| |
| |||||||
Log-Analyse und Auswertung: Virenmeldung- hier die LogsWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte. |
 |
18.07.2012, 20:00
| #1 |
 |  Virenmeldung- hier die Logs Hallo, bei meinem letzten Standardscan von Avira kamen leider ein paar Meldungen und ich sollte etwas in Quarantäne verschieben. Habe daher anschließend ein paar Scans mit den hier empfohlenen Programmen durchgeführt und würde mich über eine Auswertung der Logs freuen. Vielen Dank! OTL-Log ist im Anhang, Malewarebytes findet nichts. Hier der ESET-Log: ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=dcfba92e6655b24c8e9eafbd16580a98 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-07-18 06:28:06 # local_time=2012-07-18 08:28:06 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1792 16777215 100 0 22363067 22363067 0 0 # compatibility_mode=5893 16776573 100 94 27081 94255845 0 0 # compatibility_mode=8192 67108863 100 0 188 188 0 0 # scanned=176064 # found=0 # cleaned=0 # scan_time=10090 |
|
23.07.2012, 08:44
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Virenmeldung- hier die LogsZitat:
__________________ |
|
26.07.2012, 23:17
| #3 |
| | Virenmeldung- hier die Logs Hallo, danke für deine Antwort. Der Log von Avira ist hier:
__________________Avira Free Antivirus Erstellungsdatum der Reportdatei: Mittwoch, 18. Juli 2012 04:09 Es wird nach 3866964 Virenstämmen gesucht. Das Programm läuft als uneingeschränkte Vollversion. Online-Dienste stehen zur Verfügung. Lizenznehmer : Avira AntiVir Personal - Free Antivirus Seriennummer : 0000149996-ADJIE-0000001 Plattform : Windows 7 Home Premium Windowsversion : (Service Pack 1) [6.1.7601] Boot Modus : Normal gebootet Benutzername : SYSTEM Computername : SONYVAIO Versionsinformationen: BUILD.DAT : 12.0.0.1125 41829 Bytes 02.05.2012 16:34:00 AVSCAN.EXE : 12.3.0.15 466896 Bytes 13.05.2012 07:47:04 AVSCAN.DLL : 12.3.0.15 66256 Bytes 13.05.2012 07:47:04 LUKE.DLL : 12.3.0.15 68304 Bytes 13.05.2012 07:47:04 AVSCPLR.DLL : 12.3.0.14 97032 Bytes 13.05.2012 07:47:05 AVREG.DLL : 12.3.0.17 232200 Bytes 13.05.2012 07:47:05 VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 19:18:34 VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 10:07:39 VBASE002.VDF : 7.11.19.170 14374912 Bytes 20.12.2011 02:06:47 VBASE003.VDF : 7.11.21.238 4472832 Bytes 01.02.2012 22:23:35 VBASE004.VDF : 7.11.26.44 4329472 Bytes 28.03.2012 10:47:19 VBASE005.VDF : 7.11.34.116 4034048 Bytes 29.06.2012 17:24:15 VBASE006.VDF : 7.11.34.117 2048 Bytes 29.06.2012 17:24:15 VBASE007.VDF : 7.11.34.118 2048 Bytes 29.06.2012 17:24:18 VBASE008.VDF : 7.11.34.119 2048 Bytes 29.06.2012 17:24:18 VBASE009.VDF : 7.11.34.120 2048 Bytes 29.06.2012 17:24:19 VBASE010.VDF : 7.11.34.121 2048 Bytes 29.06.2012 17:24:19 VBASE011.VDF : 7.11.34.122 2048 Bytes 29.06.2012 17:24:20 VBASE012.VDF : 7.11.34.123 2048 Bytes 29.06.2012 17:24:20 VBASE013.VDF : 7.11.34.124 2048 Bytes 29.06.2012 17:24:21 VBASE014.VDF : 7.11.34.201 169472 Bytes 02.07.2012 16:05:03 VBASE015.VDF : 7.11.35.19 122368 Bytes 04.07.2012 16:05:06 VBASE016.VDF : 7.11.35.87 146944 Bytes 06.07.2012 16:05:10 VBASE017.VDF : 7.11.35.143 126464 Bytes 09.07.2012 16:05:06 VBASE018.VDF : 7.11.35.235 151552 Bytes 12.07.2012 16:05:13 VBASE019.VDF : 7.11.35.236 2048 Bytes 12.07.2012 16:05:15 VBASE020.VDF : 7.11.35.237 2048 Bytes 12.07.2012 16:05:17 VBASE021.VDF : 7.11.35.238 2048 Bytes 12.07.2012 16:05:18 VBASE022.VDF : 7.11.35.239 2048 Bytes 12.07.2012 16:05:18 VBASE023.VDF : 7.11.35.240 2048 Bytes 12.07.2012 16:05:21 VBASE024.VDF : 7.11.35.241 2048 Bytes 12.07.2012 16:05:21 VBASE025.VDF : 7.11.35.242 2048 Bytes 12.07.2012 16:05:25 VBASE026.VDF : 7.11.35.243 2048 Bytes 12.07.2012 16:05:25 VBASE027.VDF : 7.11.35.244 2048 Bytes 12.07.2012 16:05:26 VBASE028.VDF : 7.11.35.245 2048 Bytes 12.07.2012 16:05:27 VBASE029.VDF : 7.11.35.246 2048 Bytes 12.07.2012 16:05:28 VBASE030.VDF : 7.11.35.247 2048 Bytes 12.07.2012 16:05:30 VBASE031.VDF : 7.11.36.10 69632 Bytes 12.07.2012 16:06:19 Engineversion : 8.2.10.110 AEVDF.DLL : 8.1.2.10 102772 Bytes 10.07.2012 16:07:18 AESCRIPT.DLL : 8.1.4.32 455034 Bytes 08.07.2012 16:06:03 AESCN.DLL : 8.1.8.2 131444 Bytes 27.01.2012 15:47:17 AESBX.DLL : 8.2.5.12 606578 Bytes 01.07.2012 17:25:06 AERDL.DLL : 8.1.9.15 639348 Bytes 08.09.2011 22:16:06 AEPACK.DLL : 8.3.0.12 807286 Bytes 10.07.2012 16:07:01 AEOFFICE.DLL : 8.1.2.40 201082 Bytes 01.07.2012 17:25:00 AEHEUR.DLL : 8.1.4.64 5009782 Bytes 08.07.2012 16:06:00 AEHELP.DLL : 8.1.23.2 258422 Bytes 01.07.2012 17:24:42 AEGEN.DLL : 8.1.5.32 434548 Bytes 08.07.2012 16:05:26 AEEXP.DLL : 8.1.0.62 86389 Bytes 11.07.2012 16:04:52 AEEMU.DLL : 8.1.3.2 393587 Bytes 10.07.2012 16:05:48 AECORE.DLL : 8.1.27.2 201078 Bytes 10.07.2012 16:05:38 AEBB.DLL : 8.1.1.0 53618 Bytes 01.09.2011 22:46:01 AVWINLL.DLL : 12.3.0.15 27344 Bytes 13.05.2012 07:47:03 AVPREF.DLL : 12.3.0.15 51920 Bytes 13.05.2012 07:47:04 AVREP.DLL : 12.3.0.15 179208 Bytes 13.05.2012 07:47:05 AVARKT.DLL : 12.3.0.15 211408 Bytes 13.05.2012 07:47:04 AVEVTLOG.DLL : 12.3.0.15 169168 Bytes 13.05.2012 07:47:04 SQLITE3.DLL : 3.7.0.1 398288 Bytes 13.05.2012 07:47:04 AVSMTP.DLL : 12.3.0.15 63440 Bytes 13.05.2012 07:47:04 NETNT.DLL : 12.3.0.15 17104 Bytes 13.05.2012 07:47:04 RCIMAGE.DLL : 12.3.0.15 4447952 Bytes 13.05.2012 07:47:03 RCTEXT.DLL : 12.3.0.15 98512 Bytes 13.05.2012 07:47:03 Konfiguration für den aktuellen Suchlauf: Job Name..............................: Lokale Laufwerke Konfigurationsdatei...................: C:\program files (x86)\avira\antivir desktop\alldrives.avp Protokollierung.......................: standard Primäre Aktion........................: interaktiv Sekundäre Aktion......................: ignorieren Durchsuche Masterbootsektoren.........: ein Durchsuche Bootsektoren...............: ein Bootsektoren..........................: C:, G:, D:, E:, F:, Durchsuche aktive Programme...........: ein Durchsuche Registrierung..............: ein Suche nach Rootkits...................: aus Integritätsprüfung von Systemdateien..: aus Datei Suchmodus.......................: Intelligente Dateiauswahl Durchsuche Archive....................: ein Rekursionstiefe einschränken..........: 20 Archiv Smart Extensions...............: ein Makrovirenheuristik...................: ein Dateiheuristik........................: erweitert Beginn des Suchlaufs: Mittwoch, 18. Juli 2012 04:09 Der Suchlauf über die Masterbootsektoren wird begonnen: Masterbootsektor HD0 [INFO] Es wurde kein Virus gefunden! Masterbootsektor HD1 [INFO] Es wurde kein Virus gefunden! Masterbootsektor HD2 [INFO] Es wurde kein Virus gefunden! Der Suchlauf über die Bootsektoren wird begonnen: Bootsektor 'C:\' [INFO] Es wurde kein Virus gefunden! Bootsektor 'G:\' [INFO] Es wurde kein Virus gefunden! Bootsektor 'D:\' [INFO] Im Laufwerk 'D:\' ist kein Datenträger eingelegt! Bootsektor 'E:\' [INFO] Im Laufwerk 'E:\' ist kein Datenträger eingelegt! Der Suchlauf über gestartete Prozesse wird begonnen: Durchsuche Prozess 'update.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'FlashPlayerInstaller.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'avnotify.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'updrgui.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'update.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'GoogleUpdate.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'avscan.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'NclMSBTSrvEx.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'listener.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'ServiceLayer.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'NokiaSuite.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'VCService.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'IAStorDataMgrSvc.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'BluetoothHeadsetProxy.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'VESMgrSub.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'DllHost.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'VESMgr.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'uCamMonitor.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'PMBDeviceInfoProvider.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'HPLaserJetService.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'jusched.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'avgnt.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'NitroPDFPrinterMonitor.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'IAStorIcon.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'MarketingTools.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'avguard.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'PMBVolumeWatcher.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'ISBMgr.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'ONENOTEM.EXE' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'VoipBuster.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'armsvc.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'sched.exe' - '1' Modul(e) wurden durchsucht Durchsuche Prozess 'vpnagent.exe' - '1' Modul(e) wurden durchsucht Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen: Die Registry wurde durchsucht ( '2214' Dateien ). Der Suchlauf über die ausgewählten Dateien wird begonnen: Beginne mit der Suche in 'C:\' C:\Program Files\WinRAR\rarnew.dat [WARNUNG] Das Archiv ist unbekannt oder defekt C:\ProgramData\Spybot - Search & Destroy\Quarantine\Adviva-0000.zip [WARNUNG] Die Datei ist kennwortgeschützt C:\ProgramData\Spybot - Search & Destroy\Quarantine\BurstMedia-0000.zip [WARNUNG] Die Datei ist kennwortgeschützt C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0000.zip [WARNUNG] Die Datei ist kennwortgeschützt C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0001.zip [WARNUNG] Die Datei ist kennwortgeschützt C:\ProgramData\Spybot - Search & Destroy\Quarantine\CasaleMedia-0000.zip [WARNUNG] Die Datei ist kennwortgeschützt C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cookie-0000.zip [WARNUNG] Die Datei ist kennwortgeschützt C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cookie-0001.zip [WARNUNG] Die Datei ist kennwortgeschützt C:\ProgramData\Spybot - Search & Destroy\Quarantine\DoubleClick-0000.zip [WARNUNG] Die Datei ist kennwortgeschützt C:\ProgramData\Spybot - Search & Destroy\Quarantine\DoubleClick-0001.zip [WARNUNG] Die Datei ist kennwortgeschützt C:\ProgramData\Spybot - Search & Destroy\Quarantine\FastClick-0000.zip [WARNUNG] Die Datei ist kennwortgeschützt C:\ProgramData\Spybot - Search & Destroy\Quarantine\History-0000.zip [WARNUNG] Die Datei ist kennwortgeschützt C:\ProgramData\Spybot - Search & Destroy\Quarantine\History-0001.zip [WARNUNG] Die Datei ist kennwortgeschützt C:\ProgramData\Spybot - Search & Destroy\Quarantine\Internet Explorer-0000.zip [WARNUNG] Die Datei ist kennwortgeschützt C:\ProgramData\Spybot - Search & Destroy\Quarantine\Log-0000.zip [WARNUNG] Die Datei ist kennwortgeschützt C:\ProgramData\Spybot - Search & Destroy\Quarantine\Log-0001.zip [WARNUNG] Die Datei ist kennwortgeschützt C:\ProgramData\Spybot - Search & Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0000.zip [WARNUNG] Die Datei ist kennwortgeschützt C:\ProgramData\Spybot - Search & Destroy\Quarantine\MediaPlex-0000.zip [WARNUNG] Die Datei ist kennwortgeschützt C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Direct3D-0000.zip [WARNUNG] Die Datei ist kennwortgeschützt C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectDraw-0000.zip [WARNUNG] Die Datei ist kennwortgeschützt C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectInput-0000.zip [WARNUNG] Die Datei ist kennwortgeschützt C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Management Console-0000.zip [WARNUNG] Die Datei ist kennwortgeschützt C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Media Player-0000.zip [WARNUNG] Die Datei ist kennwortgeschützt C:\ProgramData\Spybot - Search & Destroy\Quarantine\Right Media-0000.zip [WARNUNG] Die Datei ist kennwortgeschützt C:\ProgramData\Spybot - Search & Destroy\Quarantine\Statcounter-0000.zip [WARNUNG] Die Datei ist kennwortgeschützt C:\ProgramData\Spybot - Search & Destroy\Quarantine\Tradedoubler-0000.zip [WARNUNG] Die Datei ist kennwortgeschützt C:\ProgramData\Spybot - Search & Destroy\Quarantine\WebTrends live-0000.zip [WARNUNG] Die Datei ist kennwortgeschützt C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Explorer-0000.zip [WARNUNG] Die Datei ist kennwortgeschützt C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0000.zip [WARNUNG] Die Datei ist kennwortgeschützt C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows-0000.zip [WARNUNG] Die Datei ist kennwortgeschützt C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows-0001.zip [WARNUNG] Die Datei ist kennwortgeschützt C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows.OpenWith-0000.zip [WARNUNG] Die Datei ist kennwortgeschützt C:\ProgramData\Spybot - Search & Destroy\Quarantine\WinRAR-0000.zip [WARNUNG] Die Datei ist kennwortgeschützt C:\ProgramData\Spybot - Search & Destroy\Quarantine\Zedo-0000.zip [WARNUNG] Die Datei ist kennwortgeschützt C:\Users\jimmythebob\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\21661e10-7df0bbd1 [0] Archivtyp: ZIP --> Atomic.class [FUND] Enthält Erkennungsmuster des Exploits EXP/2012-0507.CJ --> Homi.class [FUND] Enthält Erkennungsmuster des Exploits EXP/CVE-2012-0507.A.197 --> Kook.class [FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Dldr.Lamar.AR --> Lmpo.class [FUND] Enthält Erkennungsmuster des Exploits EXP/2008-5353.AM --> Oinc.class [FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Dldr.Treams.BO --> Sinaval.class [FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Dldr.Treams.BP --> Third.class [FUND] Enthält Erkennungsmuster des Exploits EXP/CVE-2012-0507.A.191 Beginne mit der Suche in 'G:\' <Volume> Beginne mit der Suche in 'D:\' Beginne mit der Suche in 'E:\' Der zu durchsuchende Pfad E:\ konnte nicht geöffnet werden! Systemfehler [21]: Das Gerät ist nicht bereit. Beginne mit der Suche in 'F:\' Der zu durchsuchende Pfad F:\ konnte nicht geöffnet werden! Systemfehler [21]: Das Gerät ist nicht bereit. Beginne mit der Desinfektion: C:\Users\jimmythebob\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\21661e10-7df0bbd1 [FUND] Enthält Erkennungsmuster des Exploits EXP/2012-0507.CJ [HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5504d8ca.qua' verschoben! Ende des Suchlaufs: Mittwoch, 18. Juli 2012 10:46 Benötigte Zeit: 6:36:42 Stunde(n) Der Suchlauf wurde vollständig durchgeführt. 31866 Verzeichnisse wurden überprüft 643358 Dateien wurden geprüft 8 Viren bzw. unerwünschte Programme wurden gefunden 0 Dateien wurden als verdächtig eingestuft 0 Dateien wurden gelöscht 0 Viren bzw. unerwünschte Programme wurden repariert 1 Dateien wurden in die Quarantäne verschoben 0 Dateien wurden umbenannt 0 Dateien konnten nicht durchsucht werden 643350 Dateien ohne Befall 3713 Archive wurden durchsucht 34 Warnungen 1 Hinweise |
|
27.07.2012, 08:27
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virenmeldung- hier die Logs Bitte auch alles von Malwarebytes posten Die Logs enthalten ein paar mehr Infos als nur Fund oder kein Fund. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ "Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak) Das Trojaner-Board unterstützen Warum Linux besser als Windows ist! |
|
27.07.2012, 11:23
| #5 |
| | Virenmeldung- hier die Logs Hallo, hier ist der Log vom Quick Scan vom 18.7. Heute habe ich einen vollständigen Suchlauf gemacht, das Log ist weiter unten. Code:
ATTFilter Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.07.18.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 jimmythebob :: SONYVAIO [Administrator] Schutz: Aktiviert 18.07.2012 17:26:59 mbam-log-2012-07-18 (17-26-59).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 216746 Laufzeit: 6 Minute(n), 16 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.07.27.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 jimmythebob :: SONYVAIO [Administrator] Schutz: Aktiviert 27.07.2012 11:02:59 mbam-log-2012-07-27 (11-02-59).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 351856 Laufzeit: 1 Stunde(n), 7 Minute(n), 38 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
27.07.2012, 13:33
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virenmeldung- hier die Logs adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren Downloade Dir bitte AdwCleaner auf deinen Desktop.
__________________ --> Virenmeldung- hier die Logs |
|
27.07.2012, 17:08
| #7 |
| | Virenmeldung- hier die Logs Super, danke für deine Hilfe. Hier die Logdatei: Code:
ATTFilter # AdwCleaner v1.703 - Logfile created 07/27/2012 at 18:07:10
# Updated 20/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : jimmythebob - SONYVAIO
# Running from : C:\Users\jimmythebob\Downloads\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
***** [Registry] *****
Key Found : HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Software
[x64] Key Found : HKCU\Software\Softonic
***** [Registre - GUID] *****
Key Found : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Key Found : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Registry is clean.
-\\ Mozilla Firefox v12.0 (de)
Profile name : default
File : C:\Users\jimmythebob\AppData\Roaming\Mozilla\Firefox\Profiles\54qofvpe.default\prefs.js
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [1274 octets] - [27/07/2012 18:07:10]
########## EOF - C:\AdwCleaner[R1].txt - [1402 octets] ##########
|
|
27.07.2012, 20:56
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virenmeldung- hier die Logs adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
__________________ "Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak) Das Trojaner-Board unterstützen Warum Linux besser als Windows ist! |
|
27.07.2012, 21:58
| #9 |
| | Virenmeldung- hier die LogsCode:
ATTFilter # AdwCleaner v1.703 - Logfile created 07/27/2012 at 22:55:53
# Updated 20/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : jimmythebob - SONYVAIO
# Running from : C:\Users\jimmythebob\Downloads\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
***** [Registry] *****
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Software
***** [Registre - GUID] *****
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Registry is clean.
-\\ Mozilla Firefox v12.0 (de)
Profile name : default
File : C:\Users\jimmythebob\AppData\Roaming\Mozilla\Firefox\Profiles\54qofvpe.default\prefs.js
[OK] File is clean.
*************************
|
|
27.07.2012, 22:41
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virenmeldung- hier die Logs Hätte da mal zwei Fragen bevor es weiter geht 1.) Geht der normale Modus von Windows (wieder) uneingeschränkt? 2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?
__________________ "Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak) Das Trojaner-Board unterstützen Warum Linux besser als Windows ist! |
|
27.07.2012, 23:35
| #11 |
| | Virenmeldung- hier die Logs Hallo, der normale Modus funktioniert einwandfrei. Ich habe im Startmenü z.B. den Ordner "Programme", welcher leer ist, dafür sind aber alle Programme einzeln im Startmenü vorhanden. Das stört mich nicht und ist auch schon länger so (s. meine älteren Beiträge hier im Forum). Ich merke keine Probleme am PC, wurde halt nur durch die Meldung von Avira misstrauisch. |
|
27.07.2012, 23:43
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virenmeldung- hier die Logs Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
Code:
ATTFilter netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ "Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak) Das Trojaner-Board unterstützen Warum Linux besser als Windows ist! |
|
28.07.2012, 00:27
| #13 |
| | Virenmeldung- hier die Logs OTL Logfile: Code:
ATTFilter OTL logfile created on: 28.07.2012 01:09:13 - Run 4
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\jimmythebob\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,92 Gb Total Physical Memory | 2,50 Gb Available Physical Memory | 63,65% Memory free
7,84 Gb Paging File | 5,93 Gb Available in Paging File | 75,62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 161,29 Gb Total Space | 91,60 Gb Free Space | 56,79% Space Free | Partition Type: NTFS
Drive D: | 951,94 Mb Total Space | 951,88 Mb Free Space | 99,99% Space Free | Partition Type: FAT
Drive G: | 126,89 Gb Total Space | 83,78 Gb Free Space | 66,03% Space Free | Partition Type: NTFS
Computer Name: SONYVAIO | User Name: jimmythebob | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.07.28 01:07:12 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\jimmythebob\Downloads\OTL(4).exe
PRC - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.07.03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.05.13 09:47:04 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.13 09:47:04 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.13 09:47:04 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.02.14 14:23:50 | 000,044,736 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Care\VCService.exe
PRC - [2011.01.29 06:36:18 | 000,081,016 | ---- | M] (Sony of America Corporation) -- C:\Program Files\Sony\VAIO Care\listener.exe
PRC - [2010.10.23 21:25:09 | 000,026,624 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe
PRC - [2010.05.28 11:14:24 | 000,205,168 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
PRC - [2010.05.06 03:59:38 | 000,583,360 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
PRC - [2010.03.03 21:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.03.03 21:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010.01.21 20:31:32 | 000,597,792 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe
PRC - [2009.11.30 19:20:00 | 000,112,488 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe
PRC - [2009.10.24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\PMB\PMBDeviceInfoProvider.exe
PRC - [2009.09.04 23:35:14 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2009.08.26 19:24:00 | 000,320,880 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe
PRC - [2009.05.14 12:12:40 | 000,209,216 | ---- | M] () -- C:\Program Files (x86)\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe
PRC - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
========== Modules (No Company Name) ==========
MOD - [2009.05.14 12:12:40 | 000,209,216 | ---- | M] () -- C:\Program Files (x86)\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe
MOD - [2008.12.12 16:48:50 | 000,507,904 | ---- | M] () -- C:\Program Files (x86)\Common Files\BCL Technologies\NitroPDF6\bepprint.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2012.02.08 00:52:50 | 000,343,032 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe -- (NitroReaderDriverReadSpool2)
SRV:64bit: - [2012.01.13 10:55:10 | 001,256,040 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Update Common\VUAgent.exe -- (VUAgent)
SRV:64bit: - [2011.05.19 20:15:44 | 000,549,616 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:64bit: - [2011.02.18 23:15:06 | 000,099,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV:64bit: - [2011.02.14 14:23:50 | 000,044,736 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Care\VCService.exe -- (VCService)
SRV:64bit: - [2011.01.29 06:36:18 | 000,259,192 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV:64bit: - [2011.01.20 13:27:18 | 000,286,936 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV:64bit: - [2010.10.25 18:55:26 | 000,387,896 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV:64bit: - [2010.08.11 08:46:06 | 000,845,312 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV:64bit: - [2010.04.07 15:04:24 | 000,127,800 | ---- | M] (HP) [Auto | Running] -- C:\Windows\SysNative\HPSIsvc.exe -- (HPSIService)
SRV:64bit: - [2009.11.30 19:51:18 | 000,571,248 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:64bit: - [2009.09.04 23:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012.07.27 01:02:09 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.05.19 14:49:59 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.13 09:47:04 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.13 09:47:04 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.04.22 07:51:04 | 000,720,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.01.20 13:16:26 | 000,887,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2010.10.12 16:52:48 | 000,423,280 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2010.09.27 16:13:26 | 000,074,496 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2010.09.10 09:47:30 | 000,108,400 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2010.09.10 09:47:30 | 000,067,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2010.05.28 11:14:24 | 000,205,168 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2010.05.06 03:59:38 | 000,583,360 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.03.03 21:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009.10.24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\SONY\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009.08.31 01:59:30 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)
SRV - [2009.08.31 01:59:18 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)
SRV - [2009.06.24 10:57:04 | 000,136,704 | ---- | M] (HP) [Auto | Stopped] -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.07.03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.05.13 09:47:05 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.13 09:47:05 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.04.22 07:51:38 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.09 11:28:20 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2012.01.09 11:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2012.01.09 11:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012.01.09 11:28:18 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.10.11 16:00:01 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.08.02 18:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.11.20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.06.22 04:51:14 | 000,035,840 | ---- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:64bit: - [2010.05.06 03:46:36 | 000,022,752 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64.sys -- (vpnva)
DRV:64bit: - [2010.03.06 01:41:05 | 000,020,480 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mvusbews.sys -- (mvusbews)
DRV:64bit: - [2010.03.03 20:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.11.18 22:07:14 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009.11.18 22:07:13 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009.11.18 22:07:13 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009.11.18 22:07:12 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2009.11.18 22:06:44 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009.11.12 22:16:19 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.11.12 22:06:44 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.11.12 22:05:01 | 000,084,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009.11.11 22:05:13 | 000,292,400 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.11.06 22:27:30 | 000,093,696 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci)
DRV:64bit: - [2009.10.27 22:06:59 | 000,151,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009.09.15 22:09:08 | 000,075,776 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe)
DRV:64bit: - [2009.08.19 22:09:21 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2009.08.05 23:24:16 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.26 14:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2009.05.20 12:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4072554069-706762954-2387328221-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-4072554069-706762954-2387328221-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01
IE - HKU\S-1-5-21-4072554069-706762954-2387328221-1001\..\SearchScopes,DefaultScope = {1661D042-EE5F-4896-863D-6056F542E24F}
IE - HKU\S-1-5-21-4072554069-706762954-2387328221-1001\..\SearchScopes\{03C86783-9293-4E7A-8AC3-AEF83F45BD7D}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-0/4?satitle={searchTerms}
IE - HKU\S-1-5-21-4072554069-706762954-2387328221-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-4072554069-706762954-2387328221-1001\..\SearchScopes\{1661D042-EE5F-4896-863D-6056F542E24F}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SVEC
IE - HKU\S-1-5-21-4072554069-706762954-2387328221-1001\..\SearchScopes\{6029794D-EE94-4045-A89C-1A7071EE8645}: "URL" = hxxp://de.shopping.com/?linkin_id=8056363
IE - HKU\S-1-5-21-4072554069-706762954-2387328221-1001\..\SearchScopes\{E9FD1855-39B6-4E54-AA2E-6F34B97BAB09}: "URL" = hxxp://www.zinio.com/search/index.jsp?s={searchTerms}&rf=sonyie8search
IE - HKU\S-1-5-21-4072554069-706762954-2387328221-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Wikipedia (de)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de"
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51
FF - prefs.js..extensions.enabledItems: {899DF1F8-2F43-4394-8315-37F6744E6319}:1.0.8
FF - prefs.js..extensions.enabledItems: de-DE@dictionaries.addons.mozilla.org:2.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.05.19 14:49:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.04.12 19:50:06 | 000,000,000 | ---D | M]
[2010.10.23 23:14:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jimmythebob\AppData\Roaming\Mozilla\Extensions
[2012.07.12 07:32:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jimmythebob\AppData\Roaming\Mozilla\Firefox\Profiles\54qofvpe.default\extensions
[2012.06.29 09:42:52 | 000,000,000 | ---D | M] (Wörterbuch Deutsch (de-DE), Hunspell-unterstützt) -- C:\Users\jimmythebob\AppData\Roaming\Mozilla\Firefox\Profiles\54qofvpe.default\extensions\de_DE@dicts.j3e.de
[2010.11.18 09:52:42 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\jimmythebob\AppData\Roaming\Mozilla\Firefox\Profiles\54qofvpe.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2010.10.25 23:36:41 | 000,002,036 | ---- | M] () -- C:\Users\jimmythebob\AppData\Roaming\Mozilla\Firefox\Profiles\54qofvpe.default\searchplugins\alle-preise---guenstigerde.xml
[2012.07.27 00:17:35 | 000,002,400 | ---- | M] () -- C:\Users\jimmythebob\AppData\Roaming\Mozilla\Firefox\Profiles\54qofvpe.default\searchplugins\google-deutschland.xml
[2011.10.18 17:47:57 | 000,001,330 | ---- | M] () -- C:\Users\jimmythebob\AppData\Roaming\Mozilla\Firefox\Profiles\54qofvpe.default\searchplugins\wikipedia-en.xml
[2012.05.19 14:50:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.07.12 07:32:57 | 000,287,803 | ---- | M] () (No name found) -- C:\USERS\JIMMYTHEBOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\54QOFVPE.DEFAULT\EXTENSIONS\{899DF1F8-2F43-4394-8315-37F6744E6319}.XPI
[2012.05.19 14:49:59 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.04.11 15:58:33 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.03.20 14:51:12 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.20 14:51:12 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.03.20 14:51:12 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.03.20 14:51:12 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.20 14:51:12 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.20 14:51:12 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2012.04.02 18:10:16 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4:64bit: - HKLM..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe (The Eraser Project)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [HPUsageTrackingLEDM] C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MarketingTools] C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe (Sony Corporation)
O4 - HKLM..\Run: [Nitro PDF Printer Monitor] C:\Program Files (x86)\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe ()
O4 - HKLM..\Run: [PMBVolumeWatcher] c:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKU\S-1-5-21-4072554069-706762954-2387328221-1001..\Run: [] File not found
O4 - HKU\S-1-5-21-4072554069-706762954-2387328221-1001..\Run: [VoipBuster] "C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4072554069-706762954-2387328221-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4072554069-706762954-2387328221-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://c:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://c:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.0)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5CA2638F-A594-4D24-80BE-A37A7C278809}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6F7B8B16-ED6E-472B-A1CB-E39E5D4F0CE5}: NameServer = 202.106.195.68 202.106.46.151
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CC1D3BD1-7EF4-4F82-A281-023520EA827B}: NameServer = 202.106.195.68 202.106.46.151
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F080DE39-A95A-4ECD-9EF4-659C412F3AD6}: DhcpNameServer = 202.99.96.68 60.30.102.92
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: MpfService - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: MpfService - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} -
ActiveX:64bit: >{DB562198-3A06-4B5D-86EF-D9ED5AD005BC} - RunDLL32 IEDKCS32.DLL,BrandIE4 CUSTOM
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012.07.27 18:21:17 | 000,000,000 | ---D | C] -- C:\Users\jimmythebob\Desktop\Neuer Ordner
[2012.07.27 12:30:19 | 000,000,000 | ---D | C] -- C:\Users\jimmythebob\Desktop\Unterlagen Sonja
[2012.07.18 20:57:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012.07.18 20:57:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2012.07.18 17:36:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.07.18 17:23:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.18 17:23:17 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.07.18 12:00:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.07.18 12:00:17 | 000,000,000 | ---D | C] -- C:\Users\jimmythebob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.07.08 15:23:50 | 000,000,000 | ---D | C] -- C:\Users\jimmythebob\Desktop\Peking Juli
========== Files - Modified Within 30 Days ==========
[2012.07.28 01:10:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.28 01:02:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.28 00:31:04 | 000,089,016 | ---- | M] () -- C:\test.xml
[2012.07.28 00:28:32 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat
[2012.07.27 23:09:23 | 000,014,144 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.27 23:09:23 | 000,014,144 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.27 23:05:10 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.07.27 23:05:10 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.07.27 23:05:10 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.07.27 23:05:10 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.07.27 23:05:10 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.07.27 22:57:51 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012.07.27 22:57:42 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.27 22:56:55 | 3156,807,680 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.18 20:58:36 | 000,010,363 | ---- | M] () -- C:\Users\jimmythebob\Desktop\OTL.rar
[2012.07.18 12:20:24 | 000,452,888 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.07.03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
========== Files Created - No Company Name ==========
[2012.07.18 20:58:36 | 000,010,363 | ---- | C] () -- C:\Users\jimmythebob\Desktop\OTL.rar
[2012.04.02 18:03:12 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.04.02 18:03:12 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.04.02 18:03:12 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.04.02 18:03:12 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.04.02 18:03:12 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.02.20 13:21:37 | 000,024,772 | ---- | C] () -- C:\ProgramData\P1100DEF.css
[2012.02.20 13:21:37 | 000,004,271 | ---- | C] () -- C:\ProgramData\P1100OS.HTM
[2012.02.20 13:21:37 | 000,002,944 | ---- | C] () -- C:\ProgramData\P1100SIG.GIF
[2011.01.02 17:28:46 | 000,029,184 | ---- | C] () -- C:\Users\jimmythebob\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.23 21:11:57 | 000,001,607 | ---- | C] () -- C:\Windows\SysWow64\McOEMAppRules.dat
========== LOP Check ==========
[2012.05.06 18:41:38 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Alle meine Passworte
[2012.02.08 18:05:03 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Downloaded Installations
[2011.11.15 17:38:51 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\elsterformular
[2012.02.07 01:49:42 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Netgear Live Parental Controls
[2012.04.24 11:00:57 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Nitro PDF
[2012.01.20 13:27:45 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Nokia
[2011.06.11 00:33:15 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Nokia Ovi Suite
[2011.11.22 18:08:41 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Nokia Suite
[2011.11.17 13:00:46 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\PC Suite
[2011.03.04 18:47:01 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\S.A.D
[2011.09.25 15:14:11 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\TuneUp Software
[2012.05.04 07:31:35 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\VoipBuster
[2012.06.11 19:33:55 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.04.07 01:09:46 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Adobe
[2012.05.06 18:41:38 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Alle meine Passworte
[2011.12.31 14:25:51 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Apple Computer
[2010.12.02 23:57:41 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\ArcSoft
[2011.11.02 22:42:40 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Avira
[2012.02.08 18:05:03 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Downloaded Installations
[2011.11.15 17:38:51 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\elsterformular
[2010.10.23 22:51:25 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Google
[2011.09.18 02:46:49 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\HP
[2010.10.23 22:39:25 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Identities
[2010.10.23 23:05:11 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\InstallShield
[2011.01.02 17:08:09 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Intel Corporation
[2010.10.23 22:59:31 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Macromedia
[2011.11.09 00:09:24 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Malwarebytes
[2009.11.20 02:27:16 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Media Center Programs
[2012.04.07 01:09:46 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Microsoft
[2010.10.23 23:14:51 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Mozilla
[2012.02.07 01:49:42 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Netgear Live Parental Controls
[2012.04.24 11:00:57 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Nitro PDF
[2012.01.20 13:27:45 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Nokia
[2011.06.11 00:33:15 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Nokia Ovi Suite
[2011.11.22 18:08:41 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Nokia Suite
[2011.11.17 13:00:46 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\PC Suite
[2011.03.13 13:43:06 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Roxio
[2011.03.04 18:47:01 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\S.A.D
[2012.07.27 00:37:44 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Skype
[2010.10.24 21:14:58 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Sony Corporation
[2011.09.25 15:14:11 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\TuneUp Software
[2012.05.04 07:31:35 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\VoipBuster
[2010.10.24 00:57:19 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2012.03.30 14:40:45 | 009,812,368 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Users\jimmythebob\AppData\Roaming\elsterformular\pluginmanager\tmp\install_est11.exe
[2012.03.12 18:14:06 | 008,547,008 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Users\jimmythebob\AppData\Roaming\elsterformular\pluginmanager\tmp\update_est_09_7094_8479.exe
[2012.03.12 18:14:49 | 007,468,376 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Users\jimmythebob\AppData\Roaming\elsterformular\pluginmanager\tmp\update_est_10_7094_8479.exe
[2012.03.12 18:13:17 | 012,362,088 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Users\jimmythebob\AppData\Roaming\elsterformular\pluginmanager\tmp\update_pica_0_7094_8479.exe
[2011.11.14 22:49:31 | 006,489,448 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Users\jimmythebob\AppData\Roaming\elsterformular\update\ElsterFormular_update-12_3_2_6814p.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\ERDNT\cache64\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\ERDNT\cache86\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\ERDNT\cache64\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: IASTOR.SYS >
[2010.03.03 20:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Windows\SysNative\drivers\iaStor.sys
[2010.03.03 20:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_78ebae21a80aa2b4\iaStor.sys
[2009.10.13 21:16:40 | 000,409,624 | ---- | M] (Intel Corporation) MD5=BE7D72FCF442C26975942007E0831241 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_6fca727099cdabf1\iaStor.sys
< MD5 for: IASTORV.SYS >
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\ERDNT\cache64\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\ERDNT\cache86\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\ERDNT\cache86\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\ERDNT\cache64\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: USER32.DLL >
[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\ERDNT\cache86\user32.dll
[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\ERDNT\cache64\user32.dll
[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\ERDNT\cache86\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\ERDNT\cache64\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WININIT.EXE >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\ERDNT\cache64\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\ERDNT\cache86\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\ERDNT\cache64\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< End of report >
|
|
28.07.2012, 21:58
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virenmeldung- hier die Logs Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C  nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ "Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak) Das Trojaner-Board unterstützen Warum Linux besser als Windows ist! |
|
29.07.2012, 00:10
| #15 |
| | Virenmeldung- hier die LogsCode:
ATTFilter 01:05:59.0553 4656 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
01:05:59.0626 4656 ============================================================
01:05:59.0626 4656 Current date / time: 2012/07/29 01:05:59.0626
01:05:59.0626 4656 SystemInfo:
01:05:59.0627 4656
01:05:59.0627 4656 OS Version: 6.1.7601 ServicePack: 1.0
01:05:59.0627 4656 Product type: Workstation
01:05:59.0627 4656 ComputerName: SONYVAIO
01:05:59.0627 4656 UserName: jimmythebob
01:05:59.0627 4656 Windows directory: C:\Windows
01:05:59.0627 4656 System windows directory: C:\Windows
01:05:59.0627 4656 Running under WOW64
01:05:59.0627 4656 Processor architecture: Intel x64
01:05:59.0627 4656 Number of processors: 4
01:05:59.0627 4656 Page size: 0x1000
01:05:59.0627 4656 Boot type: Normal boot
01:05:59.0627 4656 ============================================================
01:06:00.0470 4656 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:06:00.0475 4656 Drive \Device\Harddisk2\DR2 - Size: 0x3B811E00 (0.93 Gb), SectorSize: 0x200, Cylinders: 0xEE0, SectorsPerTrack: 0x20, TracksPerCylinder: 0x10, Type 'W'
01:06:00.0477 4656 ============================================================
01:06:00.0477 4656 \Device\Harddisk0\DR0:
01:06:00.0477 4656 MBR partitions:
01:06:00.0477 4656 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139F000, BlocksNum 0x32000
01:06:00.0477 4656 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x13D1000, BlocksNum 0x142942B0
01:06:00.0509 4656 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x15666000, BlocksNum 0xFDC8000
01:06:00.0509 4656 \Device\Harddisk2\DR2:
01:06:00.0510 4656 MBR partitions:
01:06:00.0510 4656 ============================================================
01:06:00.0570 4656 C: <-> \Device\Harddisk0\DR0\Partition1
01:06:00.0619 4656 G: <-> \Device\Harddisk0\DR0\Partition2
01:06:00.0619 4656 ============================================================
01:06:00.0619 4656 Initialize success
01:06:00.0619 4656 ============================================================
01:06:49.0587 4944 ============================================================
01:06:49.0587 4944 Scan started
01:06:49.0587 4944 Mode: Manual; SigCheck; TDLFS;
01:06:49.0587 4944 ============================================================
01:06:50.0766 4944 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
01:06:50.0953 4944 1394ohci - ok
01:06:51.0056 4944 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
01:06:51.0109 4944 ACDaemon - ok
01:06:51.0195 4944 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
01:06:51.0231 4944 ACPI - ok
01:06:51.0301 4944 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
01:06:51.0383 4944 AcpiPmi - ok
01:06:51.0507 4944 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
01:06:51.0522 4944 AdobeARMservice - ok
01:06:51.0697 4944 AdobeFlashPlayerUpdateSvc (6c40d5ed8951ab7b90d08af655224ee4) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
01:06:51.0718 4944 AdobeFlashPlayerUpdateSvc - ok
01:06:51.0806 4944 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
01:06:51.0842 4944 adp94xx - ok
01:06:51.0909 4944 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
01:06:51.0935 4944 adpahci - ok
01:06:51.0948 4944 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
01:06:51.0966 4944 adpu320 - ok
01:06:52.0015 4944 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
01:06:52.0207 4944 AeLookupSvc - ok
01:06:52.0301 4944 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
01:06:52.0410 4944 AFD - ok
01:06:52.0467 4944 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
01:06:52.0494 4944 agp440 - ok
01:06:52.0537 4944 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
01:06:52.0623 4944 ALG - ok
01:06:52.0693 4944 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
01:06:52.0716 4944 aliide - ok
01:06:52.0726 4944 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
01:06:52.0746 4944 amdide - ok
01:06:52.0780 4944 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
01:06:52.0851 4944 AmdK8 - ok
01:06:52.0859 4944 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
01:06:52.0909 4944 AmdPPM - ok
01:06:53.0015 4944 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
01:06:53.0038 4944 amdsata - ok
01:06:53.0060 4944 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
01:06:53.0079 4944 amdsbs - ok
01:06:53.0095 4944 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
01:06:53.0108 4944 amdxata - ok
01:06:53.0213 4944 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
01:06:53.0242 4944 AntiVirSchedulerService - ok
01:06:53.0271 4944 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
01:06:53.0287 4944 AntiVirService - ok
01:06:53.0369 4944 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
01:06:53.0561 4944 AppID - ok
01:06:53.0590 4944 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
01:06:53.0664 4944 AppIDSvc - ok
01:06:53.0754 4944 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
01:06:53.0852 4944 Appinfo - ok
01:06:53.0989 4944 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
01:06:54.0015 4944 arc - ok
01:06:54.0025 4944 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
01:06:54.0039 4944 arcsas - ok
01:06:54.0060 4944 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
01:06:54.0072 4944 ArcSoftKsUFilter - ok
01:06:54.0098 4944 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
01:06:54.0173 4944 AsyncMac - ok
01:06:54.0229 4944 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
01:06:54.0242 4944 atapi - ok
01:06:54.0372 4944 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
01:06:54.0509 4944 athr - ok
01:06:54.0678 4944 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
01:06:54.0790 4944 AudioEndpointBuilder - ok
01:06:54.0796 4944 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
01:06:54.0844 4944 AudioSrv - ok
01:06:55.0006 4944 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
01:06:55.0028 4944 avgntflt - ok
01:06:55.0044 4944 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
01:06:55.0066 4944 avipbb - ok
01:06:55.0077 4944 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
01:06:55.0088 4944 avkmgr - ok
01:06:55.0163 4944 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
01:06:55.0287 4944 AxInstSV - ok
01:06:55.0334 4944 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
01:06:55.0423 4944 b06bdrv - ok
01:06:55.0466 4944 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
01:06:55.0515 4944 b57nd60a - ok
01:06:55.0558 4944 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
01:06:55.0618 4944 BDESVC - ok
01:06:55.0635 4944 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
01:06:55.0736 4944 Beep - ok
01:06:55.0862 4944 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
01:06:55.0928 4944 BFE - ok
01:06:56.0049 4944 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
01:06:56.0187 4944 BITS - ok
01:06:56.0266 4944 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
01:06:56.0311 4944 blbdrive - ok
01:06:56.0378 4944 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
01:06:56.0411 4944 bowser - ok
01:06:56.0428 4944 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
01:06:56.0529 4944 BrFiltLo - ok
01:06:56.0542 4944 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
01:06:56.0563 4944 BrFiltUp - ok
01:06:56.0634 4944 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
01:06:56.0692 4944 BridgeMP - ok
01:06:56.0759 4944 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
01:06:56.0837 4944 Browser - ok
01:06:56.0888 4944 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
01:06:56.0992 4944 Brserid - ok
01:06:56.0999 4944 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
01:06:57.0044 4944 BrSerWdm - ok
01:06:57.0071 4944 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
01:06:57.0148 4944 BrUsbMdm - ok
01:06:57.0151 4944 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
01:06:57.0178 4944 BrUsbSer - ok
01:06:57.0261 4944 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
01:06:57.0348 4944 BthEnum - ok
01:06:57.0391 4944 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
01:06:57.0445 4944 BTHMODEM - ok
01:06:57.0493 4944 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
01:06:57.0596 4944 BthPan - ok
01:06:57.0711 4944 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
01:06:57.0804 4944 BTHPORT - ok
01:06:57.0839 4944 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
01:06:57.0917 4944 bthserv - ok
01:06:57.0973 4944 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
01:06:58.0033 4944 BTHUSB - ok
01:06:58.0080 4944 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys
01:06:58.0097 4944 btusbflt - ok
01:06:58.0137 4944 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys
01:06:58.0160 4944 btwaudio - ok
01:06:58.0199 4944 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys
01:06:58.0218 4944 btwavdt - ok
01:06:58.0346 4944 btwdins (31da517946ffe416442e864592548f8a) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
01:06:58.0376 4944 btwdins - ok
01:06:58.0417 4944 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
01:06:58.0425 4944 btwl2cap - ok
01:06:58.0450 4944 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys
01:06:58.0461 4944 btwrchid - ok
01:06:58.0538 4944 BVRPMPR5a64 (9887ca12f407d7fbc7f48f3678f5f0b6) C:\Windows\system32\drivers\BVRPMPR5a64.SYS
01:06:58.0554 4944 BVRPMPR5a64 - ok
01:06:58.0581 4944 catchme - ok
01:06:58.0618 4944 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
01:06:58.0700 4944 cdfs - ok
01:06:58.0785 4944 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
01:06:58.0837 4944 cdrom - ok
01:06:58.0922 4944 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
01:06:59.0032 4944 CertPropSvc - ok
01:06:59.0077 4944 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
01:06:59.0112 4944 circlass - ok
01:06:59.0175 4944 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
01:06:59.0212 4944 CLFS - ok
01:06:59.0284 4944 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:06:59.0306 4944 clr_optimization_v2.0.50727_32 - ok
01:06:59.0352 4944 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
01:06:59.0375 4944 clr_optimization_v2.0.50727_64 - ok
01:06:59.0425 4944 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:06:59.0447 4944 clr_optimization_v4.0.30319_32 - ok
01:06:59.0476 4944 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
01:06:59.0489 4944 clr_optimization_v4.0.30319_64 - ok
01:06:59.0543 4944 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
01:06:59.0606 4944 CmBatt - ok
01:06:59.0669 4944 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
01:06:59.0690 4944 cmdide - ok
01:06:59.0767 4944 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
01:06:59.0822 4944 CNG - ok
01:06:59.0859 4944 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
01:06:59.0874 4944 Compbatt - ok
01:06:59.0989 4944 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
01:07:00.0048 4944 CompositeBus - ok
01:07:00.0075 4944 COMSysApp - ok
01:07:00.0098 4944 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
01:07:00.0113 4944 crcdisk - ok
01:07:00.0182 4944 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
01:07:00.0260 4944 CryptSvc - ok
01:07:00.0340 4944 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
01:07:00.0438 4944 DcomLaunch - ok
01:07:00.0483 4944 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
01:07:00.0576 4944 defragsvc - ok
01:07:00.0660 4944 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
01:07:00.0743 4944 DfsC - ok
01:07:00.0834 4944 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
01:07:00.0897 4944 Dhcp - ok
01:07:00.0981 4944 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
01:07:01.0040 4944 discache - ok
01:07:01.0080 4944 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
01:07:01.0108 4944 Disk - ok
01:07:01.0175 4944 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
01:07:01.0244 4944 Dnscache - ok
01:07:01.0301 4944 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
01:07:01.0392 4944 dot3svc - ok
01:07:01.0444 4944 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
01:07:01.0542 4944 DPS - ok
01:07:01.0589 4944 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
01:07:01.0609 4944 drmkaud - ok
01:07:01.0707 4944 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
01:07:01.0752 4944 DXGKrnl - ok
01:07:01.0787 4944 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
01:07:01.0885 4944 EapHost - ok
01:07:02.0182 4944 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
01:07:02.0291 4944 ebdrv - ok
01:07:02.0425 4944 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
01:07:02.0468 4944 EFS - ok
01:07:02.0597 4944 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
01:07:02.0716 4944 ehRecvr - ok
01:07:02.0737 4944 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
01:07:02.0807 4944 ehSched - ok
01:07:02.0884 4944 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
01:07:02.0918 4944 elxstor - ok
01:07:02.0965 4944 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
01:07:03.0056 4944 ErrDev - ok
01:07:03.0120 4944 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
01:07:03.0210 4944 EventSystem - ok
01:07:03.0264 4944 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
01:07:03.0320 4944 exfat - ok
01:07:03.0347 4944 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
01:07:03.0419 4944 fastfat - ok
01:07:03.0537 4944 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
01:07:03.0640 4944 Fax - ok
01:07:03.0659 4944 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
01:07:03.0715 4944 fdc - ok
01:07:03.0765 4944 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
01:07:03.0851 4944 fdPHost - ok
01:07:03.0872 4944 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
01:07:03.0932 4944 FDResPub - ok
01:07:03.0987 4944 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
01:07:04.0014 4944 FileInfo - ok
01:07:04.0032 4944 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
01:07:04.0102 4944 Filetrace - ok
01:07:04.0127 4944 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
01:07:04.0166 4944 flpydisk - ok
01:07:04.0225 4944 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
01:07:04.0259 4944 FltMgr - ok
01:07:04.0370 4944 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
01:07:04.0485 4944 FontCache - ok
01:07:04.0574 4944 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:07:04.0594 4944 FontCache3.0.0.0 - ok
01:07:04.0643 4944 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
01:07:04.0666 4944 FsDepends - ok
01:07:04.0727 4944 fssfltr (53dab1791917a72738539ad25c4eed7f) C:\Windows\system32\DRIVERS\fssfltr.sys
01:07:04.0746 4944 fssfltr - ok
01:07:04.0878 4944 fsssvc (206ad9a89bf05dfa1621f1fc7b82592d) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
01:07:04.0921 4944 fsssvc - ok
01:07:05.0000 4944 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
01:07:05.0021 4944 Fs_Rec - ok
01:07:05.0091 4944 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
01:07:05.0128 4944 fvevol - ok
01:07:05.0174 4944 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
01:07:05.0189 4944 gagp30kx - ok
01:07:05.0274 4944 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
01:07:05.0360 4944 gpsvc - ok
01:07:05.0526 4944 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:07:05.0543 4944 gupdate - ok
01:07:05.0563 4944 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:07:05.0574 4944 gupdatem - ok
01:07:05.0602 4944 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
01:07:05.0666 4944 hcw85cir - ok
01:07:05.0763 4944 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
01:07:05.0800 4944 HdAudAddService - ok
01:07:05.0838 4944 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
01:07:05.0880 4944 HDAudBus - ok
01:07:05.0982 4944 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
01:07:06.0031 4944 HidBatt - ok
01:07:06.0068 4944 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
01:07:06.0121 4944 HidBth - ok
01:07:06.0154 4944 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
01:07:06.0205 4944 HidIr - ok
01:07:06.0249 4944 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
01:07:06.0341 4944 hidserv - ok
01:07:06.0395 4944 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
01:07:06.0420 4944 HidUsb - ok
01:07:06.0487 4944 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
01:07:06.0582 4944 hkmsvc - ok
01:07:06.0636 4944 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
01:07:06.0712 4944 HomeGroupListener - ok
01:07:06.0778 4944 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
01:07:06.0833 4944 HomeGroupProvider - ok
01:07:06.0943 4944 HP LaserJet Service (53dca61931847e35c950504bfb7559c6) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
01:07:06.0999 4944 HP LaserJet Service ( UnsignedFile.Multi.Generic ) - warning
01:07:06.0999 4944 HP LaserJet Service - detected UnsignedFile.Multi.Generic (1)
01:07:07.0079 4944 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
01:07:07.0107 4944 HpSAMD - ok
01:07:07.0164 4944 HPSIService (5a539a3cbd6ec1609d5333b486d5f74c) C:\Windows\system32\HPSIsvc.exe
01:07:07.0188 4944 HPSIService - ok
01:07:07.0286 4944 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
01:07:07.0398 4944 HTTP - ok
01:07:07.0435 4944 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
01:07:07.0459 4944 hwpolicy - ok
01:07:07.0519 4944 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
01:07:07.0537 4944 i8042prt - ok
01:07:07.0617 4944 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\drivers\iaStor.sys
01:07:07.0644 4944 iaStor - ok
01:07:07.0730 4944 IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
01:07:07.0748 4944 IAStorDataMgrSvc - ok
01:07:07.0840 4944 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
01:07:07.0885 4944 iaStorV - ok
01:07:08.0082 4944 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
01:07:08.0133 4944 idsvc - ok
01:07:08.0179 4944 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
01:07:08.0193 4944 iirsp - ok
01:07:08.0295 4944 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
01:07:08.0390 4944 IKEEXT - ok
01:07:08.0446 4944 Impcd (4ff8a2082d78255d2eb169f986bcc981) C:\Windows\system32\drivers\Impcd.sys
01:07:08.0512 4944 Impcd - ok
01:07:08.0745 4944 IntcAzAudAddService (5f35fe198ee7818221414776f8413ab0) C:\Windows\system32\drivers\RTKVHD64.sys
01:07:08.0834 4944 IntcAzAudAddService - ok
01:07:09.0022 4944 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
01:07:09.0043 4944 intelide - ok
01:07:09.0085 4944 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
01:07:09.0128 4944 intelppm - ok
01:07:09.0178 4944 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
01:07:09.0257 4944 IPBusEnum - ok
01:07:09.0334 4944 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:07:09.0387 4944 IpFilterDriver - ok
01:07:09.0486 4944 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
01:07:09.0549 4944 iphlpsvc - ok
01:07:09.0591 4944 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
01:07:09.0644 4944 IPMIDRV - ok
01:07:09.0693 4944 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
01:07:09.0775 4944 IPNAT - ok
01:07:09.0804 4944 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
01:07:09.0935 4944 IRENUM - ok
01:07:10.0037 4944 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
01:07:10.0059 4944 isapnp - ok
01:07:10.0116 4944 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
01:07:10.0141 4944 iScsiPrt - ok
01:07:10.0168 4944 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
01:07:10.0182 4944 kbdclass - ok
01:07:10.0210 4944 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
01:07:10.0254 4944 kbdhid - ok
01:07:10.0327 4944 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
01:07:10.0349 4944 KeyIso - ok
01:07:10.0393 4944 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
01:07:10.0415 4944 KSecDD - ok
01:07:10.0438 4944 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
01:07:10.0460 4944 KSecPkg - ok
01:07:10.0476 4944 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
01:07:10.0560 4944 ksthunk - ok
01:07:10.0613 4944 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
01:07:10.0698 4944 KtmRm - ok
01:07:10.0762 4944 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
01:07:10.0858 4944 LanmanServer - ok
01:07:10.0908 4944 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
01:07:11.0032 4944 LanmanWorkstation - ok
01:07:11.0078 4944 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
01:07:11.0150 4944 lltdio - ok
01:07:11.0206 4944 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
01:07:11.0279 4944 lltdsvc - ok
01:07:11.0316 4944 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
01:07:11.0358 4944 lmhosts - ok
01:07:11.0389 4944 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
01:07:11.0404 4944 LSI_FC - ok
01:07:11.0420 4944 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
01:07:11.0434 4944 LSI_SAS - ok
01:07:11.0441 4944 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
01:07:11.0454 4944 LSI_SAS2 - ok
01:07:11.0462 4944 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
01:07:11.0476 4944 LSI_SCSI - ok
01:07:11.0492 4944 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
01:07:11.0536 4944 luafv - ok
01:07:11.0611 4944 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
01:07:11.0637 4944 MBAMProtector - ok
01:07:11.0751 4944 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
01:07:11.0792 4944 MBAMService - ok
01:07:11.0847 4944 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
01:07:11.0898 4944 Mcx2Svc - ok
01:07:11.0959 4944 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
01:07:11.0981 4944 megasas - ok
01:07:12.0006 4944 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
01:07:12.0027 4944 MegaSR - ok
01:07:12.0058 4944 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
01:07:12.0140 4944 MMCSS - ok
01:07:12.0168 4944 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
01:07:12.0233 4944 Modem - ok
01:07:12.0273 4944 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
01:07:12.0327 4944 monitor - ok
01:07:12.0419 4944 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
01:07:12.0440 4944 mouclass - ok
01:07:12.0485 4944 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
01:07:12.0533 4944 mouhid - ok
01:07:12.0571 4944 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
01:07:12.0592 4944 mountmgr - ok
01:07:12.0703 4944 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
01:07:12.0725 4944 MozillaMaintenance - ok
01:07:12.0779 4944 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
01:07:12.0804 4944 mpio - ok
01:07:12.0840 4944 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
01:07:12.0896 4944 mpsdrv - ok
01:07:13.0016 4944 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
01:07:13.0113 4944 MpsSvc - ok
01:07:13.0156 4944 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
01:07:13.0179 4944 MRxDAV - ok
01:07:13.0233 4944 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
01:07:13.0312 4944 mrxsmb - ok
01:07:13.0365 4944 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:07:13.0401 4944 mrxsmb10 - ok
01:07:13.0425 4944 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:07:13.0438 4944 mrxsmb20 - ok
01:07:13.0495 4944 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
01:07:13.0516 4944 msahci - ok
01:07:13.0579 4944 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
01:07:13.0607 4944 msdsm - ok
01:07:13.0677 4944 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
01:07:13.0723 4944 MSDTC - ok
01:07:13.0767 4944 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
01:07:13.0826 4944 Msfs - ok
01:07:13.0845 4944 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
01:07:13.0911 4944 mshidkmdf - ok
01:07:13.0951 4944 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
01:07:13.0977 4944 msisadrv - ok
01:07:14.0007 4944 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
01:07:14.0082 4944 MSiSCSI - ok
01:07:14.0085 4944 msiserver - ok
01:07:14.0133 4944 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
01:07:14.0207 4944 MSKSSRV - ok
01:07:14.0231 4944 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
01:07:14.0315 4944 MSPCLOCK - ok
01:07:14.0318 4944 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
01:07:14.0372 4944 MSPQM - ok
01:07:14.0433 4944 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
01:07:14.0459 4944 MsRPC - ok
01:07:14.0504 4944 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
01:07:14.0517 4944 mssmbios - ok
01:07:14.0536 4944 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
01:07:14.0601 4944 MSTEE - ok
01:07:14.0627 4944 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
01:07:14.0641 4944 MTConfig - ok
01:07:14.0658 4944 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
01:07:14.0672 4944 Mup - ok
01:07:14.0731 4944 mvusbews (8fa52b6049596fe2fdbc8a5e8b14ebfc) C:\Windows\system32\Drivers\mvusbews.sys
01:07:14.0758 4944 mvusbews - ok
01:07:14.0831 4944 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
01:07:14.0936 4944 napagent - ok
01:07:15.0025 4944 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
01:07:15.0085 4944 NativeWifiP - ok
01:07:15.0204 4944 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
01:07:15.0249 4944 NDIS - ok
01:07:15.0272 4944 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
01:07:15.0351 4944 NdisCap - ok
01:07:15.0386 4944 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
01:07:15.0471 4944 NdisTapi - ok
01:07:15.0553 4944 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
01:07:15.0644 4944 Ndisuio - ok
01:07:15.0693 4944 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
01:07:15.0764 4944 NdisWan - ok
01:07:15.0816 4944 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
01:07:15.0893 4944 NDProxy - ok
01:07:15.0968 4944 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
01:07:16.0057 4944 NetBIOS - ok
01:07:16.0109 4944 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
01:07:16.0213 4944 NetBT - ok
01:07:16.0260 4944 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
01:07:16.0286 4944 Netlogon - ok
01:07:16.0345 4944 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
01:07:16.0428 4944 Netman - ok
01:07:16.0481 4944 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
01:07:16.0577 4944 netprofm - ok
01:07:16.0648 4944 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
01:07:16.0673 4944 NetTcpPortSharing - ok
01:07:16.0717 4944 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
01:07:16.0733 4944 nfrd960 - ok
01:07:16.0910 4944 NitroReaderDriverReadSpool2 (f8aa2483aa9134b4a75efa9e9b240802) C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
01:07:16.0943 4944 NitroReaderDriverReadSpool2 - ok
01:07:17.0041 4944 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
01:07:17.0135 4944 NlaSvc - ok
01:07:17.0202 4944 nmwcd (5fe6f8c05f0769bbb74afac11453b182) C:\Windows\system32\drivers\ccdcmbx64.sys
01:07:17.0289 4944 nmwcd - ok
01:07:17.0320 4944 nmwcdc (73c929945c0850b8d1fe2fea05fdf05d) C:\Windows\system32\drivers\ccdcmbox64.sys
01:07:17.0348 4944 nmwcdc - ok
01:07:17.0357 4944 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
01:07:17.0405 4944 Npfs - ok
01:07:17.0434 4944 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
01:07:17.0515 4944 nsi - ok
01:07:17.0552 4944 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
01:07:17.0622 4944 nsiproxy - ok
01:07:17.0768 4944 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
01:07:17.0841 4944 Ntfs - ok
01:07:17.0993 4944 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
01:07:18.0046 4944 Null - ok
01:07:18.0085 4944 NVHDA (ad37248bd442d41c9a896e53eb8a85ee) C:\Windows\system32\drivers\nvhda64v.sys
01:07:18.0108 4944 NVHDA - ok
01:07:18.0838 4944 nvlddmkm (ca8447574e9dae22250c723819d3ef96) C:\Windows\system32\DRIVERS\nvlddmkm.sys
01:07:19.0215 4944 nvlddmkm - ok
01:07:19.0434 4944 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
01:07:19.0466 4944 nvraid - ok
01:07:19.0488 4944 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
01:07:19.0505 4944 nvstor - ok
01:07:19.0576 4944 nvsvc (ad1e49bceb5d446a271c43bfa8fd71d2) C:\Windows\system32\nvvsvc.exe
01:07:19.0616 4944 nvsvc - ok
01:07:19.0642 4944 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
01:07:19.0658 4944 nv_agp - ok
01:07:19.0664 4944 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
01:07:19.0703 4944 ohci1394 - ok
01:07:19.0812 4944 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:07:19.0836 4944 ose - ok
01:07:20.0223 4944 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
01:07:20.0356 4944 osppsvc - ok
01:07:20.0478 4944 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
01:07:20.0564 4944 p2pimsvc - ok
01:07:20.0602 4944 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
01:07:20.0630 4944 p2psvc - ok
01:07:20.0688 4944 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
01:07:20.0715 4944 Parport - ok
01:07:20.0771 4944 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
01:07:20.0797 4944 partmgr - ok
01:07:20.0824 4944 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
01:07:20.0876 4944 PcaSvc - ok
01:07:20.0943 4944 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
01:07:21.0014 4944 pccsmcfd - ok
01:07:21.0069 4944 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
01:07:21.0096 4944 pci - ok
01:07:21.0116 4944 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
01:07:21.0131 4944 pciide - ok
01:07:21.0165 4944 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
01:07:21.0187 4944 pcmcia - ok
01:07:21.0204 4944 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
01:07:21.0218 4944 pcw - ok
01:07:21.0266 4944 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
01:07:21.0361 4944 PEAUTH - ok
01:07:21.0438 4944 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
01:07:21.0482 4944 PerfHost - ok
01:07:21.0631 4944 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
01:07:21.0712 4944 pla - ok
01:07:21.0806 4944 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
01:07:21.0842 4944 PlugPlay - ok
01:07:21.0971 4944 PMBDeviceInfoProvider (627fa58adc043704f9d14ca44340956f) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
01:07:22.0003 4944 PMBDeviceInfoProvider - ok
01:07:22.0020 4944 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
01:07:22.0055 4944 PNRPAutoReg - ok
01:07:22.0101 4944 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
01:07:22.0121 4944 PNRPsvc - ok
01:07:22.0193 4944 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
01:07:22.0290 4944 PolicyAgent - ok
01:07:22.0325 4944 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
01:07:22.0400 4944 Power - ok
01:07:22.0499 4944 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
01:07:22.0586 4944 PptpMiniport - ok
01:07:22.0628 4944 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
01:07:22.0678 4944 Processor - ok
01:07:22.0738 4944 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
01:07:22.0834 4944 ProfSvc - ok
01:07:22.0883 4944 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
01:07:22.0908 4944 ProtectedStorage - ok
01:07:22.0965 4944 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
01:07:23.0038 4944 Psched - ok
01:07:23.0085 4944 PxHlpa64 (aed797cca02783296c68aa10d0cff8a9) C:\Windows\system32\Drivers\PxHlpa64.sys
01:07:23.0105 4944 PxHlpa64 - ok
01:07:23.0223 4944 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
01:07:23.0283 4944 ql2300 - ok
01:07:23.0394 4944 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
01:07:23.0418 4944 ql40xx - ok
01:07:23.0451 4944 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
01:07:23.0478 4944 QWAVE - ok
01:07:23.0492 4944 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
01:07:23.0551 4944 QWAVEdrv - ok
01:07:23.0577 4944 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
01:07:23.0659 4944 RasAcd - ok
01:07:23.0708 4944 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
01:07:23.0767 4944 RasAgileVpn - ok
01:07:23.0778 4944 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
01:07:23.0843 4944 RasAuto - ok
01:07:23.0885 4944 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
01:07:24.0023 4944 Rasl2tp - ok
01:07:24.0124 4944 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
01:07:24.0209 4944 RasMan - ok
01:07:24.0252 4944 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
01:07:24.0342 4944 RasPppoe - ok
01:07:24.0372 4944 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
01:07:24.0462 4944 RasSstp - ok
01:07:24.0521 4944 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
01:07:24.0618 4944 rdbss - ok
01:07:24.0648 4944 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
01:07:24.0699 4944 rdpbus - ok
01:07:24.0732 4944 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
01:07:24.0789 4944 RDPCDD - ok
01:07:24.0796 4944 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
01:07:24.0863 4944 RDPENCDD - ok
01:07:24.0888 4944 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
01:07:24.0935 4944 RDPREFMP - ok
01:07:24.0979 4944 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
01:07:25.0034 4944 RDPWD - ok
01:07:25.0115 4944 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
01:07:25.0144 4944 rdyboost - ok
01:07:25.0177 4944 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
01:07:25.0262 4944 RemoteAccess - ok
01:07:25.0299 4944 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
01:07:25.0382 4944 RemoteRegistry - ok
01:07:25.0439 4944 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
01:07:25.0494 4944 RFCOMM - ok
01:07:25.0556 4944 rimspci (5ca4abd888b602551b59baa26941c167) C:\Windows\system32\drivers\rimssne64.sys
01:07:25.0610 4944 rimspci - ok
01:07:25.0641 4944 risdsnpe (bb6e138aeb351728959da5e2731d8140) C:\Windows\system32\drivers\risdsne64.sys
01:07:25.0706 4944 risdsnpe - ok
01:07:25.0788 4944 Roxio UPnP Renderer 10 (d151224bc11078895a60fa970728ff59) C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
01:07:25.0820 4944 Roxio UPnP Renderer 10 - ok
01:07:25.0858 4944 Roxio Upnp Server 10 (5022a927944878bd750960bd21e751af) C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
01:07:25.0885 4944 Roxio Upnp Server 10 - ok
01:07:25.0911 4944 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
01:07:25.0981 4944 RpcEptMapper - ok
01:07:26.0020 4944 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
01:07:26.0064 4944 RpcLocator - ok
01:07:26.0132 4944 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
01:07:26.0217 4944 RpcSs - ok
01:07:26.0281 4944 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
01:07:26.0368 4944 rspndr - ok
01:07:26.0461 4944 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
01:07:26.0487 4944 SamSs - ok
01:07:26.0536 4944 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
01:07:26.0553 4944 sbp2port - ok
01:07:26.0585 4944 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
01:07:26.0656 4944 SCardSvr - ok
01:07:26.0698 4944 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
01:07:26.0791 4944 scfilter - ok
01:07:26.0909 4944 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
01:07:26.0990 4944 Schedule - ok
01:07:27.0038 4944 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
01:07:27.0083 4944 SCPolicySvc - ok
01:07:27.0159 4944 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
01:07:27.0204 4944 sdbus - ok
01:07:27.0253 4944 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
01:07:27.0329 4944 SDRSVC - ok
01:07:27.0362 4944 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
01:07:27.0441 4944 secdrv - ok
01:07:27.0494 4944 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
01:07:27.0583 4944 seclogon - ok
01:07:27.0632 4944 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
01:07:27.0726 4944 SENS - ok
01:07:27.0762 4944 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
01:07:27.0792 4944 SensrSvc - ok
01:07:27.0821 4944 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
01:07:27.0836 4944 Serenum - ok
01:07:27.0851 4944 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
01:07:27.0889 4944 Serial - ok
01:07:27.0965 4944 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
01:07:28.0015 4944 sermouse - ok
01:07:28.0158 4944 ServiceLayer (c15b813f2fdb44f87f23312472c6e790) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
01:07:28.0200 4944 ServiceLayer - ok
01:07:28.0261 4944 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
01:07:28.0341 4944 SessionEnv - ok
01:07:28.0367 4944 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\drivers\SFEP.sys
01:07:28.0434 4944 SFEP - ok
01:07:28.0480 4944 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
01:07:28.0549 4944 sffdisk - ok
01:07:28.0566 4944 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
01:07:28.0615 4944 sffp_mmc - ok
01:07:28.0644 4944 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
01:07:28.0692 4944 sffp_sd - ok
01:07:28.0722 4944 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
01:07:28.0758 4944 sfloppy - ok
01:07:28.0842 4944 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
01:07:28.0942 4944 SharedAccess - ok
01:07:29.0009 4944 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
01:07:29.0104 4944 ShellHWDetection - ok
01:07:29.0141 4944 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
01:07:29.0153 4944 SiSRaid2 - ok
01:07:29.0178 4944 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
01:07:29.0193 4944 SiSRaid4 - ok
01:07:29.0209 4944 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
01:07:29.0299 4944 Smb - ok
01:07:29.0354 4944 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
01:07:29.0394 4944 SNMPTRAP - ok
01:07:29.0498 4944 SOHCImp (c3e69db0a4e59564230e053232f39ac7) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
01:07:29.0516 4944 SOHCImp - ok
01:07:29.0573 4944 SOHDms (65cc4779a29c3e82b987bd4961790dff) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
01:07:29.0603 4944 SOHDms - ok
01:07:29.0620 4944 SOHDs (f47d75cee1844eef4a9ea6ee768828fb) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
01:07:29.0630 4944 SOHDs - ok
01:07:29.0743 4944 SpfService (65e5659e9c2a0762d05657c0e22a7ca2) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
01:07:29.0768 4944 SpfService - ok
01:07:29.0793 4944 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
01:07:29.0807 4944 spldr - ok
01:07:29.0891 4944 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
01:07:29.0964 4944 Spooler - ok
01:07:30.0235 4944 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
01:07:30.0407 4944 sppsvc - ok
01:07:30.0506 4944 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
01:07:30.0584 4944 sppuinotify - ok
01:07:30.0686 4944 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
01:07:30.0765 4944 srv - ok
01:07:30.0835 4944 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
01:07:30.0893 4944 srv2 - ok
01:07:30.0945 4944 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
01:07:30.0985 4944 srvnet - ok
01:07:31.0038 4944 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
01:07:31.0127 4944 SSDPSRV - ok
01:07:31.0157 4944 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
01:07:31.0205 4944 SstpSvc - ok
01:07:31.0229 4944 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
01:07:31.0242 4944 stexstor - ok
01:07:31.0332 4944 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
01:07:31.0383 4944 stisvc - ok
01:07:31.0421 4944 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
01:07:31.0435 4944 swenum - ok
01:07:31.0480 4944 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
01:07:31.0569 4944 swprv - ok
01:07:31.0639 4944 SynTP (8f63178d1db81bb79270ae55ecdd8321) C:\Windows\system32\DRIVERS\SynTP.sys
01:07:31.0670 4944 SynTP - ok
01:07:31.0840 4944 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
01:07:31.0937 4944 SysMain - ok
01:07:32.0079 4944 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
01:07:32.0121 4944 TabletInputService - ok
01:07:32.0152 4944 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
01:07:32.0227 4944 TapiSrv - ok
01:07:32.0264 4944 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
01:07:32.0335 4944 TBS - ok
01:07:32.0540 4944 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
01:07:32.0605 4944 Tcpip - ok
01:07:32.0875 4944 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
01:07:32.0925 4944 TCPIP6 - ok
01:07:33.0058 4944 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
01:07:33.0142 4944 tcpipreg - ok
01:07:33.0186 4944 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
01:07:33.0254 4944 TDPIPE - ok
01:07:33.0306 4944 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
01:07:33.0350 4944 TDTCP - ok
01:07:33.0401 4944 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
01:07:33.0463 4944 tdx - ok
01:07:33.0534 4944 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
01:07:33.0547 4944 TermDD - ok
01:07:33.0610 4944 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
01:07:33.0681 4944 TermService - ok
01:07:33.0701 4944 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
01:07:33.0745 4944 Themes - ok
01:07:33.0793 4944 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
01:07:33.0856 4944 THREADORDER - ok
01:07:33.0870 4944 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
01:07:33.0939 4944 TrkWks - ok
01:07:34.0021 4944 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
01:07:34.0100 4944 TrustedInstaller - ok
01:07:34.0152 4944 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
01:07:34.0214 4944 tssecsrv - ok
01:07:34.0287 4944 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
01:07:34.0358 4944 TsUsbFlt - ok
01:07:34.0440 4944 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
01:07:34.0535 4944 tunnel - ok
01:07:34.0574 4944 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
01:07:34.0588 4944 uagp35 - ok
01:07:34.0660 4944 uCamMonitor (63f6d08c54d5b3c1b12a6172032055c7) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
01:07:34.0682 4944 uCamMonitor - ok
01:07:34.0747 4944 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
01:07:34.0846 4944 udfs - ok
01:07:34.0894 4944 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
01:07:34.0922 4944 UI0Detect - ok
01:07:34.0989 4944 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
01:07:35.0016 4944 uliagpkx - ok
01:07:35.0072 4944 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
01:07:35.0120 4944 umbus - ok
01:07:35.0161 4944 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
01:07:35.0208 4944 UmPass - ok
01:07:35.0269 4944 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
01:07:35.0367 4944 upnphost - ok
01:07:35.0417 4944 upperdev (34afb83c7bba370e404e52cc2290350c) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
01:07:35.0478 4944 upperdev - ok
01:07:35.0550 4944 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
01:07:35.0578 4944 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
01:07:35.0578 4944 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
01:07:35.0628 4944 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
01:07:35.0700 4944 usbccgp - ok
01:07:35.0761 4944 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
01:07:35.0793 4944 usbcir - ok
01:07:35.0807 4944 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
01:07:35.0850 4944 usbehci - ok
01:07:35.0901 4944 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
01:07:35.0947 4944 usbhub - ok
01:07:35.0985 4944 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
01:07:36.0029 4944 usbohci - ok
01:07:36.0073 4944 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
01:07:36.0121 4944 usbprint - ok
01:07:36.0161 4944 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
01:07:36.0187 4944 usbscan - ok
01:07:36.0245 4944 usbser (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\drivers\usbser.sys
01:07:36.0327 4944 usbser - ok
01:07:36.0363 4944 UsbserFilt (aa75e1efbee7186b4cbaaacf1f15e6ca) C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
01:07:36.0431 4944 UsbserFilt - ok
01:07:36.0477 4944 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:07:36.0549 4944 USBSTOR - ok
01:07:36.0596 4944 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
01:07:36.0642 4944 usbuhci - ok
01:07:36.0736 4944 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
01:07:36.0768 4944 usbvideo - ok
01:07:36.0797 4944 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
01:07:36.0865 4944 UxSms - ok
01:07:36.0947 4944 VAIO Entertainment TV Device Arbitration Service (8e68e4aa2d7abbf7c9159d9d2a38ae0f) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
01:07:36.0965 4944 VAIO Entertainment TV Device Arbitration Service - ok
01:07:37.0062 4944 VAIO Event Service (6b31c9cb94927dbeeb62e15275f4cc54) C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
01:07:37.0082 4944 VAIO Event Service - ok
01:07:37.0196 4944 VAIO Power Management (b8c9a7010afd5cbbe194cb9ef7c4fd14) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
01:07:37.0230 4944 VAIO Power Management - ok
01:07:37.0284 4944 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
01:07:37.0308 4944 VaultSvc - ok
01:07:37.0425 4944 VCFw (d00058c1fff3f3de990444a5734e9639) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
01:07:37.0474 4944 VCFw - ok
01:07:37.0620 4944 VcmIAlzMgr (f19275655b42086c884abcdae2c659ae) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
01:07:37.0674 4944 VcmIAlzMgr - ok
01:07:37.0751 4944 VcmINSMgr (cbb9f0d1017e0bed4cb5bbc0ebf26dc1) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
01:07:37.0786 4944 VcmINSMgr - ok
01:07:37.0914 4944 VcmXmlIfHelper (32a3735f6874b7783c6209ed5ca36d9d) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
01:07:37.0934 4944 VcmXmlIfHelper - ok
01:07:38.0013 4944 VCService (d347d3abe070aa09c22fc37121555d52) C:\Program Files\Sony\VAIO Care\VCService.exe
01:07:38.0031 4944 VCService - ok
01:07:38.0169 4944 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
01:07:38.0191 4944 vdrvroot - ok
01:07:38.0270 4944 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
01:07:38.0381 4944 vds - ok
01:07:38.0423 4944 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
01:07:38.0439 4944 vga - ok
01:07:38.0458 4944 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
01:07:38.0519 4944 VgaSave - ok
01:07:38.0581 4944 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
01:07:38.0613 4944 vhdmp - ok
01:07:38.0626 4944 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
01:07:38.0642 4944 viaide - ok
01:07:38.0661 4944 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
01:07:38.0676 4944 volmgr - ok
01:07:38.0750 4944 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
01:07:38.0787 4944 volmgrx - ok
01:07:38.0827 4944 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
01:07:38.0848 4944 volsnap - ok
01:07:38.0945 4944 vpnagent (caafa2333b428a12bfa97ecd389f59c5) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
01:07:38.0979 4944 vpnagent - ok
01:07:39.0004 4944 vpnva (e526a69d932538ae8bc96b3f4a5a90b1) C:\Windows\system32\DRIVERS\vpnva64.sys
01:07:39.0013 4944 vpnva - ok
01:07:39.0046 4944 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
01:07:39.0063 4944 vsmraid - ok
01:07:39.0216 4944 VSNService (047f22bdfdae6df6f1e47e747a1237a2) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
01:07:39.0271 4944 VSNService ( UnsignedFile.Multi.Generic ) - warning
01:07:39.0272 4944 VSNService - detected UnsignedFile.Multi.Generic (1)
01:07:39.0418 4944 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
01:07:39.0529 4944 VSS - ok
01:07:39.0780 4944 VUAgent (fb4a1695d2d74f9c92ca5e84795cdbe1) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
01:07:39.0847 4944 VUAgent - ok
01:07:39.0959 4944 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
01:07:40.0016 4944 vwifibus - ok
01:07:40.0059 4944 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
01:07:40.0079 4944 vwififlt - ok
01:07:40.0099 4944 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
01:07:40.0119 4944 vwifimp - ok
01:07:40.0164 4944 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
01:07:40.0242 4944 W32Time - ok
01:07:40.0283 4944 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
01:07:40.0332 4944 WacomPen - ok
01:07:40.0422 4944 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
01:07:40.0516 4944 WANARP - ok
01:07:40.0520 4944 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
01:07:40.0567 4944 Wanarpv6 - ok
01:07:40.0724 4944 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
01:07:40.0788 4944 WatAdminSvc - ok
01:07:40.0911 4944 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
01:07:41.0008 4944 wbengine - ok
01:07:41.0111 4944 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
01:07:41.0156 4944 WbioSrvc - ok
01:07:41.0209 4944 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
01:07:41.0264 4944 wcncsvc - ok
01:07:41.0286 4944 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
01:07:41.0318 4944 WcsPlugInService - ok
01:07:41.0362 4944 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
01:07:41.0376 4944 Wd - ok
01:07:41.0435 4944 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
01:07:41.0472 4944 Wdf01000 - ok
01:07:41.0490 4944 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
01:07:41.0610 4944 WdiServiceHost - ok
01:07:41.0616 4944 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
01:07:41.0638 4944 WdiSystemHost - ok
01:07:41.0703 4944 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
01:07:41.0778 4944 WebClient - ok
01:07:41.0827 4944 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
01:07:41.0926 4944 Wecsvc - ok
01:07:41.0951 4944 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
01:07:42.0021 4944 wercplsupport - ok
01:07:42.0059 4944 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
01:07:42.0105 4944 WerSvc - ok
01:07:42.0170 4944 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
01:07:42.0219 4944 WfpLwf - ok
01:07:42.0237 4944 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
01:07:42.0250 4944 WIMMount - ok
01:07:42.0279 4944 WinDefend - ok
01:07:42.0285 4944 WinHttpAutoProxySvc - ok
01:07:42.0355 4944 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
01:07:42.0457 4944 Winmgmt - ok
01:07:42.0627 4944 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
01:07:42.0746 4944 WinRM - ok
01:07:42.0921 4944 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
01:07:42.0977 4944 WinUsb - ok
01:07:43.0072 4944 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
01:07:43.0146 4944 Wlansvc - ok
01:07:43.0216 4944 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
01:07:43.0263 4944 WmiAcpi - ok
01:07:43.0342 4944 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
01:07:43.0388 4944 wmiApSrv - ok
01:07:43.0433 4944 WMPNetworkSvc - ok
01:07:43.0468 4944 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
01:07:43.0497 4944 WPCSvc - ok
01:07:43.0549 4944 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
01:07:43.0567 4944 WPDBusEnum - ok
01:07:43.0601 4944 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
01:07:43.0647 4944 ws2ifsl - ok
01:07:43.0663 4944 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
01:07:43.0710 4944 wscsvc - ok
01:07:43.0713 4944 WSearch - ok
01:07:43.0914 4944 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
01:07:43.0990 4944 wuauserv - ok
01:07:44.0114 4944 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
01:07:44.0201 4944 WudfPf - ok
01:07:44.0232 4944 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
01:07:44.0276 4944 WUDFRd - ok
01:07:44.0322 4944 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
01:07:44.0368 4944 wudfsvc - ok
01:07:44.0412 4944 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
01:07:44.0462 4944 WwanSvc - ok
01:07:44.0537 4944 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys
01:07:44.0631 4944 yukonw7 - ok
01:07:44.0702 4944 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
01:07:45.0197 4944 \Device\Harddisk0\DR0 - ok
01:07:45.0206 4944 MBR (0x1B8) (250f0789d9bc08602a1c1f29da8ac4ea) \Device\Harddisk2\DR2
01:08:09.0918 4944 \Device\Harddisk2\DR2 - ok
01:08:09.0921 4944 Boot (0x1200) (63a9f81904866df5d46ca81628bf281f) \Device\Harddisk0\DR0\Partition0
01:08:09.0922 4944 \Device\Harddisk0\DR0\Partition0 - ok
01:08:09.0941 4944 Boot (0x1200) (52e966cea2b7678b7caffd7475f9c64d) \Device\Harddisk0\DR0\Partition1
01:08:09.0942 4944 \Device\Harddisk0\DR0\Partition1 - ok
01:08:09.0970 4944 Boot (0x1200) (a4525b2cb799c0c568d50d420b9df666) \Device\Harddisk0\DR0\Partition2
01:08:09.0972 4944 \Device\Harddisk0\DR0\Partition2 - ok
01:08:09.0973 4944 ============================================================
01:08:09.0973 4944 Scan finished
01:08:09.0973 4944 ============================================================
01:08:09.0982 5232 Detected object count: 3
01:08:09.0982 5232 Actual detected object count: 3
01:08:53.0400 5232 HP LaserJet Service ( UnsignedFile.Multi.Generic ) - skipped by user
01:08:53.0400 5232 HP LaserJet Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:08:53.0401 5232 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
01:08:53.0401 5232 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:08:53.0402 5232 VSNService ( UnsignedFile.Multi.Generic ) - skipped by user
01:08:53.0402 5232 VSNService ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
| Themen zu Virenmeldung- hier die Logs |
| anhang, auswertung, avira, downloader, durchgeführt, escan, eset-log, found, freue, gen, installer, loader, local, log, meldungen, onlinescan, programme, programmen, quarantäne, remove, schließe, service, sommerzeit, version, wanted, würde |
Textbox von OTL - wenn OTL auf deutsch ist wird sie mit 
beschriftet
.
