok
09:15:14.0787 2960	AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
09:15:14.0802 2960	AudioEndpointBuilder - ok
09:15:14.0818 2960	AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
09:15:14.0818 2960	AudioSrv - ok
09:15:14.0849 2960	avgntflt        (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
09:15:14.0849 2960	avgntflt - ok
09:15:14.0865 2960	avipbb          (852e3c0a60d368c487949e55ad52a47f) C:\Windows\system32\DRIVERS\avipbb.sys
09:15:14.0880 2960	avipbb - ok
09:15:14.0896 2960	avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
09:15:14.0896 2960	avkmgr - ok
09:15:14.0927 2960	AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
09:15:14.0927 2960	AxInstSV - ok
09:15:14.0989 2960	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
09:15:15.0005 2960	b06bdrv - ok
09:15:15.0036 2960	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
09:15:15.0052 2960	b57nd60a - ok
09:15:15.0099 2960	BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
09:15:15.0099 2960	BDESVC - ok
09:15:15.0114 2960	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
09:15:15.0114 2960	Beep - ok
09:15:15.0208 2960	BFE             (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
09:15:15.0223 2960	BFE - ok
09:15:15.0317 2960	BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
09:15:15.0333 2960	BITS - ok
09:15:15.0379 2960	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
09:15:15.0395 2960	blbdrive - ok
09:15:15.0442 2960	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
09:15:15.0442 2960	bowser - ok
09:15:15.0457 2960	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
09:15:15.0473 2960	BrFiltLo - ok
09:15:15.0489 2960	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
09:15:15.0489 2960	BrFiltUp - ok
09:15:15.0535 2960	Browser         (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
09:15:15.0535 2960	Browser - ok
09:15:15.0598 2960	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
09:15:15.0598 2960	Brserid - ok
09:15:15.0629 2960	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
09:15:15.0629 2960	BrSerWdm - ok
09:15:15.0676 2960	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
09:15:15.0676 2960	BrUsbMdm - ok
09:15:15.0707 2960	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
09:15:15.0707 2960	BrUsbSer - ok
09:15:15.0754 2960	BthEnum         (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
09:15:15.0754 2960	BthEnum - ok
09:15:15.0785 2960	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
09:15:15.0785 2960	BTHMODEM - ok
09:15:15.0801 2960	BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
09:15:15.0801 2960	BthPan - ok
09:15:15.0863 2960	BTHPORT         (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
09:15:15.0879 2960	BTHPORT - ok
09:15:15.0910 2960	bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
09:15:15.0910 2960	bthserv - ok
09:15:15.0941 2960	BTHUSB          (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
09:15:15.0941 2960	BTHUSB - ok
09:15:15.0988 2960	btwampfl        (59e3510784548c6939c1b3b985c232e3) C:\Windows\system32\drivers\btwampfl.sys
09:15:16.0003 2960	btwampfl - ok
09:15:16.0035 2960	btwaudio        (1872074ed0a3fb22e3f1e3197b984bfa) C:\Windows\system32\drivers\btwaudio.sys
09:15:16.0035 2960	btwaudio - ok
09:15:16.0066 2960	btwavdt         (691cf076c33ab1c3a5b2fd5450300733) C:\Windows\system32\drivers\btwavdt.sys
09:15:16.0081 2960	btwavdt - ok
09:15:16.0222 2960	btwdins         (8ba6e93a182126781952a7895ec1e4b2) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
09:15:16.0253 2960	btwdins - ok
09:15:16.0284 2960	btwl2cap        (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
09:15:16.0284 2960	btwl2cap - ok
09:15:16.0315 2960	btwrchid        (c9273b20dec8ce38dbce5d29de63c907) C:\Windows\system32\DRIVERS\btwrchid.sys
09:15:16.0331 2960	btwrchid - ok
09:15:16.0362 2960	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
09:15:16.0378 2960	cdfs - ok
09:15:16.0409 2960	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
09:15:16.0425 2960	cdrom - ok
09:15:16.0456 2960	CertPropSvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
09:15:16.0471 2960	CertPropSvc - ok
09:15:16.0503 2960	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
09:15:16.0503 2960	circlass - ok
09:15:16.0549 2960	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
09:15:16.0565 2960	CLFS - ok
09:15:16.0612 2960	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:15:16.0627 2960	clr_optimization_v2.0.50727_32 - ok
09:15:16.0659 2960	clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:15:16.0659 2960	clr_optimization_v2.0.50727_64 - ok
09:15:16.0737 2960	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:15:16.0737 2960	clr_optimization_v4.0.30319_32 - ok
09:15:16.0783 2960	clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:15:16.0799 2960	clr_optimization_v4.0.30319_64 - ok
09:15:16.0830 2960	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
09:15:16.0846 2960	CmBatt - ok
09:15:16.0893 2960	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
09:15:16.0893 2960	cmdide - ok
09:15:16.0971 2960	CNG             (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
09:15:16.0986 2960	CNG - ok
09:15:17.0017 2960	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
09:15:17.0017 2960	Compbatt - ok
09:15:17.0064 2960	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
09:15:17.0064 2960	CompositeBus - ok
09:15:17.0064 2960	COMSysApp - ok
09:15:17.0095 2960	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
09:15:17.0095 2960	crcdisk - ok
09:15:17.0158 2960	CryptSvc        (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
09:15:17.0158 2960	CryptSvc - ok
09:15:17.0236 2960	DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
09:15:17.0251 2960	DcomLaunch - ok
09:15:17.0298 2960	defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
09:15:17.0314 2960	defragsvc - ok
09:15:17.0361 2960	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
09:15:17.0361 2960	DfsC - ok
09:15:17.0361 2960	dgderdrv - ok
09:15:17.0407 2960	Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
09:15:17.0407 2960	Dhcp - ok
09:15:17.0439 2960	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
09:15:17.0439 2960	discache - ok
09:15:17.0485 2960	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
09:15:17.0485 2960	Disk - ok
09:15:17.0532 2960	Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
09:15:17.0532 2960	Dnscache - ok
09:15:17.0595 2960	dot3svc         (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
09:15:17.0610 2960	dot3svc - ok
09:15:17.0657 2960	DPS             (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
09:15:17.0657 2960	DPS - ok
09:15:17.0688 2960	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
09:15:17.0688 2960	drmkaud - ok
09:15:17.0813 2960	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
09:15:17.0829 2960	DXGKrnl - ok
09:15:17.0844 2960	EagleX64 - ok
09:15:17.0891 2960	EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
09:15:17.0891 2960	EapHost - ok
09:15:18.0172 2960	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
09:15:18.0219 2960	ebdrv - ok
09:15:18.0375 2960	EFS             (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
09:15:18.0375 2960	EFS - ok
09:15:18.0468 2960	ehRecvr         (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
09:15:18.0484 2960	ehRecvr - ok
09:15:18.0531 2960	ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
09:15:18.0531 2960	ehSched - ok
09:15:18.0624 2960	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
09:15:18.0624 2960	elxstor - ok
09:15:18.0671 2960	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
09:15:18.0687 2960	ErrDev - ok
09:15:18.0733 2960	EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
09:15:18.0749 2960	EventSystem - ok
09:15:18.0780 2960	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
09:15:18.0796 2960	exfat - ok
09:15:18.0843 2960	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
09:15:18.0843 2960	fastfat - ok
09:15:18.0936 2960	Fax             (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
09:15:18.0952 2960	Fax - ok
09:15:18.0983 2960	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
09:15:18.0983 2960	fdc - ok
09:15:19.0014 2960	fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
09:15:19.0030 2960	fdPHost - ok
09:15:19.0030 2960	FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
09:15:19.0045 2960	FDResPub - ok
09:15:19.0061 2960	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
09:15:19.0061 2960	FileInfo - ok
09:15:19.0077 2960	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
09:15:19.0092 2960	Filetrace - ok
09:15:19.0326 2960	FirebirdServerMAGIXInstance (167d24a045499ebef438f231976158df) C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe
09:15:19.0357 2960	FirebirdServerMAGIXInstance - ok
09:15:19.0482 2960	FLEXnet Licensing Service (abedfd48ac042c6aaad32452e77217a1) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:15:19.0498 2960	FLEXnet Licensing Service - ok
09:15:19.0638 2960	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
09:15:19.0638 2960	flpydisk - ok
09:15:19.0701 2960	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
09:15:19.0716 2960	FltMgr - ok
09:15:19.0841 2960	FontCache       (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
09:15:19.0857 2960	FontCache - ok
09:15:19.0950 2960	FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:15:19.0950 2960	FontCache3.0.0.0 - ok
09:15:19.0997 2960	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
09:15:20.0013 2960	FsDepends - ok
09:15:20.0044 2960	Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
09:15:20.0044 2960	Fs_Rec - ok
09:15:20.0091 2960	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
09:15:20.0106 2960	fvevol - ok
09:15:20.0122 2960	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
09:15:20.0122 2960	gagp30kx - ok
09:15:20.0215 2960	gpsvc           (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
09:15:20.0231 2960	gpsvc - ok
09:15:20.0262 2960	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
09:15:20.0262 2960	hcw85cir - ok
09:15:20.0325 2960	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
09:15:20.0340 2960	HdAudAddService - ok
09:15:20.0387 2960	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
09:15:20.0387 2960	HDAudBus - ok
09:15:20.0418 2960	HECIx64         (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\drivers\HECIx64.sys
09:15:20.0434 2960	HECIx64 - ok
09:15:20.0465 2960	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
09:15:20.0465 2960	HidBatt - ok
09:15:20.0496 2960	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
09:15:20.0512 2960	HidBth - ok
09:15:20.0527 2960	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
09:15:20.0527 2960	HidIr - ok
09:15:20.0559 2960	hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
09:15:20.0559 2960	hidserv - ok
09:15:20.0605 2960	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
09:15:20.0605 2960	HidUsb - ok
09:15:20.0637 2960	hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
09:15:20.0652 2960	hkmsvc - ok
09:15:20.0699 2960	HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
09:15:20.0715 2960	HomeGroupListener - ok
09:15:20.0761 2960	HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
09:15:20.0761 2960	HomeGroupProvider - ok
09:15:20.0793 2960	HPMo4DE3        (502433044773567f6ce942f8e0a621ca) C:\Windows\system32\DRIVERS\HPMo4DE3.sys
09:15:20.0808 2960	HPMo4DE3 - ok
09:15:20.0839 2960	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
09:15:20.0855 2960	HpSAMD - ok
09:15:20.0871 2960	HPub4DE3        (a635ddb3ed98953bb4d42079017b4e30) C:\Windows\system32\Drivers\HPub4DE3.sys
09:15:20.0871 2960	HPub4DE3 - ok
09:15:20.0980 2960	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
09:15:20.0995 2960	HTTP - ok
09:15:21.0027 2960	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
09:15:21.0027 2960	hwpolicy - ok
09:15:21.0073 2960	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
09:15:21.0073 2960	i8042prt - ok
09:15:21.0151 2960	iaStor          (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\drivers\iaStor.sys
09:15:21.0167 2960	iaStor - ok
09:15:21.0245 2960	IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
09:15:21.0245 2960	IAStorDataMgrSvc - ok
09:15:21.0307 2960	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
09:15:21.0323 2960	iaStorV - ok
09:15:21.0495 2960	idsvc           (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:15:21.0510 2960	idsvc - ok
09:15:22.0321 2960	igfx            (2a22ab054f4630d2ef4bab2853f6d5f6) C:\Windows\system32\DRIVERS\igdkmd64.sys
09:15:22.0524 2960	igfx - ok
09:15:22.0680 2960	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
09:15:22.0680 2960	iirsp - ok
09:15:22.0789 2960	IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
09:15:22.0805 2960	IKEEXT - ok
09:15:22.0852 2960	Impcd           (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
09:15:22.0852 2960	Impcd - ok
09:15:23.0117 2960	IntcAzAudAddService (26407a11d7e222afb7ce32700abbd9d1) C:\Windows\system32\drivers\RTKVHD64.sys
09:15:23.0164 2960	IntcAzAudAddService - ok
09:15:23.0335 2960	IntcDAud        (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
09:15:23.0335 2960	IntcDAud - ok
09:15:23.0367 2960	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
09:15:23.0382 2960	intelide - ok
09:15:23.0413 2960	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
09:15:23.0413 2960	intelppm - ok
09:15:23.0460 2960	IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
09:15:23.0476 2960	IPBusEnum - ok
09:15:23.0507 2960	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:15:23.0523 2960	IpFilterDriver - ok
09:15:23.0569 2960	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
09:15:23.0569 2960	IPMIDRV - ok
09:15:23.0616 2960	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
09:15:23.0616 2960	IPNAT - ok
09:15:23.0632 2960	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
09:15:23.0632 2960	IRENUM - ok
09:15:23.0663 2960	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
09:15:23.0679 2960	isapnp - ok
09:15:23.0741 2960	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
09:15:23.0757 2960	iScsiPrt - ok
09:15:23.0772 2960	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
09:15:23.0788 2960	kbdclass - ok
09:15:23.0819 2960	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
09:15:23.0819 2960	kbdhid - ok
09:15:23.0866 2960	KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:15:23.0866 2960	KeyIso - ok
09:15:23.0881 2960	KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
09:15:23.0881 2960	KSecDD - ok
09:15:23.0913 2960	KSecPkg         (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
09:15:23.0913 2960	KSecPkg - ok
09:15:23.0959 2960	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
09:15:23.0959 2960	ksthunk - ok
09:15:24.0006 2960	KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
09:15:24.0022 2960	KtmRm - ok
09:15:24.0084 2960	LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
09:15:24.0084 2960	LanmanServer - ok
09:15:24.0131 2960	LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
09:15:24.0147 2960	LanmanWorkstation - ok
09:15:24.0178 2960	lirsgt          (156ab2e56dc3ca0b582e3362e07cded7) C:\Windows\system32\DRIVERS\lirsgt.sys
09:15:24.0178 2960	lirsgt - ok
09:15:24.0209 2960	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
09:15:24.0209 2960	lltdio - ok
09:15:24.0256 2960	lltdsvc         (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
09:15:24.0271 2960	lltdsvc - ok
09:15:24.0287 2960	lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
09:15:24.0287 2960	lmhosts - ok
09:15:24.0396 2960	LMS             (3d23191672d83e90d1cf63927ee98136) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
09:15:24.0396 2960	LMS - ok
09:15:24.0443 2960	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
09:15:24.0443 2960	LSI_FC - ok
09:15:24.0459 2960	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
09:15:24.0474 2960	LSI_SAS - ok
09:15:24.0521 2960	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
09:15:24.0521 2960	LSI_SAS2 - ok
09:15:24.0537 2960	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
09:15:24.0537 2960	LSI_SCSI - ok
09:15:24.0583 2960	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
09:15:24.0583 2960	luafv - ok
09:15:24.0615 2960	Mcx2Svc         (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
09:15:24.0630 2960	Mcx2Svc - ok
09:15:24.0661 2960	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
09:15:24.0661 2960	megasas - ok
09:15:24.0724 2960	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
09:15:24.0724 2960	MegaSR - ok
09:15:24.0755 2960	MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:15:24.0771 2960	MMCSS - ok
09:15:24.0786 2960	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
09:15:24.0786 2960	Modem - ok
09:15:24.0802 2960	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
09:15:24.0802 2960	monitor - ok
09:15:24.0817 2960	motmodem - ok
09:15:24.0849 2960	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
09:15:24.0849 2960	mouclass - ok
09:15:24.0895 2960	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
09:15:24.0895 2960	mouhid - ok
09:15:24.0927 2960	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
09:15:24.0927 2960	mountmgr - ok
09:15:24.0989 2960	MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:15:24.0989 2960	MozillaMaintenance - ok
09:15:25.0036 2960	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
09:15:25.0051 2960	mpio - ok
09:15:25.0083 2960	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
09:15:25.0083 2960	mpsdrv - ok
09:15:25.0129 2960	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
09:15:25.0145 2960	MRxDAV - ok
09:15:25.0176 2960	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:15:25.0176 2960	mrxsmb - ok
09:15:25.0223 2960	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:15:25.0239 2960	mrxsmb10 - ok
09:15:25.0270 2960	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:15:25.0270 2960	mrxsmb20 - ok
09:15:25.0301 2960	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
09:15:25.0317 2960	msahci - ok
09:15:25.0363 2960	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
09:15:25.0363 2960	msdsm - ok
09:15:25.0410 2960	MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
09:15:25.0426 2960	MSDTC - ok
09:15:25.0457 2960	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
09:15:25.0473 2960	Msfs - ok
09:15:25.0488 2960	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
09:15:25.0488 2960	mshidkmdf - ok
09:15:25.0519 2960	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
09:15:25.0519 2960	msisadrv - ok
09:15:25.0566 2960	MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
09:15:25.0566 2960	MSiSCSI - ok
09:15:25.0566 2960	msiserver - ok
09:15:25.0597 2960	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
09:15:25.0597 2960	MSKSSRV - ok
09:15:25.0629 2960	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
09:15:25.0629 2960	MSPCLOCK - ok
09:15:25.0660 2960	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
09:15:25.0660 2960	MSPQM - ok
09:15:25.0722 2960	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
09:15:25.0722 2960	MsRPC - ok
09:15:25.0753 2960	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
09:15:25.0753 2960	mssmbios - ok
09:15:25.0769 2960	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
09:15:25.0785 2960	MSTEE - ok
09:15:25.0800 2960	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
09:15:25.0800 2960	MTConfig - ok
09:15:25.0831 2960	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
09:15:25.0831 2960	Mup - ok
09:15:25.0894 2960	napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
09:15:25.0909 2960	napagent - ok
09:15:25.0956 2960	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
09:15:25.0972 2960	NativeWifiP - ok
09:15:26.0081 2960	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
09:15:26.0097 2960	NDIS - ok
09:15:26.0128 2960	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
09:15:26.0128 2960	NdisCap - ok
09:15:26.0159 2960	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
09:15:26.0159 2960	NdisTapi - ok
09:15:26.0206 2960	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
09:15:26.0206 2960	Ndisuio - ok
09:15:26.0221 2960	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
09:15:26.0237 2960	NdisWan - ok
09:15:26.0268 2960	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
09:15:26.0268 2960	NDProxy - ok
09:15:26.0299 2960	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
09:15:26.0299 2960	NetBIOS - ok
09:15:26.0362 2960	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
09:15:26.0377 2960	NetBT - ok
09:15:26.0409 2960	Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:15:26.0409 2960	Netlogon - ok
09:15:26.0455 2960	Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
09:15:26.0455 2960	Netman - ok
09:15:26.0596 2960	NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:15:26.0596 2960	NetMsmqActivator - ok
09:15:26.0611 2960	NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:15:26.0611 2960	NetPipeActivator - ok
09:15:26.0674 2960	netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
09:15:26.0689 2960	netprofm - ok
09:15:26.0689 2960	NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:15:26.0689 2960	NetTcpActivator - ok
09:15:26.0689 2960	NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:15:26.0689 2960	NetTcpPortSharing - ok
09:15:26.0767 2960	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
09:15:26.0767 2960	nfrd960 - ok
09:15:26.0830 2960	NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
09:15:26.0830 2960	NlaSvc - ok
09:15:26.0955 2960	NMIndexingService (a328a46d87bb92ce4d8a4528e9d84787) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
09:15:26.0970 2960	NMIndexingService - ok
09:15:27.0001 2960	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
09:15:27.0001 2960	Npfs - ok
09:15:27.0033 2960	nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
09:15:27.0033 2960	nsi - ok
09:15:27.0048 2960	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
09:15:27.0048 2960	nsiproxy - ok
09:15:27.0235 2960	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
09:15:27.0251 2960	Ntfs - ok
09:15:27.0391 2960	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
09:15:27.0407 2960	Null - ok
09:15:27.0438 2960	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
09:15:27.0438 2960	nvraid - ok
09:15:27.0469 2960	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
09:15:27.0469 2960	nvstor - ok
09:15:27.0516 2960	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
09:15:27.0516 2960	nv_agp - ok
09:15:27.0563 2960	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
09:15:27.0563 2960	ohci1394 - ok
09:15:27.0641 2960	ose             (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:15:27.0657 2960	ose - ok
09:15:27.0688 2960	p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:15:27.0703 2960	p2pimsvc - ok
09:15:27.0750 2960	p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
09:15:27.0766 2960	p2psvc - ok
09:15:27.0813 2960	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
09:15:27.0813 2960	Parport - ok
09:15:27.0859 2960	partmgr         (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
09:15:27.0859 2960	partmgr - ok
09:15:27.0922 2960	PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
09:15:27.0922 2960	PcaSvc - ok
09:15:27.0984 2960	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
09:15:27.0984 2960	pci - ok
09:15:28.0031 2960	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
09:15:28.0031 2960	pciide - ok
09:15:28.0078 2960	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
09:15:28.0078 2960	pcmcia - ok
09:15:28.0125 2960	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
09:15:28.0125 2960	pcw - ok
09:15:28.0203 2960	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
09:15:28.0234 2960	PEAUTH - ok
09:15:28.0327 2960	PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
09:15:28.0327 2960	PerfHost - ok
09:15:28.0561 2960	pla             (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
09:15:28.0593 2960	pla - ok
09:15:28.0655 2960	PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
09:15:28.0671 2960	PlugPlay - ok
09:15:28.0795 2960	PMBDeviceInfoProvider (80e85394d8cd7f84340b1c6f4b9d698f) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
09:15:28.0811 2960	PMBDeviceInfoProvider - ok
09:15:28.0827 2960	PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
09:15:28.0842 2960	PNRPAutoReg - ok
09:15:28.0873 2960	PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:15:28.0873 2960	PNRPsvc - ok
09:15:28.0951 2960	PolicyAgent     (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
09:15:28.0951 2960	PolicyAgent - ok
09:15:29.0014 2960	Power           (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
09:15:29.0014 2960	Power - ok
09:15:29.0076 2960	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
09:15:29.0092 2960	PptpMiniport - ok
09:15:29.0123 2960	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
09:15:29.0123 2960	Processor - ok
09:15:29.0170 2960	ProfSvc         (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
09:15:29.0185 2960	ProfSvc - ok
09:15:29.0232 2960	ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:15:29.0232 2960	ProtectedStorage - ok
09:15:29.0279 2960	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
09:15:29.0279 2960	Psched - ok
09:15:29.0310 2960	PxHlpa64        (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
09:15:29.0310 2960	PxHlpa64 - ok
09:15:29.0466 2960	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
09:15:29.0482 2960	ql2300 - ok
09:15:29.0653 2960	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
09:15:29.0653 2960	ql40xx - ok
09:15:29.0700 2960	QWAVE           (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
09:15:29.0700 2960	QWAVE - ok
09:15:29.0731 2960	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
09:15:29.0731 2960	QWAVEdrv - ok
09:15:29.0763 2960	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
09:15:29.0763 2960	RasAcd - ok
09:15:29.0794 2960	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
09:15:29.0794 2960	RasAgileVpn - ok
09:15:29.0809 2960	RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
09:15:29.0825 2960	RasAuto - ok
09:15:29.0856 2960	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:15:29.0872 2960	Rasl2tp - ok
09:15:29.0903 2960	RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
09:15:29.0919 2960	RasMan - ok
09:15:29.0950 2960	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
09:15:29.0950 2960	RasPppoe - ok
09:15:29.0965 2960	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
09:15:29.0981 2960	RasSstp - ok
09:15:30.0028 2960	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
09:15:30.0043 2960	rdbss - ok
09:15:30.0075 2960	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
09:15:30.0075 2960	rdpbus - ok
09:15:30.0090 2960	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:15:30.0090 2960	RDPCDD - ok
09:15:30.0106 2960	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
09:15:30.0106 2960	RDPENCDD - ok
09:15:30.0121 2960	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
09:15:30.0137 2960	RDPREFMP - ok
09:15:30.0184 2960	RDPWD           (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
09:15:30.0184 2960	RDPWD - ok
09:15:30.0246 2960	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
09:15:30.0246 2960	rdyboost - ok
09:15:30.0277 2960	RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
09:15:30.0277 2960	RemoteAccess - ok
09:15:30.0324 2960	RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
09:15:30.0324 2960	RemoteRegistry - ok
09:15:30.0371 2960	RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
09:15:30.0371 2960	RFCOMM - ok
09:15:30.0402 2960	rimspci         (fa6abc06b629da29634d31f1fe0347bd) C:\Windows\system32\drivers\rimssne64.sys
09:15:30.0418 2960	rimspci - ok
09:15:30.0433 2960	risdsnpe        (8f8539a7f5c117d4407b2985995671f2) C:\Windows\system32\drivers\risdsne64.sys
09:15:30.0433 2960	risdsnpe - ok
09:15:30.0449 2960	RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
09:15:30.0465 2960	RpcEptMapper - ok
09:15:30.0496 2960	RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
09:15:30.0496 2960	RpcLocator - ok
09:15:30.0574 2960	RpcSs           (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
09:15:30.0574 2960	RpcSs - ok
09:15:30.0605 2960	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
09:15:30.0621 2960	rspndr - ok
09:15:30.0667 2960	RTHDMIAzAudService (c20f64fcd5e2b40310a1774495877acd) C:\Windows\system32\drivers\RtHDMIVX.sys
09:15:30.0667 2960	RTHDMIAzAudService - ok
09:15:30.0714 2960	SamSs           (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:15:30.0714 2960	SamSs - ok
09:15:30.0745 2960	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
09:15:30.0761 2960	sbp2port - ok
09:15:30.0917 2960	SBSDWSCService  (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
09:15:30.0933 2960	SBSDWSCService - ok
09:15:30.0979 2960	SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
09:15:30.0995 2960	SCardSvr - ok
09:15:31.0042 2960	SCDEmu          (6ce6f98ea3d07a9c2ce3cd0a5a86352d) C:\Windows\system32\drivers\SCDEmu.sys
09:15:31.0057 2960	SCDEmu - ok
09:15:31.0089 2960	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
09:15:31.0089 2960	scfilter - ok
09:15:31.0213 2960	Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
09:15:31.0229 2960	Schedule - ok
09:15:31.0307 2960	SCPolicySvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
09:15:31.0307 2960	SCPolicySvc - ok
09:15:31.0354 2960	sdbus           (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
09:15:31.0369 2960	sdbus - ok
09:15:31.0416 2960	SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
09:15:31.0432 2960	SDRSVC - ok
09:15:31.0463 2960	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
09:15:31.0463 2960	secdrv - ok
09:15:31.0494 2960	seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
09:15:31.0494 2960	seclogon - ok
09:15:31.0525 2960	SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
09:15:31.0525 2960	SENS - ok
09:15:31.0557 2960	SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
09:15:31.0557 2960	SensrSvc - ok
09:15:31.0572 2960	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
09:15:31.0588 2960	Serenum - ok
09:15:31.0619 2960	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
09:15:31.0619 2960	Serial - ok
09:15:31.0666 2960	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
09:15:31.0666 2960	sermouse - ok
09:15:31.0728 2960	SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
09:15:31.0728 2960	SessionEnv - ok
09:15:31.0744 2960	SFEP            (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
09:15:31.0759 2960	SFEP - ok
09:15:31.0806 2960	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
09:15:31.0822 2960	sffdisk - ok
09:15:31.0837 2960	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
09:15:31.0853 2960	sffp_mmc - ok
09:15:31.0884 2960	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
09:15:31.0884 2960	sffp_sd - ok
09:15:31.0931 2960	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
09:15:31.0931 2960	sfloppy - ok
09:15:31.0993 2960	SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
09:15:32.0009 2960	SharedAccess - ok
09:15:32.0071 2960	ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
09:15:32.0087 2960	ShellHWDetection - ok
09:15:32.0118 2960	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
09:15:32.0134 2960	SiSRaid2 - ok
09:15:32.0165 2960	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
09:15:32.0165 2960	SiSRaid4 - ok
09:15:32.0196 2960	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
09:15:32.0196 2960	Smb - ok
09:15:32.0227 2960	SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
09:15:32.0227 2960	SNMPTRAP - ok
09:15:32.0337 2960	SOHCImp         (c3e69db0a4e59564230e053232f39ac7) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
09:15:32.0337 2960	SOHCImp - ok
09:15:32.0399 2960	SOHDms          (65cc4779a29c3e82b987bd4961790dff) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
09:15:32.0415 2960	SOHDms - ok
09:15:32.0430 2960	SOHDs           (f47d75cee1844eef4a9ea6ee768828fb) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
09:15:32.0430 2960	SOHDs - ok
09:15:32.0539 2960	speedfan        (5f9785e7535f8f602cb294a54962c9e7) C:\Windows\syswow64\speedfan.sys
09:15:32.0539 2960	speedfan - ok
09:15:32.0633 2960	SpfService      (5449fc97476f52e027409e703791e6a9) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
09:15:32.0649 2960	SpfService - ok
09:15:32.0773 2960	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
09:15:32.0773 2960	spldr - ok
09:15:32.0867 2960	Spooler         (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
09:15:32.0867 2960	Spooler - ok
09:15:33.0179 2960	sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
09:15:33.0226 2960	sppsvc - ok
09:15:33.0366 2960	sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
09:15:33.0366 2960	sppuinotify - ok
09:15:33.0460 2960	sptd            (34f974f8b3c86de03a30dcbe79091c97) C:\Windows\system32\Drivers\sptd.sys
09:15:33.0460 2960	Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 34f974f8b3c86de03a30dcbe79091c97
09:15:33.0460 2960	sptd ( LockedFile.Multi.Generic ) - warning
09:15:33.0460 2960	sptd - detected LockedFile.Multi.Generic (1)
09:15:33.0538 2960	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
09:15:33.0538 2960	srv - ok
09:15:33.0585 2960	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
09:15:33.0600 2960	srv2 - ok
09:15:33.0647 2960	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
09:15:33.0647 2960	srvnet - ok
09:15:33.0694 2960	SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
09:15:33.0709 2960	SSDPSRV - ok
09:15:33.0725 2960	SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
09:15:33.0725 2960	SstpSvc - ok
09:15:33.0865 2960	StarWindServiceAE (e5c796b621f6fba8616511063d7f0ffe) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
09:15:33.0881 2960	StarWindServiceAE - ok
09:15:33.0897 2960	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
09:15:33.0912 2960	stexstor - ok
09:15:33.0975 2960	stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
09:15:33.0990 2960	stisvc - ok
09:15:34.0037 2960	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
09:15:34.0037 2960	swenum - ok
09:15:34.0115 2960	swprv           (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
09:15:34.0131 2960	swprv - ok
09:15:34.0131 2960	SysInfo - ok
09:15:34.0318 2960	SysMain         (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
09:15:34.0349 2960	SysMain - ok
09:15:34.0521 2960	TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
09:15:34.0536 2960	TabletInputService - ok
09:15:34.0599 2960	TapiSrv         (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
09:15:34.0614 2960	TapiSrv - ok
09:15:34.0645 2960	TBS             (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
09:15:34.0645 2960	TBS - ok
09:15:34.0864 2960	Tcpip           (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
09:15:34.0895 2960	Tcpip - ok
09:15:35.0207 2960	TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
09:15:35.0238 2960	TCPIP6 - ok
09:15:35.0410 2960	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
09:15:35.0410 2960	tcpipreg - ok
09:15:35.0441 2960	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
09:15:35.0441 2960	TDPIPE - ok
09:15:35.0472 2960	TDTCP           (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
09:15:35.0472 2960	TDTCP - ok
09:15:35.0519 2960	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
09:15:35.0519 2960	tdx - ok
09:15:35.0566 2960	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
09:15:35.0566 2960	TermDD - ok
09:15:35.0659 2960	TermService     (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
09:15:35.0675 2960	TermService - ok
09:15:35.0706 2960	Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
09:15:35.0706 2960	Themes - ok
09:15:35.0753 2960	THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:15:35.0753 2960	THREADORDER - ok
09:15:35.0769 2960	TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
09:15:35.0769 2960	TrkWks - ok
09:15:35.0847 2960	TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
09:15:35.0847 2960	TrustedInstaller - ok
09:15:35.0909 2960	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:15:35.0909 2960	tssecsrv - ok
09:15:35.0925 2960	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
09:15:35.0940 2960	TsUsbFlt - ok
09:15:35.0956 2960	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
09:15:35.0971 2960	tunnel - ok
09:15:36.0003 2960	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
09:15:36.0003 2960	uagp35 - ok
09:15:36.0081 2960	uCamMonitor     (63f6d08c54d5b3c1b12a6172032055c7) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
09:15:36.0081 2960	uCamMonitor - ok
09:15:36.0174 2960	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
09:15:36.0190 2960	udfs - ok
09:15:36.0237 2960	UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
09:15:36.0237 2960	UI0Detect - ok
09:15:36.0283 2960	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
09:15:36.0299 2960	uliagpkx - ok
09:15:36.0346 2960	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
09:15:36.0346 2960	umbus - ok
09:15:36.0377 2960	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
09:15:36.0393 2960	UmPass - ok
09:15:36.0658 2960	UNS             (11a559e0f10cc5e788984023df400a6f) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
09:15:36.0705 2960	UNS - ok
09:15:36.0876 2960	upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
09:15:36.0876 2960	upnphost - ok
09:15:36.0970 2960	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
09:15:36.0985 2960	usbccgp - ok
09:15:37.0032 2960	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
09:15:37.0032 2960	usbcir - ok
09:15:37.0063 2960	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
09:15:37.0063 2960	usbehci - ok
09:15:37.0110 2960	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
09:15:37.0126 2960	usbhub - ok
09:15:37.0157 2960	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
09:15:37.0157 2960	usbohci - ok
09:15:37.0188 2960	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
09:15:37.0188 2960	usbprint - ok
09:15:37.0219 2960	usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
09:15:37.0219 2960	usbscan - ok
09:15:37.0266 2960	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
09:15:37.0266 2960	USBSTOR - ok
09:15:37.0282 2960	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
09:15:37.0282 2960	usbuhci - ok
09:15:37.0344 2960	usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
09:15:37.0344 2960	usbvideo - ok
09:15:37.0375 2960	UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
09:15:37.0391 2960	UxSms - ok
09:15:37.0485 2960	VAIO Event Service (a60605fc66552b421ee1f3d4ebb9a4e0) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
09:15:37.0485 2960	VAIO Event Service - ok
09:15:37.0609 2960	VAIO Power Management (d469be2723f79cf4b384680b1fdc577d) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
09:15:37.0625 2960	VAIO Power Management - ok
09:15:37.0672 2960	VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:15:37.0672 2960	VaultSvc - ok
09:15:37.0812 2960	VCFw            (6888526aeb8ddabde6f778fd40fc0693) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
09:15:37.0828 2960	VCFw - ok
09:15:38.0015 2960	VcmIAlzMgr      (07f47a1df726537313c1023515175532) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
09:15:38.0031 2960	VcmIAlzMgr - ok
09:15:38.0124 2960	VcmINSMgr       (cbb9f0d1017e0bed4cb5bbc0ebf26dc1) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
09:15:38.0124 2960	VcmINSMgr - ok
09:15:38.0202 2960	VcmXmlIfHelper  (c8e3ba694cc5eacec4c01660ace40d56) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
09:15:38.0202 2960	VcmXmlIfHelper - ok
09:15:38.0296 2960	VCService       (d347d3abe070aa09c22fc37121555d52) C:\Program Files\Sony\VAIO Care\VCService.exe
09:15:38.0296 2960	VCService - ok
09:15:38.0436 2960	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
09:15:38.0452 2960	vdrvroot - ok
09:15:38.0530 2960	vds             (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
09:15:38.0561 2960	vds - ok
09:15:38.0592 2960	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
09:15:38.0592 2960	vga - ok
09:15:38.0608 2960	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
09:15:38.0623 2960	VgaSave - ok
09:15:38.0655 2960	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
09:15:38.0670 2960	vhdmp - ok
09:15:38.0701 2960	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
09:15:38.0701 2960	viaide - ok
09:15:38.0733 2960	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
09:15:38.0733 2960	volmgr - ok
09:15:38.0795 2960	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
09:15:38.0811 2960	volmgrx - ok
09:15:38.0873 2960	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
09:15:38.0889 2960	volsnap - ok
09:15:38.0920 2960	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
09:15:38.0920 2960	vsmraid - ok
09:15:39.0123 2960	VSNService      (a7eb62c664a03901165290a714bd48d0) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
09:15:39.0138 2960	VSNService - ok
09:15:39.0279 2960	VSS             (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
09:15:39.0325 2960	VSS - ok
09:15:39.0513 2960	VUAgent         (fb4a1695d2d74f9c92ca5e84795cdbe1) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
09:15:39.0544 2960	VUAgent - ok
09:15:39.0684 2960	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
09:15:39.0684 2960	vwifibus - ok
09:15:39.0715 2960	vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
09:15:39.0715 2960	vwififlt - ok
09:15:39.0778 2960	W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
09:15:39.0809 2960	W32Time - ok
09:15:39.0840 2960	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
09:15:39.0856 2960	WacomPen - ok
09:15:39.0903 2960	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
09:15:39.0903 2960	WANARP - ok
09:15:39.0903 2960	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
09:15:39.0918 2960	Wanarpv6 - ok
09:15:40.0059 2960	wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
09:15:40.0074 2960	wbengine - ok
09:15:40.0246 2960	WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
09:15:40.0261 2960	WbioSrvc - ok
09:15:40.0324 2960	wcncsvc         (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
09:15:40.0339 2960	wcncsvc - ok
09:15:40.0371 2960	WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
09:15:40.0386 2960	WcsPlugInService - ok
09:15:40.0449 2960	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
09:15:40.0449 2960	Wd - ok
09:15:40.0542 2960	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
09:15:40.0558 2960	Wdf01000 - ok
09:15:40.0589 2960	WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:15:40.0605 2960	WdiServiceHost - ok
09:15:40.0605 2960	WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:15:40.0605 2960	WdiSystemHost - ok
09:15:40.0667 2960	WebClient       (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
09:15:40.0667 2960	WebClient - ok
09:15:40.0698 2960	Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
09:15:40.0714 2960	Wecsvc - ok
09:15:40.0729 2960	wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
09:15:40.0729 2960	wercplsupport - ok
09:15:40.0761 2960	WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
09:15:40.0776 2960	WerSvc - ok
09:15:40.0823 2960	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
09:15:40.0823 2960	WfpLwf - ok
09:15:40.0839 2960	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
09:15:40.0839 2960	WIMMount - ok
09:15:40.0854 2960	WinHttpAutoProxySvc - ok
09:15:40.0932 2960	Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
09:15:40.0948 2960	Winmgmt - ok
09:15:41.0135 2960	WinRM           (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
09:15:41.0151 2960	WinRM - ok
09:15:41.0369 2960	Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
09:15:41.0400 2960	Wlansvc - ok
09:15:41.0463 2960	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
09:15:41.0463 2960	WmiAcpi - ok
09:15:41.0556 2960	wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
09:15:41.0556 2960	wmiApSrv - ok
09:15:41.0619 2960	WMPNetworkSvc - ok
09:15:41.0665 2960	WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
09:15:41.0665 2960	WPCSvc - ok
09:15:41.0712 2960	WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
09:15:41.0712 2960	WPDBusEnum - ok
09:15:41.0743 2960	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
09:15:41.0743 2960	ws2ifsl - ok
09:15:41.0759 2960	wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
09:15:41.0775 2960	wscsvc - ok
09:15:41.0775 2960	WSearch - ok
09:15:41.0977 2960	wuauserv        (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
09:15:42.0024 2960	wuauserv - ok
09:15:42.0180 2960	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
09:15:42.0180 2960	WudfPf - ok
09:15:42.0211 2960	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
09:15:42.0211 2960	WUDFRd - ok
09:15:42.0243 2960	wudfsvc         (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
09:15:42.0243 2960	wudfsvc - ok
09:15:42.0274 2960	WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
09:15:42.0289 2960	WwanSvc - ok
09:15:42.0367 2960	X6va007 - ok
09:15:42.0430 2960	yukonw7         (5250193ef8e173aa7491250f00eb367f) C:\Windows\system32\DRIVERS\yk62x64.sys
09:15:42.0445 2960	yukonw7 - ok
09:15:42.0461 2960	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
09:15:43.0116 2960	\Device\Harddisk0\DR0 - ok
09:15:43.0116 2960	Boot (0x1200)   (166f3974c1b00ef8ad1c2a6bdfafab78) \Device\Harddisk0\DR0\Partition0
09:15:43.0116 2960	\Device\Harddisk0\DR0\Partition0 - ok
09:15:43.0132 2960	Boot (0x1200)   (04b5292c98f9300b2cf612e6ae4a0609) \Device\Harddisk0\DR0\Partition1
09:15:43.0132 2960	\Device\Harddisk0\DR0\Partition1 - ok
09:15:43.0132 2960	============================================================
09:15:43.0132 2960	Scan finished
09:15:43.0132 2960	============================================================
09:15:43.0147 6812	Detected object count: 2
09:15:43.0147 6812	Actual detected object count: 2
09:16:05.0327 6812	Akamai ( HiddenFile.Multi.Generic ) - skipped by user
09:16:05.0327 6812	Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 
09:16:05.0327 6812	sptd ( LockedFile.Multi.Generic ) - skipped by user
09:16:05.0327 6812	sptd ( LockedFile.Multi.Generic ) - User select action: Skip
         

Alt 18.06.2012, 10:15   #5
Chris4You
 
tr/atraps.gen2 gefunden und Registryänderungen festgestellt - Standard

tr/atraps.gen2 gefunden und Registryänderungen festgestellt



Hi,

was ist das für eine DHCP-Adresse (172.16.16.19)?

Defogger
Downloade Dir bitte defogger von jpshortstuff auf Deinem Desktop.
  • Starte das Tool mit Doppelklick. Vista User: Bitte mit Rechtsklick "als Administrator starten".
  • Klicke nun auf den Disable Button um die Treiber gewisser Emulatoren zu deaktivieren.
  • Wenn der Scan beendet wurde ( Finished ), klicke auf OK.
  • Defogger fordert nun zum Neustart auf. Bestätige dies mit OK.
  • DeFogger erstellt nun ein Logfile auf dem Desktop (defogger_disable).
Poste bitte den Inhalt der Logfile in Deiner nächsten Antwort. Wenn wir die Bereinigung beendet haben, starte bitte defogger erneut und klicke den Re-enable Button.

Fix für OTL:
  • Doppelklick auf die OTL.exe, um das Programm auszuführen.
  • Vista/Win7-User bitte per Rechtsklick und "Ausführen als Administrator" starten.
  • Kopiere den Inhalt der folgenden Codebox komplett in die OTL-Box unter "Custom Scan/Fixes"

Code:
ATTFilter
:OTL
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
[2012.06.18 02:49:16 | 000,022,016 | ---- | C] () -- C:\Windows\Installer\{f9365b67-4dbf-fa77-e471-0b88407f90f7}\U\800000cb.@
[2012.06.18 01:19:40 | 000,016,896 | ---- | C] () -- C:\Windows\Installer\{f9365b67-4dbf-fa77-e471-0b88407f90f7}\U\80000000.@
[2012.06.18 01:19:40 | 000,001,648 | ---- | C] () -- C:\Windows\Installer\{f9365b67-4dbf-fa77-e471-0b88407f90f7}\U\00000001.@
[2012.06.18 01:19:40 | 000,001,648 | ---- | C] () -- C:\Windows\Installer\{f9365b67-4dbf-fa77-e471-0b88407f90f7}\U
[2012.01.11 10:54:40 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{f9365b67-4dbf-fa77-e471-0b88407f90f7}\@
[2012.01.11 10:54:40 | 000,002,048 | -HS- | C] () -- C:\Users\Nadja\AppData\Local\{f9365b67-4dbf-fa77-e471-0b88407f90f7}\@
@Alternate Data Stream - 24 bytes -> C:\Windows:AFF2E49F2F588B4A

:Commands
[emptytemp]
[Reboot]
         
  • Den roten Run Fixes! Button anklicken.
  • Bitte alles aus dem Ergebnisfenster (Results) herauskopieren.
  • Eine Kopie eines OTL-Fix-Logs wird in einer Textdatei in folgendem Ordner gespeichert:
  • %systemroot%\_OTL

Bitte folgende Files prüfen:

Dateien Online überprüfen lassen:
  • Suche die Seite Virtustotal auf, klicke auf den Button „Durchsuchen“ und suche folgende Datei/Dateien:
Code:
ATTFilter
C:\ProgramData\B63FEA3E66.sys
C:\Windows\SysWow64\TAKDSDecoder.dll
         
  • Lade nun nacheinander jede/alle Datei/Dateien hoch, und warte bis der Scan vorbei ist. (kann bis zu 2 Minuten dauern.)
  • Poste im Anschluss das Ergebnis der Auswertung, alles abkopieren und in einen Beitrag einfügen.
  • Wichtig: Auch die Größenangabe sowie den HASH mit kopieren!

Combofix
Lade Combo Fix von http://download.bleepingcomputer.com/sUBs/ComboFix.exe und speichert es auf den Desktop.

Achtung: In einigen wenigen Fällen kann es vorkommen, das der Rechner nicht mehr booten kann und Neuaufgesetzt werden muß!

Alle Fenster schliessen und combofix.exe starten und bestätige die folgende Abfrage mit 1 und drücke Enter.

Der Scan mit Combofix kann einige Zeit in Anspruch nehmen, also habe etwas Geduld. Während des Scans bitte nichts am Rechner unternehmen
Es kann möglich sein, dass der Rechner zwischendurch neu gestartet wird.
Nach Scanende wird ein Report (ComboFix.txt) angezeigt, den bitte kopieren und in deinem Thread einfuegen. Das Log solltest Du unter C:\ComboFix.txt finden...

Falls CF hängen bleibt, in den abgesicherten Modus booten (F8 beim booten) und dann laufen lassen!

chris

__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Geändert von Chris4You (18.06.2012 um 10:22 Uhr)

Alt 18.06.2012, 10:26   #6
Sabishii
 
tr/atraps.gen2 gefunden und Registryänderungen festgestellt - Standard

tr/atraps.gen2 gefunden und Registryänderungen festgestellt



Uff moment!
Leider scheint meine Frage untergegangen zu sein, was ich mit den Funden von Malwarebytes machen soll! Löschen oder in Quarantäne lassen?
Wäre vielleicht ganz gut zu wissen bevor ich an dieser Stelle weitermache.

Die DHCP-Adresse sagt mir irgendwie so überhaupt nichts, was aber auch daran liegen könnte, dass ich mich mit Interneteinstellungen eher weniger auskenne... Tut mir leid! :,-(

Geändert von Sabishii (18.06.2012 um 10:31 Uhr)

Alt 18.06.2012, 10:32   #7
Chris4You
 
tr/atraps.gen2 gefunden und Registryänderungen festgestellt - Standard

tr/atraps.gen2 gefunden und Registryänderungen festgestellt



Hi,

bzgl. der Frag zu MAM: in Quarantäne lassen...
Dann sollten wir sie noch von OTL korrigieren lassen (die DHCP-Adressse).
Folgende Zeile in das OLT-Script aufnehmen:
Code:
ATTFilter
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC863AAA-54E2-4F05-A57B-5B003D0368DB}: DhcpNameServer = 172.16.16.19
         
Weiterhin hast Du zweimal das OLT-Log gepostet, das "EXTRA"-Log fehlt...

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 18.06.2012, 10:36   #8
Sabishii
 
tr/atraps.gen2 gefunden und Registryänderungen festgestellt - Standard

tr/atraps.gen2 gefunden und Registryänderungen festgestellt



Danke, ich werd mich dann mal eben da mal durchkämpfen.

Ich hab die Log-File zweimal gepostet? ... Verdammt. Tut mir leid, ich bin wirklich durch den Wind...

Das hier ist die Extra-File:

Code:
ATTFilter
OTL Extras logfile created on: 18.06.2012 09:01:14 - Run 1
OTL by OldTimer - Version 3.2.49.0     Folder = C:\Users\Nadja\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 2,17 Gb Available Physical Memory | 56,28% Memory free
11,58 Gb Paging File | 9,55 Gb Available in Paging File | 82,49% Paging File free
Paging file location(s): c:\pagefile.sys 7905 7905 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452,34 Gb Total Space | 368,02 Gb Free Space | 81,36% Space Free | Partition Type: NTFS
 
Computer Name: NADJA-NOTEBOOK | User Name: Nadja | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe ()
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.reg [@ = regfile] -- C:\Windows\regedit.exe ()
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1" ()
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1" ()
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\River Past\Wave@MP3\WaveAtMp3.exe" = C:\Program Files\River Past\Wave@MP3\WaveAtMp3.exe:*:Enabled:River Past Wave@MP3
"C:\Program Files\River Past\Audio Converter\AudioConverter.exe" = C:\Program Files\River Past\Audio Converter\AudioConverter.exe:*:Enabled:River Past Audio Converter
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data over 1000 bytes]
"C:\Program Files\River Past\Wave@MP3\WaveAtMp3.exe" = C:\Program Files\River Past\Wave@MP3\WaveAtMp3.exe:*:Enabled:River Past Wave@MP3
"C:\Program Files\River Past\Audio Converter\AudioConverter.exe" = C:\Program Files\River Past\Audio Converter\AudioConverter.exe:*:Enabled:River Past Audio Converter
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data over 1000 bytes]
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{10E14C74-0638-4996-ABAD-BBF7A6CF1FAA}" = PMB VAIO Edition plug-in (Click to Disc)
"{115B60D5-BBDB-490E-AF2E-064D37A3CE01}" = Media Gallery
"{11D25EF7-85FC-4B58-8278-485939C8637F}" = VAIO Update Merge Module x64
"{1E37FC84-799E-481B-9462-3489861E36C9}" = PMB VAIO Edition plug-in (Click to Disc)
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{259FD439-13B0-0136-D0A0-FA89BB05831D}" = ccc-utility64
"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java(TM) 6 Update 20 (64-bit)
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{46261E1C-5E0D-484E-8CCC-7F770375FBA2}" = VU5x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5AFD1F5C-8FDA-413C-AF38-F1E7BD10D72F}" = VAIO Media plus
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7C3AC18F-F19B-4082-8D13-7D603848E06C}" = VAIO Update Merge Module x64
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{997C6239-B940-E150-B478-CD505F27879F}" = ATI Catalyst Install Manager
"{9B481FA4-F9BC-4E81-A9C5-CAEF3DD3130E}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A2422B02-0D41-43F5-B62E-C7A5E55FCBA8}" = Vegas Pro 9.0 (64-bit)
"{A3D964A6-411A-4817-9D58-5CB8808F494E}" = VAIO Media plus
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{E743BA71-5955-420B-AA52-67508054AD66}" = VAIO Update Merge Module x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F8851548-5D13-E66E-6607-E6D795F7B28B}" = ccc-utility64
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00659A90-8645-C0C1-FA31-2AA63016E48A}" = CCC Help Chinese Standard
"{00B03993-F5A1-47B1-9C54-EC8FBDDDE17E}" = VAIO Care
"{07B7598E-1FB8-1A95-7A30-F534A55726B4}" = CCC Help Czech
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{0ABA6238-1A62-FFC6-9ACC-4DB9FEFB6A6E}" = CCC Help Spanish
"{0E33EC53-22CE-426C-A88B-2AAC231BAC85}" = Catalyst Control Center - Branding
"{159E5135-4BEA-52B7-8CDC-823F1ED6D8A5}" = CCC Help Spanish
"{15EB20D6-5F13-41D0-BEF9-C9C44D6AC620}" = SDFormatter
"{177AF091-7854-4615-8327-AC7518F62782}" = VAIO Media plus
"{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}" = Adobe Photoshop Elements 8.0
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{25E6D9E3-3CA4-D2CF-6F18-9A08C4FF2885}" = CCC Help English
"{265F0D95-A883-7162-0458-B78085B6B693}" = Catalyst Control Center Graphics Light
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 25
"{2F9D63BE-A891-4E39-AFB3-7402D486800C}" = VAIO Hardware Diagnostics
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = PMB VAIO Edition Guide
"{35111E7A-03B9-25EC-F434-A1CD976907FC}" = CCC Help Chinese Traditional
"{36C36970-394C-40C4-E11B-7CF635AFB989}" = CCC Help Hungarian
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{37AB6736-3C58-B2AD-9232-BBCF074F9A9C}" = Catalyst Control Center
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3FAF398F-CCD0-AC9F-2345-A473D1AE077B}" = CCC Help Chinese Traditional
"{427E8AD0-A4B1-D225-836E-CCB6068B490A}" = CCC Help French
"{44D25B45-5C0E-2187-6739-E2FA0E8AFE1D}" = CCC Help Portuguese
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B9DA746-5AE1-4BA0-9087-BDB162242890}" = VAIO Media plus
"{4CEBF3CF-1119-3902-4D37-A9274DDB54E1}" = CCC Help Danish
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"{4E6DF745-C99E-909F-BCF0-B7C24A51E56E}" = CCC Help Japanese
"{4F3A978C-35D6-8FDF-4D00-50F5D659D3BB}" = CCC Help German
"{4FD59143-0B17-CCC6-CEFD-C745955A70C7}" = CCC Help Korean
"{5078F3C0-4920-49BB-8FF8-F4794D5BEA95}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"{528EE462-2993-51F9-9F68-7C9F9BD7DCC3}" = CCC Help Italian
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{52F9CDDA-26F6-4499-90E0-6DDDE6D2259C}" = VAIO Media plus
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}" = VAIO Sample Contents
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5736590B-36C7-4881-5EBE-F9B390F00774}" = Catalyst Control Center Core Implementation
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data
"{5A92468F-3ED8-4F96-A9E1-4F176C80EC29}" = VAIO Quick Web Access
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60C5FF36-67E1-6B1D-781F-579C30BE41AA}" = CCC Help French
"{61F569A3-1647-B6F4-08C8-40A011831827}" = CCC Help English
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69C302CE-8972-1637-6857-F73A08052054}" = CCC Help Polish
"{6A3F204B-323C-7E32-F890-A7308768728D}" = CCC Help Russian
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{7002773F-2A53-E9F2-E161-DB3DDA0F05BE}" = CCC Help Hungarian
"{70991E0A-1108-437E-BA7D-085702C670C0}" = 
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72F77561-7DD8-4D01-6698-16DFDCCBCED6}" = CCC Help Czech
"{73E80655-FB3C-46F4-BE00-62D248BC490A}" = Visual C++ 2008 Runtime (x64)
"{760B29F2-8663-419B-A025-5A55066E130B}" = Ulead Photo Express 6

"{76DECE17-BCF5-9640-2854-3CA049834A40}" = CCC Help Chinese Standard
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A63F0C4-6B2B-694C-ED72-D0670612BC29}" = CCC Help Swedish
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" = 
"{8211C280-5B02-4E7E-B55F-845A207249BA}" = VAIO Data Restore Tool
"{82225685-1513-4975-B624-155C10F3EE16}" = The Whispered World
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" = 
"{83BCDD54-0B5A-8C86-4E7E-A16F3CE60B81}" = Catalyst Control Center Localization All
"{84123D75-4CD1-8E59-3B05-4928F122FCC2}" = CCC Help Russian
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" = 
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{88001121-87E2-2104-F9F5-ECC15DFCA1E0}" = Catalyst Control Center Graphics Full Existing
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AF3E926-ED59-11D4-A44B-0000E86D2305}" = Ulead GIF Animator 5 ESD
"{8D261060-84D3-FCF3-177D-969A30DB7FAA}" = Catalyst Control Center InstallProxy
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8EB34C0B-AF54-F265-844C-3E6FA9AE2FCD}" = CCC Help German
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C73041C-AB71-995D-EEC7-B4E940F93F36}" = CCC Help Finnish
"{9CCA7C1A-6308-4F12-AEDD-D230CAAF847E}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"{A0E583D1-23F7-4C35-9620-B169D7715E4B}" = Adobe Premiere Elements 8.0
"{A20548C1-4B08-C41D-A3A8-FE8C933C2A00}" = Catalyst Control Center InstallProxy
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}" = Brother MFL-Pro Suite DCP-135C
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = 
"{A8D53A4E-77A1-E23E-A396-6D9C86A2F273}" = Catalyst Control Center Graphics Full New
"{ABE130EB-EC1A-0500-B607-D1AA01082308}" = CCC Help Thai
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.7 - Deutsch
"{ACBA6D88-0035-E98C-A678-BF60D063ECA1}" = CCC Help Dutch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B2DB5CE2-5A7B-B321-3C29-F54D235C811F}" = CCC Help Norwegian
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = SUPER © v2012.build.50 (February 21st, 2012) Version v2012.buil
"{B941F34C-F36A-4A6F-A97C-50B5948E451F}" = VAIO Media plus
"{BA12FD6D-169A-11D7-A6A9-00C026281E5A}" = Twin USB Vibration Gamepad
"{BFF37C6E-D735-4487-390C-271E030AA62C}" = CCC Help Italian
"{C2E171F6-9B58-4CE1-7B8B-B69FA04EBAB8}" = Catalyst Control Center Graphics Previews Vista
"{C42AA487-8DB6-EEDF-0DA5-27B2B710671E}" = Catalyst Control Center Graphics Previews Common
"{C459D829-0FF0-C210-B2BF-83DB63FC1D61}" = CCC Help Korean
"{C5529BC1-C2BF-44E8-B62A-01913D70081C}" = Catalyst Control Center - Branding
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO-Handbuch
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = 
"{C83B7CBB-C736-BF46-9832-7A9D07E9D94C}" = CCC Help Polish
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CD99FD27-BC00-07F3-91A3-E130C4CE78F5}" = CCC Help Turkish
"{CDF450C8-4B6E-1ED1-6F2D-E68597E154FE}" = CCC Help Finnish
"{CF097717-F174-4144-954A-FBC4BF301031}" = Nero 7 Premium
"{CFB66DB0-00AC-4CBC-B99D-99EFEB03743C}" = PMB VAIO Edition plug-in (Click to Disc)
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D49989B0-7BC2-F7F1-8017-3257F617347A}" = Catalyst Control Center Graphics Previews Common
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{D6DEC295-88A0-5CFA-0B29-C8FDF091FFD3}" = CCC Help Dutch
"{D9670A80-DED7-44FE-9B8C-94CEA3F7E035}" = VAIO - Media Gallery
"{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3
"{DF693121-40C0-3020-D655-612E51616423}" = CCC Help Danish
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5A8A937-0D7F-9E53-820B-F28FD400026D}" = CCC Help Swedish
"{EBDDC3CC-343A-C0DD-79BA-8A12D0A2CA10}" = CCC Help Turkish
"{ECF0D151-BCA0-8E6D-62DB-5D44DB4A3836}" = CCC Help Thai
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1B95046-E9DA-CFEC-42A8-C8224646AA32}" = ccc-core-static
"{F30FE437-0E45-D409-F629-5D86960A6591}" = CCC Help Norwegian
"{F59AC46C-10C3-4023-882C-4212A92283B3}_is1" = Lagarith Lossless Codec (1.3.25)
"{F5CC9A13-6C57-4948-75A8-3A2C92A3183B}" = Catalyst Control Center Localization All
"{F67C14C0-D73E-C55B-E132-B1904A1A709C}" = CCC Help Greek
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote
"{F84E8B79-E754-81D8-BBD6-BC8C622AE382}" = CCC Help Portuguese
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FAED5381-DDC7-7002-07A8-CC45828D84DA}" = CCC Help Greek
"{FB04F74B-20AF-D902-250F-EBC2F7C6D5D4}" = CCC Help Japanese
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" = 
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 8.0" = Adobe Photoshop Elements 8.0
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v1.80
"Akamai" = Akamai NetSession Interface
"Avira AntiVir Desktop" = Avira Free Antivirus
"DivX Setup.divx.com" = DivX-Setup
"EdenEternal-DE" = EdenEternal-DE
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition
"Free Audio Converter_is1" = Free Audio Converter version 5.0.11.504
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 5.0.6.221
"Game Booster_is1" = Game Booster 3
"GoldWave v5.58" = GoldWave v5.58
"InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = VAIO - PMB VAIO Edition Guide
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = VAIO - PMB VAIO Edition plug-in (Click to Disc)
"InstallShield_{5078F3C0-4920-49BB-8FF8-F4794D5BEA95}" = VAIO - PMB VAIO Edition plug-in (VAIO Movie Story)
"InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"InstallShield_{9CCA7C1A-6308-4F12-AEDD-D230CAAF847E}" = VAIO - PMB VAIO Edition plug-in (VAIO Image Optimizer)
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.0.0 (Full)
"Macro Express 3" = Macro Express 3
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"MausII" = MausII
"Messenger Plus! Live" = Messenger Plus! Live
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OpenSource Flash Video Splitter" = OpenSource Flash Video Splitter (remove only)
"Opera 11.64.1403" = Opera 11.64
"PowerISO" = PowerISO
"PremElem80" = Adobe Premiere Elements 8.0
"SpeedFan" = SpeedFan (remove only)
"splashtop" = VAIO Quick Web Access
"Ulead Photo Express 2.0" = Ulead Photo Express 2.0
"VAIO Help and Support" = 
"VAIO screensaver" = VAIO screensaver
"VLC media player" = VLC media player 1.1.5
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"I-Doser v4" = I-Doser v4
"MyFreeCodec" = MyFreeCodec
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 17.06.2012 20:58:48 | Computer Name = Nadja-Notebook | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/06/18 02:58:48.150]: [00003612]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 17.06.2012 20:58:49 | Computer Name = Nadja-Notebook | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/06/18 02:58:49.695]: [00003612]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 17.06.2012 20:58:51 | Computer Name = Nadja-Notebook | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/06/18 02:58:51.239]: [00003612]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 17.06.2012 20:58:52 | Computer Name = Nadja-Notebook | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/06/18 02:58:52.783]: [00003612]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 17.06.2012 20:58:54 | Computer Name = Nadja-Notebook | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/06/18 02:58:54.328]: [00003612]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 17.06.2012 20:58:55 | Computer Name = Nadja-Notebook | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/06/18 02:58:55.872]: [00003612]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 17.06.2012 20:58:57 | Computer Name = Nadja-Notebook | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/06/18 02:58:57.417]: [00003612]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 17.06.2012 20:58:58 | Computer Name = Nadja-Notebook | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/06/18 02:58:58.961]: [00003612]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 17.06.2012 20:59:00 | Computer Name = Nadja-Notebook | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/06/18 02:59:00.505]: [00003612]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 17.06.2012 20:59:02 | Computer Name = Nadja-Notebook | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/06/18 02:59:02.050]: [00003612]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
[ System Events ]
Error - 14.06.2012 04:41:32 | Computer Name = Nadja-Notebook | Source = bowser | ID = 8003
Description = 
 
Error - 14.06.2012 08:56:53 | Computer Name = Nadja-Notebook | Source = bowser | ID = 8003
Description = 
 
Error - 14.06.2012 11:33:06 | Computer Name = Nadja-Notebook | Source = bowser | ID = 8003
Description = 
 
Error - 14.06.2012 16:33:30 | Computer Name = Nadja-Notebook | Source = bowser | ID = 8003
Description = 
 
Error - 15.06.2012 05:10:43 | Computer Name = Nadja-Notebook | Source = bowser | ID = 8003
Description = 
 
Error - 16.06.2012 07:28:02 | Computer Name = Nadja-Notebook | Source = bowser | ID = 8003
Description = 
 
Error - 16.06.2012 16:13:43 | Computer Name = Nadja-Notebook | Source = bowser | ID = 8003
Description = 
 
Error - 16.06.2012 17:10:48 | Computer Name = Nadja-Notebook | Source = bowser | ID = 8003
Description = 
 
Error - 17.06.2012 04:54:02 | Computer Name = Nadja-Notebook | Source = bowser | ID = 8003
Description = 
 
Error - 18.06.2012 02:38:12 | Computer Name = Nadja-Notebook | Source = VDS Basic Provider | ID = 33554433
Description = 
 
 
< End of report >
         

EDIT:
Na super.. Nachdem ich gerade Defogger benutzt habe und dieses einen Neustart machen wollte, hab ich beim erneuten Hochfahren des Systems nen Bluescreen bekommen. Jetzt setzt sich der Laptop auf nen Wiederherstellungspunkt zurück, in der Hoffnung das er dann wieder gescheit hochfährt. Genau das richtige für eine nervöse Person wie mich. *durchdreh*

Ähm.. Okay.. Das ist jetzt merkwürdig.
Nachdem der Laptop sich auf ein Wiederherstellungsdatum von weiß-Gott-wann zurückgesetzt hat, sind alle Schädlinge spurlos verschwunden.

Weder Malwarebyte, noch Spybot oder Antivir finden noch etwas.

Natürlich mag ich dem Frieden noch nicht so ganz trauen, daher eine Frage:
Was jetzt? Erneuter Scan mit OTL?

Geändert von Sabishii (18.06.2012 um 10:51 Uhr)

Antwort

Themen zu tr/atraps.gen2 gefunden und Registryänderungen festgestellt
avira, destroy, festgestellt, folge, folgendes, heute, laptop, meldung, microsoft, neu, problem, rückgängig, sache, schlägt, search, security, sobald, spybot, starte, starten, tr/atraps.gen, troja, trojaner, versuche, wenig, öfters



Ähnliche Themen: tr/atraps.gen2 gefunden und Registryänderungen festgestellt


  1. TR/ATRAPS.Gen/Gen2 von Avira gefunden
    Plagegeister aller Art und deren Bekämpfung - 06.10.2013 (21)
  2. TR/ATRAPS.Gen2 gefunden in Windows\installer
    Plagegeister aller Art und deren Bekämpfung - 15.06.2013 (53)
  3. TR/ATRAPS.Gen2 und W32/Patched.UC gefunden
    Plagegeister aller Art und deren Bekämpfung - 31.05.2013 (10)
  4. TR/Sirefef.AG.9, TR/ATRAPS.Gen2 von Avira auf dem PC gefunden
    Log-Analyse und Auswertung - 14.05.2013 (15)
  5. TR/ATRAPS.Gen2 und W32/Patched.UC gefunden
    Plagegeister aller Art und deren Bekämpfung - 13.05.2013 (19)
  6. Trojaner: tr/atraps.gen2, tr/atraps.gen, tr/atraps.gen3, tr/atraps.gen4, tr/atraps.gen5, tr/atraps.gen7 und services.exe virus
    Plagegeister aller Art und deren Bekämpfung - 11.01.2013 (29)
  7. TR/ATRAPS.Gen & TR/ATRAPS.Gen2 durch Avira gefunden
    Plagegeister aller Art und deren Bekämpfung - 10.11.2012 (3)
  8. TR/ATRAPS.Gen2 gefunden
    Log-Analyse und Auswertung - 24.10.2012 (10)
  9. TR/ATRAPS.Gen2 gefunden
    Plagegeister aller Art und deren Bekämpfung - 03.10.2012 (20)
  10. TR/ATRAPS.Gen2 von Avira gefunden
    Log-Analyse und Auswertung - 13.07.2012 (3)
  11. TR/ATRAPS.Gen , TR/ATRAPS.Gen2 und Live Security Platinum gefunden
    Plagegeister aller Art und deren Bekämpfung - 12.07.2012 (3)
  12. Virus gefunden: TR/ATRAPS.Gen, TR/ATRAPS.Gen2
    Plagegeister aller Art und deren Bekämpfung - 12.07.2012 (1)
  13. TR/ATRAPS.Gen/Gen2 gefunden
    Log-Analyse und Auswertung - 03.07.2012 (25)
  14. TR/Small.FI, TR/ATRAPS.Gen und TR/ATRAPS.Gen2 gefunden, aber nach Systemwiederherstellung weg?
    Plagegeister aller Art und deren Bekämpfung - 25.06.2012 (4)
  15. Tr/ATRAPS.Gen2 / TR/TRAPS.Gen / TR/Small.FI gefunden
    Plagegeister aller Art und deren Bekämpfung - 21.06.2012 (6)
  16. antivir hat tr/atraps.gen2 gefunden - was tun?
    Plagegeister aller Art und deren Bekämpfung - 07.03.2012 (17)
  17. TR/ATRAPS.Gen2 gefunden.
    Plagegeister aller Art und deren Bekämpfung - 22.01.2012 (18)

Zum Thema tr/atraps.gen2 gefunden und Registryänderungen festgestellt - Eines vorweg: Ich bin gerade ein wenig panisch. Sobald etwas mit meinem Laptop nicht stimmt, drehe ich immer gleich am Rad. Aber ich versuche mich zusammenzureißen, weil ich weiß das - tr/atraps.gen2 gefunden und Registryänderungen festgestellt...
Archiv
Du betrachtest: tr/atraps.gen2 gefunden und Registryänderungen festgestellt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.