Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: TrojanDownloader:Win32/Adload.Da-Virus

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 30.01.2013, 22:06   #1
Tanija
 
TrojanDownloader:Win32/Adload.Da-Virus - Standard

TrojanDownloader:Win32/Adload.Da-Virus



Hallo,

Windows hat bei mir im Wartungssender folgendes angezeigt: Entfernen des TrojanDownloader:Win32/Adload.Da-Virus

Leider weiß ich nicht, seit wann genau es angezeigt wird, allerdings habe ich auch keine Beeinträchtigungen bemerkt.
Ich habe schon ein Thema mit für mich gleichem Inhalt durchgelesen, weiß jetzt aber trotzdem nicht genau was ich tun soll und hoffe ihr könnt mir helfen.

Hier noch die Ergebnisse von OTL,Gmer:
Angehängte Dateien
Dateityp: txt Extras.Txt (64,2 KB, 186x aufgerufen)
Dateityp: txt OTL.Txt (91,6 KB, 218x aufgerufen)
Dateityp: txt gmer.txt (29,8 KB, 173x aufgerufen)

Alt 31.01.2013, 12:22   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TrojanDownloader:Win32/Adload.Da-Virus - Standard

TrojanDownloader:Win32/Adload.Da-Virus



Hallo und

Mal eine kurze Frage, das ist jetzt nichts speziell gegen dich, ich hätte auch jeden anderen fragen können der die Logs so postet - wo bitte steht, dass die Logs in den Anhang gelegt werden sollen bzw. wo genau hast du das herausgelesen?

Logfiles im Anhang erschweren die Auswertung massivst

Bitte um Erläuterung damit man die Textstelle in der Anleitung für alle Neulinge mal gezielt ändern/verbessern kann. Danke.

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 31.01.2013, 17:39   #3
Tanija
 
TrojanDownloader:Win32/Adload.Da-Virus - Standard

TrojanDownloader:Win32/Adload.Da-Virus



Kein Problem.. Ich hatte auch bemerkt, dass das so nicht stimmt. Allerdings hab ich so ziemlich keine Ahnung und habe leider in den Infos und Hilfe-Seiten nichts Hilfreiches gefunden, wie ich die Logfiles in ner Code-Box poste.
Vllt wäre es gut, wenn ihr das mit in die Seite "für alle Hilfesuchenden" unter Schritt 3 macht. Wäre jetzt mein Vorschlag für alle Unwissenden, die noch kommen.

Mit der Anleitung klappt es aber Danke!

Code:
ATTFilter
OTL logfile created on: 30.01.2013 22:12:31 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Tanja\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5,98 Gb Total Physical Memory | 3,36 Gb Available Physical Memory | 56,13% Memory free
11,96 Gb Paging File | 8,98 Gb Available in Paging File | 75,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 454,98 Gb Total Space | 232,70 Gb Free Space | 51,15% Space Free | Partition Type: NTFS
 
Computer Name: TANJA-VAIO | User Name: Tanja | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.01.30 22:11:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tanja\Desktop\OTL.exe
PRC - [2012.07.18 17:04:33 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.07.18 17:04:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.07.18 17:04:22 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.04.05 10:11:18 | 001,144,704 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
PRC - [2012.04.05 08:17:42 | 000,871,576 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
PRC - [2012.04.05 08:14:40 | 000,371,864 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
PRC - [2012.04.03 10:00:24 | 000,051,128 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
PRC - [2011.02.14 13:23:50 | 000,044,736 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Care\VCService.exe
PRC - [2011.01.29 05:36:18 | 000,081,016 | ---- | M] (Sony of America Corporation) -- C:\Programme\Sony\VAIO Care\listener.exe
PRC - [2010.11.20 13:17:55 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010.05.28 10:14:24 | 000,205,168 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
PRC - [2010.02.19 18:19:24 | 000,529,776 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
PRC - [2009.11.30 18:20:00 | 000,112,488 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe
PRC - [2009.10.24 02:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2009.10.15 15:34:36 | 000,427,304 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
PRC - [2009.10.15 15:34:36 | 000,091,432 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
PRC - [2009.10.15 15:34:36 | 000,075,048 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
PRC - [2009.10.15 15:34:34 | 000,120,104 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
PRC - [2009.10.15 15:34:34 | 000,070,952 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
PRC - [2009.10.15 13:17:10 | 000,072,192 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\Media Gallery\ElbServer.exe
PRC - [2009.10.13 20:25:54 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009.10.13 20:25:30 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2009.09.14 18:24:08 | 000,206,336 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2009.09.14 17:53:48 | 000,642,416 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2009.06.09 19:07:24 | 000,214,312 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Personalization Manager\VpmLM.exe
PRC - [2008.09.18 09:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2007.11.19 03:19:36 | 000,128,352 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
PRC - [2007.07.24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007.01.04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.01.12 17:12:13 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll
MOD - [2013.01.12 17:11:59 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.01.12 17:11:19 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.01.12 17:11:06 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2009.06.09 18:52:36 | 000,495,616 | ---- | M] () -- C:\Programme\Sony\VAIO Personalization Manager\sqlite3.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2011.01.29 05:36:18 | 000,259,192 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV - [2012.11.05 17:54:52 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.26 09:44:28 | 001,286,784 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Update\VUAgent.exe -- (VUAgent)
SRV - [2012.07.18 17:04:33 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.07.18 17:04:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.02.14 13:23:50 | 000,044,736 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Care\VCService.exe -- (VCService)
SRV - [2010.08.11 08:46:06 | 000,845,312 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV - [2010.05.28 10:14:24 | 000,205,168 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.02.19 18:19:28 | 000,115,568 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV - [2010.02.19 18:19:24 | 000,529,776 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2010.01.09 20:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.11.30 18:51:18 | 000,571,248 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV - [2009.10.24 02:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009.10.15 15:34:36 | 000,427,304 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2009.10.15 15:34:36 | 000,091,432 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe -- (SOHPlMgr)
SRV - [2009.10.15 15:34:36 | 000,075,048 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2009.10.15 15:34:34 | 000,120,104 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2009.10.15 15:34:34 | 000,070,952 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe -- (SOHDBSvr)
SRV - [2009.10.13 20:25:30 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON)
SRV - [2009.09.21 15:24:40 | 001,420,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2009.09.21 15:00:44 | 000,831,760 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2009.09.14 18:24:08 | 000,206,336 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2009.09.14 18:24:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2009.09.14 17:53:48 | 000,642,416 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2009.09.04 22:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009.09.01 20:42:00 | 000,361,840 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV - [2009.08.31 00:59:30 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)
SRV - [2009.08.31 00:59:18 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.09.18 09:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2007.07.24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007.01.04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.07.18 17:04:42 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.07.18 17:04:42 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.07.18 17:04:41 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.14 00:42:32 | 000,093,272 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.10.07 09:12:43 | 000,025,344 | ---- | M] (KOBIL Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KOBCCEX.sys -- (KOBCCEX)
DRV:64bit: - [2010.10.07 09:12:36 | 000,104,576 | ---- | M] (KOBIL Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KOBCCID.sys -- (KOBCCID)
DRV:64bit: - [2010.07.21 16:58:50 | 000,045,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2009.11.18 21:03:16 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009.11.18 21:03:15 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009.11.18 21:03:15 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009.11.18 21:03:13 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2009.11.18 21:02:45 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009.11.06 21:34:48 | 000,084,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009.11.06 21:27:30 | 000,093,696 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci)
DRV:64bit: - [2009.11.05 07:30:19 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.11.04 10:59:59 | 000,253,488 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009.10.27 21:06:59 | 000,151,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009.10.13 20:16:40 | 000,409,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.09.15 21:09:08 | 000,075,776 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe)
DRV:64bit: - [2009.09.15 11:40:42 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64)
DRV:64bit: - [2009.08.19 21:09:21 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2009.07.31 21:02:03 | 000,393,216 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.26 13:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2009.05.20 11:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2007.04.17 10:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007.04.17 19:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\regi.sys -- (regi)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\..\SearchScopes,DefaultScope = {4E74D889-955C-4EB7-A6C3-71D144E1F2C1}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{4E74D889-955C-4EB7-A6C3-71D144E1F2C1}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SVEC
IE - HKCU\..\SearchScopes\{5AFF30F8-EBA6-47A0-8188-29499155AF38}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-0/4?satitle={searchTerms}
IE - HKCU\..\SearchScopes\{6F18D802-A1E3-49EB-AA92-94EF5DAE0B42}: "URL" = hxxp://www.zinio.com/search/index.jsp?s={searchTerms}&rf=sonyie8search
IE - HKCU\..\SearchScopes\{F2BB138A-F4F7-45C1-A738-BF19D35757FD}: "URL" = hxxp://de.shopping.com/?linkin_id=8056363
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "https://flexnow3.uni-giessen.de/flexnow/index.html"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30
FF - prefs.js..network.proxy.type: 0
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Citrix.com/npican: C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Program Files (x86)\Google\Update\1.2.183.7\npGoogleOneClick8.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.05 17:54:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.01.30 22:07:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.05 17:54:53 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.01.30 22:07:28 | 000,000,000 | ---D | M]
 
[2010.10.07 09:17:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tanja\AppData\Roaming\mozilla\Extensions
[2012.11.19 18:39:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tanja\AppData\Roaming\mozilla\Firefox\Profiles\6j3uywea.default\extensions
[2012.09.04 14:12:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.06.20 16:07:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.09.04 14:12:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012.11.05 17:54:53 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.11.05 17:54:49 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.11.05 17:54:49 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.11.05 17:54:49 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.11.05 17:54:49 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.11.05 17:54:49 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.11.05 17:54:49 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (CtxIEInterceptorBHO Class) - {2C4631FF-5CC8-4EBC-A0DF-34C92291759E} - C:\Program Files (x86)\Citrix\ICA Client\IEInterceptor.dll (Citrix Systems, Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.)
O4 - HKCU..\Run: [Elbserver] C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe (Sony Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab (20-20 3D Viewer for IKEA)
O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_Win32.cab (20-20 3D Viewer)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8ABCCEA5-814C-4A5F-9BAB-937AF458DA1D}: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB8C9484-BDD0-485F-9085-847F9BF303D0}: DhcpNameServer = 192.168.2.1 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\ica - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll) - C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll (Citrix Systems, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.01.30 22:11:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Tanja\Desktop\OTL.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.01.30 22:11:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tanja\Desktop\OTL.exe
[2013.01.30 22:10:31 | 000,000,000 | ---- | M] () -- C:\Users\Tanja\defogger_reenable
[2013.01.30 22:07:28 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2013.01.30 22:06:53 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.30 22:06:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.30 11:28:03 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.29 10:28:24 | 000,050,477 | ---- | M] () -- C:\Users\Tanja\Desktop\Defogger.exe
[2013.01.29 09:24:24 | 000,009,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.29 09:24:24 | 000,009,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.29 09:06:05 | 522,784,767 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.21 12:21:24 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.01.21 12:21:24 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.01.21 12:21:24 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.01.21 12:21:24 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.01.21 12:21:24 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.01.18 18:32:57 | 000,400,350 | ---- | M] () -- C:\test.xml
[2013.01.12 17:03:10 | 000,462,560 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.01.09 17:07:25 | 005,379,340 | ---- | M] () -- C:\Users\Tanja\Desktop\A.P.EX_._ProAuPair_Auslandshandbuch2012Small[1].pdf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.01.30 22:10:31 | 000,000,000 | ---- | C] () -- C:\Users\Tanja\defogger_reenable
[2013.01.29 10:28:20 | 000,050,477 | ---- | C] () -- C:\Users\Tanja\Desktop\Defogger.exe
[2013.01.25 17:41:22 | 000,001,141 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
[2013.01.09 17:07:25 | 005,379,340 | ---- | C] () -- C:\Users\Tanja\Desktop\A.P.EX_._ProAuPair_Auslandshandbuch2012Small[1].pdf
[2012.08.06 18:54:50 | 000,000,523 | ---- | C] () -- C:\Windows\eReg.dat
[2011.12.19 07:38:25 | 000,000,221 | ---- | C] () -- C:\ProgramData\MusicStation.xml
[2011.06.03 10:54:37 | 000,000,355 | ---- | C] () -- C:\Users\Tanja\Netzwerk - Verknüpfung.lnk
[2011.02.06 13:14:15 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.09.07 20:26:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2010.06.28 12:11:14 | 000,000,000 | -HSD | M] -- C:\Users\Tanja\AppData\Roaming\.#
[2010.07.02 15:51:10 | 000,000,000 | ---D | M] -- C:\Users\Tanja\AppData\Roaming\Auslogics
[2012.11.19 18:39:39 | 000,000,000 | ---D | M] -- C:\Users\Tanja\AppData\Roaming\DVDVideoSoft
[2012.05.07 14:30:43 | 000,000,000 | ---D | M] -- C:\Users\Tanja\AppData\Roaming\ICAClient
[2011.11.18 20:49:01 | 000,000,000 | ---D | M] -- C:\Users\Tanja\AppData\Roaming\ICQ
[2012.02.26 09:02:13 | 000,000,000 | ---D | M] -- C:\Users\Tanja\AppData\Roaming\Publish Providers
[2012.02.26 09:15:41 | 000,000,000 | ---D | M] -- C:\Users\Tanja\AppData\Roaming\Sony
[2012.09.08 19:44:13 | 000,000,000 | ---D | M] -- C:\Users\Tanja\AppData\Roaming\TuneUp Software
 
========== Purity Check ==========
 
 

< End of report >
         

Code:
ATTFilter
OTL Extras logfile created on: 30.01.2013 22:12:31 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Tanja\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5,98 Gb Total Physical Memory | 3,36 Gb Available Physical Memory | 56,13% Memory free
11,96 Gb Paging File | 8,98 Gb Available in Paging File | 75,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 454,98 Gb Total Space | 232,70 Gb Free Space | 51,15% Space Free | Partition Type: NTFS
 
Computer Name: TANJA-VAIO | User Name: Tanja | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10B442BD-DFB5-4E86-90E0-CFC90BC59E05}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{110645FA-BB19-46CF-B7A2-8E76DDB1CF21}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | 
"{21D03D28-EF68-4C13-AF4E-3CE0CAFA7D95}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{35F51B6B-CDCB-4D72-9260-E3826BFE3E16}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{37BE7AD7-3C1D-47C2-859D-F81BA53FDD0E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{516FCAD6-851D-433F-A983-8BBC3F689FC8}" = lport=138 | protocol=17 | dir=in | app=system | 
"{5393DC26-67E3-44ED-90DE-BED9579C6F43}" = lport=445 | protocol=6 | dir=in | app=system | 
"{57CB749C-D1C9-455E-A2EF-8D383ACBFA2D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{64A3E7FF-AB44-4A6C-AF59-51AD7E9F0D07}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{66D3BED6-D9F6-4D90-89D7-0E12F5AA90E0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{6E21C973-F5DB-4E1C-8978-FE6ECDBB83B0}" = rport=139 | protocol=6 | dir=out | app=system | 
"{705BD42A-28C8-405A-99EB-4010E091D7D2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{7FD074BB-1DEC-4BA0-A01A-AE3594476FBD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{8792BBE2-0F3C-4F06-A2C0-C08761A072D7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{A782875F-F385-4C91-98C9-1071FAF5306B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{AA5344F8-ACA1-48EE-88F0-0B62C5B42B42}" = rport=138 | protocol=17 | dir=out | app=system | 
"{AD05BCE5-1478-451B-9A2F-8C6597DB278B}" = lport=139 | protocol=6 | dir=in | app=system | 
"{B5272B77-9C94-4DCE-8A7C-5C5438DAC172}" = rport=445 | protocol=6 | dir=out | app=system | 
"{C2BC52AF-0E86-4C60-8C0F-EA6E73A2D8A4}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{C2EDCCCF-BA4A-434C-B0C0-0858DBD773E8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{D3282030-F4D6-4EF7-BEA0-790885C55F04}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{DA7059A6-C12F-4933-BE23-9612DD136CC1}" = lport=137 | protocol=17 | dir=in | app=system | 
"{DB4DF86F-03AD-4BD4-81D8-774BFEA7555E}" = rport=137 | protocol=17 | dir=out | app=system | 
"{FE942CA7-A3FA-4350-95A6-7338163E41AC}" = rport=10243 | protocol=6 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{158EA3F7-DDD6-4FAD-BBD8-5185250DDD08}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 
"{18A0B89B-C0D0-4EA7-AE8C-86260A92AD4D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{18CAA21B-4C93-4AAC-98EF-11D80E91A59E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{240EAEB4-9657-4719-8005-776FCD37FD69}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{2DB0E936-E6FE-4609-B6E8-2566FEA183FB}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohcimp.exe | 
"{3D65CA5B-1479-4BF7-8DE0-646294859A6A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{41CC3F14-262B-4484-BF28-C596DF83A90C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{42CE20A8-9C18-4739-8A50-2DD1B059E46F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{51FFC3B5-0A27-4B90-93E0-E3D136E793D7}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{5ACAE82E-8775-409E-8A67-12C96E66304D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{75C739D6-36AD-4310-B21A-D2ECEDA39B38}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{7FDD127F-7E9F-4A9C-B724-E02A6C7742C1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{88CD3C6D-16EC-4165-9F1C-F20CA06BA962}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{8B83A074-395D-4083-B12B-AD01CC148589}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{93078FBE-F6BD-4904-A012-DCBF649FF957}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{94174445-0B46-4AA2-A3C6-551545ACA17C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{9848A389-B4FB-44E2-B43D-31175CA26D9F}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohds.exe | 
"{A62F404F-835B-47DB-A5DC-F281B828099F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{A65C2F8B-3A9D-4532-8EED-CFE8434DF34D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{A7BC2CBC-BD4C-47BC-93D3-D229021EB9CD}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{A80C787D-7903-4511-A2DD-2F0A0281AFB3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{B6C31C9C-027A-419E-A277-038F8DE0B8A1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{BD07967F-E6F2-4866-B51D-F9C6C66B1BF4}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohdms.exe | 
"{C9B9BCDA-E0B2-41C9-9BA0-A8F829550C97}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{EDEA445E-EE0A-4CBD-9448-F8BC2FB858A0}" = protocol=6 | dir=out | app=system | 
"{F6329B86-F4A0-4ECE-BBFB-66D07D24A187}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"TCP Query User{52762EA3-8084-4354-BD62-309285570374}C:\program files (x86)\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe | 
"TCP Query User{A0979C04-FDB8-468D-8BA5-6BF363EC93DA}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | 
"TCP Query User{CD410506-F9C7-4149-BDB1-0DD1B6921569}C:\program files (x86)\aom software\voris\fb\bin\fbserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\aom software\voris\fb\bin\fbserver.exe | 
"UDP Query User{1689C937-5DEF-4054-ADFB-6F5B1A0C3241}C:\program files (x86)\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe | 
"UDP Query User{76A96D1E-8993-41C7-951A-1932A99B8800}C:\program files (x86)\aom software\voris\fb\bin\fbserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\aom software\voris\fb\bin\fbserver.exe | 
"UDP Query User{B4528A71-79F3-4EA7-A003-B5CE778750AD}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP980_series" = Canon MP980 series MP Drivers
"{26A24AE4-039D-4CA4-87B4-2F86416016FF}" = Java(TM) 6 Update 16 (64-bit)
"{393A9268-A428-4F5A-9B20-BD753309A98E}" = Click to Disc MergeModules x64
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{6B7DE186-374B-4873-AEC1-7464DA337DD6}" = VU5x64
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{C37B6246-7D4A-4E5C-BFB4-11C8660BDC99}" = VAIO Movie Story MergeModules x64
"{CCAFF072-4DDB-4846-963D-15F02A8E9472}" = Intel(R) PROSet/Wireless WiFi-Software
"{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F83779DF-E1F5-43A2-A7BE-732F856FADB7}" = Microsoft SQL Server Compact 3.5 SP1 x64 English
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800)
"930E4792BDAEAFB62A9514EE7578775658A5D07C" = Windows Driver Package - Broadcom Bluetooth  (09/09/2009 6.2.0.9405)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel PROSet Wireless
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007C5268-FB1C-49B9-A5E7-37D66DE46B9C}" = Online Plug-in
"{00B03993-F5A1-47B1-9C54-EC8FBDDDE17E}" = VAIO Care
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{12D0BE8D-538C-4AB1-86DE-C540308F50DA}" = VAIO Content Metadata Manager Settings
"{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"{1E450972-E996-4EC1-A4C3-1518A46928D0}" = VAIO Content Metadata Intelligent Network Service Manager
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{1FD416D0-CC16-41D1-A25C-C9986CD8BBAB}" = VAIO Content Metadata Intelligent Analyzing Manager
"{208345BE-27BB-4367-B245-A5B6E764FDD0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = Einstellungen für VAIO-Inhaltsüberwachung
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 35
"{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}" = VAIO Content Metadata XML Interface Library
"{2DE9C112-2482-4D27-AA90-1504DFD9F117}" = Citrix Authentication Manager
"{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = PMB VAIO Edition Guide
"{34DC654E-6E43-4BFA-9E00-6C16CFA7B9F0}" = VAIO Data Restore Tool
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{37531547-B1F4-45E6-98FC-8AF5F2F0EAA4}" = VAIO Content Metadata Manager Settings
"{3ECA0079-088F-4E69-B66A-65D5E687B092}" = KOBIL Chipkartenterminal Treiber V2.2.11s  Build: 20100615.1
"{43EF7CA8-0439-4677-BE6B-749B4562BBB6}" = KOBIL drivers x64x86 installation
"{4427F384-B5BE-4769-B7D0-C784FC321EB1}" = VAIO Content Metadata Intelligent Network Service Manager
"{4882EBF5-CA37-4EF4-BCB8-9B0E78B907D0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D320CE8-79EB-4D45-8C6D-DEF74D84B49A}" = VAIO Window Organizer
"{6D8ED20E-E792-4DAC-BB66-009836CBD80B}" = VAIO Content Monitoring Settings
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{70991E0A-1108-437E-BA7D-085702C670C0}" = 
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7392AA60-133D-4761-94DB-8FBC9B6CD5EA}" = VAIO Content Metadata Intelligent Network Service Manager
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" = VAIO Energie Verwaltung
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8EC50898-E24A-4C0C-A1F2-A71A8DBF291F}" = Citrix Receiver Inside
"{8FA63AA5-7138-4B6F-8404-F18835E2B8F4}" = Media Gallery
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" = 
"{96D8E26D-70CB-44DE-AE50-43095A39E5B2}" = VAIO Entertainment Platform
"{97E038E1-41AD-4C93-BCDC-6A2394AEE352}" = Vegas Movie Studio Platinum 9.0
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9B163B82-3B46-4CE5-BF01-A53E550A8E58}" = Sony Home Network Library
"{9D12A8B5-9D41-4465-BF11-70719EB0CD02}" = VU5x86
"{9DA53D22-D922-494C-B1D7-51CD9BCB9E4A}" = VAIO Hardware Diagnostics
"{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}" = VAIO Update
"{A0791198-3F0C-4FB4-870C-5734C4CB5F16}" = Citrix Receiver (USB)
"{A3563827-B0DB-44DC-B037-15CC4E5E692F}" = VAIO Content Metadata XML Interface Library
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Funktion Einstellungen
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A8517496-CC0A-4539-A8D1-71A14A3FDF87}_is1" = VORIS 2011
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A95187EF-BCF4-4468-B501-C0BAB976ADD1}" = VAIO Personalization Manager
"{AB259D46-F851-41B0-9AFA-AED8998AD68A}" = MusicStation
"{AC050677-EAFC-4B57-8F83-8205F65134D2}" = VAIO Content Metadata XML Interface Library
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.3 - Deutsch
"{B1DADBEB-7F82-4B29-84D6-5F14A020F0A0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"{B48A3CE4-2F1E-45EF-841A-C0A3C407EB0F}" = Self-Service Plug-in
"{B4D8A5FE-83C9-44AB-88C7-9AB30EFE482A}" = Citrix Receiver(Aero)
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{BCA907B6-5A0F-473E-8C63-0FF0CFAEB7B7}" = VAIO Personalization Manager
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C7C7FA4B-40FF-4B4E-A566-1ABF8FAC38BB}" = Citrix Receiver (HDX Flash-Umleitung)
"{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}" = Sony Home Network Library
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{D777101F-1708-46ED-916E-3BE885F78F55}" = Citrix Receiver (DV)
"{DD88F979-FA58-41AC-980C-A6E1A82B61D9}" = Media Gallery
"{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3
"{DF0415CC-0563-407F-B560-9B7F277122C5}" = VAIO BD Menu Data
"{E3DC1111-5D32-40F9-BB81-64E31294C1A4}" = VAIO Personalization Manager
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1432614-6183-49E6-98E8-674485463CFE}" = VAIO Original Function Settings
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" = 
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"Canon MP980 series Benutzerregistrierung" = Canon MP980 series Benutzerregistrierung
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CitrixOnlinePluginPackWeb" = Citrix Receiver
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-PhotoPrint Pro" = Canon Utilities Easy-PhotoPrint Pro
"Google Chrome" = Google Chrome
"InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = VAIO - PMB VAIO Edition Guide
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"MarketingTools" = VAIO Marketing Tools
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.SingleImage" = Microsoft Office Professional 2010
"Smart card bundle_is1" = Smart card bundle 0.10
"VAIO Help and Support" = 
"VAIO Premium Partners" = VAIO Premium Partners
"VAIO screensaver" = VAIO screensaver
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 25.01.2013 12:13:31 | Computer Name = Tanja-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 25.01.2013 12:40:15 | Computer Name = Tanja-VAIO | Source = Microsoft-Windows-RestartManager | ID = 10007
Description = Die Anwendung oder der Dienst "VUAgent" konnte nicht neu gestartet
 werden.
 
Error - 27.01.2013 17:56:03 | Computer Name = Tanja-VAIO | Source = Windows Backup | ID = 4103
Description = 
 
Error - 28.01.2013 04:52:43 | Computer Name = Tanja-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA})
 (Fehlercode = 0x80042000)
 
Error - 28.01.2013 04:52:43 | Computer Name = Tanja-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 28.01.2013 06:13:23 | Computer Name = Tanja-VAIO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567,
 Zeitstempel: 0x4d672ee4  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
 Zeitstempel: 0x4ec4aa8e  Ausnahmecode: 0xc0000374  Fehleroffset: 0x00000000000c40f2
ID
 des fehlerhaften Prozesses: 0x7c0  Startzeit der fehlerhaften Anwendung: 0x01cdfd34d20fb771
Pfad
 der fehlerhaften Anwendung: C:\Windows\Explorer.EXE  Pfad des fehlerhaften Moduls:
 C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: 5882d54d-6933-11e2-84da-f07bcbdf9141
 
Error - 29.01.2013 04:06:24 | Computer Name = Tanja-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA})
 (Fehlercode = 0x80042000)
 
Error - 29.01.2013 04:06:24 | Computer Name = Tanja-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 29.01.2013 06:48:54 | Computer Name = Tanja-VAIO | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 29.01.2013 06:48:54 | Computer Name = Tanja-VAIO | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 29.01.2013 06:48:54 | Computer Name = Tanja-VAIO | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 29.01.2013 06:48:54 | Computer Name = Tanja-VAIO | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
[ System Events ]
Error - 28.01.2013 04:53:15 | Computer Name = Tanja-VAIO | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst Dnscache erreicht.
 
Error - 28.01.2013 04:53:57 | Computer Name = Tanja-VAIO | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst ShellHWDetection erreicht.
 
Error - 28.01.2013 04:55:40 | Computer Name = Tanja-VAIO | Source = Service Control Manager | ID = 7022
Description = Der Dienst "VAIO Media plus Digital Media Server" wurde nicht richtig
 gestartet.
 
Error - 28.01.2013 04:59:13 | Computer Name = Tanja-VAIO | Source = WMPNetworkSvc | ID = 866300
Description = 
 
Error - 28.01.2013 05:01:37 | Computer Name = Tanja-VAIO | Source = Service Control Manager | ID = 7022
Description = Der Dienst "VAIO Care Performance Service" wurde nicht richtig gestartet.
 
Error - 29.01.2013 04:06:23 | Computer Name = Tanja-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Roxio Upnp Server 10 erreicht.
 
Error - 29.01.2013 04:09:18 | Computer Name = Tanja-VAIO | Source = Service Control Manager | ID = 7022
Description = Der Dienst "VAIO Media plus Digital Media Server" wurde nicht richtig
 gestartet.
 
Error - 29.01.2013 04:11:59 | Computer Name = Tanja-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Microsoft .NET Framework NGEN v4.0.30319_X64 erreicht.
 
Error - 29.01.2013 04:17:54 | Computer Name = Tanja-VAIO | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Windows Update" wurde nicht richtig gestartet.
 
Error - 29.01.2013 04:18:18 | Computer Name = Tanja-VAIO | Source = DCOM | ID = 10010
Description = 
 
 
< End of report >
         

Code:
ATTFilter
GMER 2.0.18454 - hxxp://www.gmer.net
Rootkit scan 2013-01-30 22:45:04
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 SAMSUNG_ rev.2AC1 465,76GB
Running: gmer_2.0.18454.exe; Driver: C:\Users\Tanja\AppData\Local\Temp\ugtyrpow.sys


---- User code sections - GMER 2.0 ----

.text  C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe[2740] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                 0000000077a21401 2 bytes [A2, 77]
.text  C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe[2740] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                   0000000077a21419 2 bytes [A2, 77]
.text  C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe[2740] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                 0000000077a21431 2 bytes [A2, 77]
.text  C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe[2740] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                 0000000077a2144a 2 bytes [A2, 77]
.text  ...                                                                                                                                                     * 9
.text  C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe[2740] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                    0000000077a214dd 2 bytes [A2, 77]
.text  C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe[2740] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                             0000000077a214f5 2 bytes [A2, 77]
.text  C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe[2740] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                    0000000077a2150d 2 bytes [A2, 77]
.text  C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe[2740] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                             0000000077a21525 2 bytes [A2, 77]
.text  C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe[2740] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                   0000000077a2153d 2 bytes [A2, 77]
.text  C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe[2740] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                        0000000077a21555 2 bytes [A2, 77]
.text  C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe[2740] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                 0000000077a2156d 2 bytes [A2, 77]
.text  C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe[2740] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                   0000000077a21585 2 bytes [A2, 77]
.text  C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe[2740] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                      0000000077a2159d 2 bytes [A2, 77]
.text  C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe[2740] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                   0000000077a215b5 2 bytes [A2, 77]
.text  C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe[2740] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                 0000000077a215cd 2 bytes [A2, 77]
.text  C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe[2740] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                             0000000077a216b2 2 bytes [A2, 77]
.text  C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe[2740] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                             0000000077a216bd 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17      0000000077a21401 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[2784] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17        0000000077a21419 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17      0000000077a21431 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42      0000000077a2144a 2 bytes [A2, 77]
.text  ...                                                                                                                                                     * 9
.text  C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[2784] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17         0000000077a214dd 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17  0000000077a214f5 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[2784] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17         0000000077a2150d 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17  0000000077a21525 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17        0000000077a2153d 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[2784] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17             0000000077a21555 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17      0000000077a2156d 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17        0000000077a21585 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[2784] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17           0000000077a2159d 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17        0000000077a215b5 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17      0000000077a215cd 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20  0000000077a216b2 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe[2784] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31  0000000077a216bd 2 bytes [A2, 77]
.text  C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2824] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                    0000000077a21401 2 bytes [A2, 77]
.text  C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2824] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                      0000000077a21419 2 bytes [A2, 77]
.text  C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2824] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                    0000000077a21431 2 bytes [A2, 77]
.text  C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2824] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                    0000000077a2144a 2 bytes [A2, 77]
.text  ...                                                                                                                                                     * 9
.text  C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2824] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                       0000000077a214dd 2 bytes [A2, 77]
.text  C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2824] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                0000000077a214f5 2 bytes [A2, 77]
.text  C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2824] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                       0000000077a2150d 2 bytes [A2, 77]
.text  C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2824] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                0000000077a21525 2 bytes [A2, 77]
.text  C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2824] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                      0000000077a2153d 2 bytes [A2, 77]
.text  C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2824] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                           0000000077a21555 2 bytes [A2, 77]
.text  C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2824] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                    0000000077a2156d 2 bytes [A2, 77]
.text  C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2824] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                      0000000077a21585 2 bytes [A2, 77]
.text  C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2824] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                         0000000077a2159d 2 bytes [A2, 77]
.text  C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2824] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                      0000000077a215b5 2 bytes [A2, 77]
.text  C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2824] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                    0000000077a215cd 2 bytes [A2, 77]
.text  C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2824] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                0000000077a216b2 2 bytes [A2, 77]
.text  C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe[2824] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                0000000077a216bd 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                     0000000077a21401 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[3512] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                       0000000077a21419 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                     0000000077a21431 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                     0000000077a2144a 2 bytes [A2, 77]
.text  ...                                                                                                                                                     * 9
.text  C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[3512] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                        0000000077a214dd 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                 0000000077a214f5 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[3512] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                        0000000077a2150d 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                 0000000077a21525 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                       0000000077a2153d 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[3512] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                            0000000077a21555 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                     0000000077a2156d 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                       0000000077a21585 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[3512] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                          0000000077a2159d 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                       0000000077a215b5 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                     0000000077a215cd 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                 0000000077a216b2 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\concentr.exe[3512] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                 0000000077a216bd 2 bytes [A2, 77]
.text  C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe[3664] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                              0000000077a21401 2 bytes [A2, 77]
.text  C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe[3664] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                0000000077a21419 2 bytes [A2, 77]
.text  C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe[3664] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                              0000000077a21431 2 bytes [A2, 77]
.text  C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe[3664] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                              0000000077a2144a 2 bytes [A2, 77]
.text  ...                                                                                                                                                     * 9
.text  C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe[3664] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                 0000000077a214dd 2 bytes [A2, 77]
.text  C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe[3664] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                          0000000077a214f5 2 bytes [A2, 77]
.text  C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe[3664] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                 0000000077a2150d 2 bytes [A2, 77]
.text  C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe[3664] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                          0000000077a21525 2 bytes [A2, 77]
.text  C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe[3664] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                0000000077a2153d 2 bytes [A2, 77]
.text  C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe[3664] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                     0000000077a21555 2 bytes [A2, 77]
.text  C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe[3664] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                              0000000077a2156d 2 bytes [A2, 77]
.text  C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe[3664] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                0000000077a21585 2 bytes [A2, 77]
.text  C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe[3664] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                   0000000077a2159d 2 bytes [A2, 77]
.text  C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe[3664] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                0000000077a215b5 2 bytes [A2, 77]
.text  C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe[3664] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                              0000000077a215cd 2 bytes [A2, 77]
.text  C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe[3664] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                          0000000077a216b2 2 bytes [A2, 77]
.text  C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe[3664] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                          0000000077a216bd 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[1328] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                            0000000077a21401 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[1328] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                              0000000077a21419 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[1328] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                            0000000077a21431 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[1328] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                            0000000077a2144a 2 bytes [A2, 77]
.text  ...                                                                                                                                                     * 9
.text  C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[1328] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                               0000000077a214dd 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[1328] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                        0000000077a214f5 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[1328] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                               0000000077a2150d 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[1328] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                        0000000077a21525 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[1328] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                              0000000077a2153d 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[1328] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                   0000000077a21555 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[1328] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                            0000000077a2156d 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[1328] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                              0000000077a21585 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[1328] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                 0000000077a2159d 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[1328] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                              0000000077a215b5 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[1328] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                            0000000077a215cd 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[1328] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                        0000000077a216b2 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe[1328] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                        0000000077a216bd 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe[1932] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17                     0000000077a21401 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe[1932] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17                       0000000077a21419 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe[1932] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17                     0000000077a21431 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe[1932] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42                     0000000077a2144a 2 bytes [A2, 77]
.text  ...                                                                                                                                                     * 9
.text  C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe[1932] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17                        0000000077a214dd 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe[1932] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17                 0000000077a214f5 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe[1932] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17                        0000000077a2150d 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe[1932] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17                 0000000077a21525 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe[1932] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17                       0000000077a2153d 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe[1932] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17                            0000000077a21555 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe[1932] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17                     0000000077a2156d 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe[1932] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17                       0000000077a21585 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe[1932] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17                          0000000077a2159d 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe[1932] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17                       0000000077a215b5 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe[1932] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17                     0000000077a215cd 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe[1932] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20                 0000000077a216b2 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe[1932] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31                 0000000077a216bd 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[4360] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                     0000000077a21401 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[4360] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                       0000000077a21419 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[4360] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                     0000000077a21431 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[4360] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                     0000000077a2144a 2 bytes [A2, 77]
.text  ...                                                                                                                                                     * 9
.text  C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[4360] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                        0000000077a214dd 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[4360] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                 0000000077a214f5 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[4360] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                        0000000077a2150d 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[4360] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                 0000000077a21525 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[4360] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                       0000000077a2153d 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[4360] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                            0000000077a21555 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[4360] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                     0000000077a2156d 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[4360] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                       0000000077a21585 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[4360] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                          0000000077a2159d 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[4360] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                       0000000077a215b5 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[4360] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                     0000000077a215cd 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[4360] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                 0000000077a216b2 2 bytes [A2, 77]
.text  C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe[4360] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                 0000000077a216bd 2 bytes [A2, 77]

---- Registry - GMER 2.0 ----

Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0017fad003c6                                                                             
Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0c6076d49816                                                                             
Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\f07bcbdf9141                                                                             
Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\f07bcbdf9141@0021d178e4fc                                                                0xC8 0x4F 0x0B 0xE4 ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\f07bcbdf9141@80501b202d02                                                                0x19 0xC3 0x55 0xED ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\f07bcbdf9141@a826d92ef36b                                                                0x64 0x6A 0xE4 0xAB ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\f07bcbdf9141@ec55f9cf9b33                                                                0x1B 0xA4 0x25 0xF8 ...
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0017fad003c6 (not active ControlSet)                                                         
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0c6076d49816 (not active ControlSet)                                                         
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\f07bcbdf9141 (not active ControlSet)                                                         
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\f07bcbdf9141@0021d178e4fc                                                                    0xC8 0x4F 0x0B 0xE4 ...
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\f07bcbdf9141@80501b202d02                                                                    0x19 0xC3 0x55 0xED ...
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\f07bcbdf9141@a826d92ef36b                                                                    0x64 0x6A 0xE4 0xAB ...
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\f07bcbdf9141@ec55f9cf9b33                                                                    0x1B 0xA4 0x25 0xF8 ...

---- EOF - GMER 2.0 ----
         
__________________

Alt 01.02.2013, 10:13   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TrojanDownloader:Win32/Adload.Da-Virus - Standard

TrojanDownloader:Win32/Adload.Da-Virus



Malwarebytes Anti-Rootkit

Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Entpacke das Archiv auf deinem Desktop.
  • Im neu erstellten Ordner starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 01.02.2013, 13:39   #5
Tanija
 
TrojanDownloader:Win32/Adload.Da-Virus - Standard

TrojanDownloader:Win32/Adload.Da-Virus



Wurde wohl nichts gefunden:
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.01.0.1017
www.malwarebytes.org

Database version: v2013.02.01.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Tanja :: TANJA-VAIO [administrator]

01.02.2013 14:17:02
mbar-log-2013-02-01 (14-17-02).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 30302
Time elapsed: 10 minute(s), 7 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
         
Ähm, Ich hatte, bevor ich mich hier gemeldet habe, Avira nen Suchlauf machen lassen. Da wurde auch was in Quarantäne verschoben. Aber es war dann immer noch die Nachricht vom TrojanDownloader da. Ich weiß nicht, ob es hier her passt, aber hier noch der Bericht:
Code:
ATTFilter
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Dienstag, 29. Januar 2013  09:20

Es wird nach 4883591 Virenstämmen gesucht.

Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer   : Avira Free Antivirus
Seriennummer   : 0000149996-ADJIE-0000001
Plattform      : Windows 7 Home Premium
Windowsversion : (Service Pack 1)  [6.1.7601]
Boot Modus     : Normal gebootet
Benutzername   : SYSTEM
Computername   : TANJA-VAIO

Versionsinformationen:
BUILD.DAT      : 12.1.9.1236    40872 Bytes  11.10.2012 15:29:00
AVSCAN.EXE     : 12.3.0.48     468256 Bytes  16.11.2012 12:45:31
AVSCAN.DLL     : 12.3.0.15      66256 Bytes  18.07.2012 16:04:38
LUKE.DLL       : 12.3.0.15      68304 Bytes  18.07.2012 16:04:31
AVSCPLR.DLL    : 12.3.0.27      97064 Bytes  18.07.2012 16:04:24
AVREG.DLL      : 12.3.0.33     232232 Bytes  18.07.2012 16:04:23
VBASE000.VDF   : 7.10.0.0    19875328 Bytes  06.11.2009 18:18:34
VBASE001.VDF   : 7.11.0.0    13342208 Bytes  14.12.2010 23:22:12
VBASE002.VDF   : 7.11.19.170 14374912 Bytes  20.12.2011 23:31:36
VBASE003.VDF   : 7.11.21.238  4472832 Bytes  01.02.2012 09:58:50
VBASE004.VDF   : 7.11.26.44   4329472 Bytes  28.03.2012 22:37:35
VBASE005.VDF   : 7.11.34.116  4034048 Bytes  29.06.2012 16:04:37
VBASE006.VDF   : 7.11.41.250  4902400 Bytes  06.09.2012 13:41:22
VBASE007.VDF   : 7.11.50.230  3904512 Bytes  22.11.2012 15:51:40
VBASE008.VDF   : 7.11.55.142  2214912 Bytes  03.01.2013 13:50:58
VBASE009.VDF   : 7.11.55.143     2048 Bytes  03.01.2013 13:50:58
VBASE010.VDF   : 7.11.55.144     2048 Bytes  03.01.2013 13:50:58
VBASE011.VDF   : 7.11.55.145     2048 Bytes  03.01.2013 13:50:59
VBASE012.VDF   : 7.11.55.146     2048 Bytes  03.01.2013 13:50:59
VBASE013.VDF   : 7.11.55.196   260096 Bytes  04.01.2013 13:50:59
VBASE014.VDF   : 7.11.56.23    206848 Bytes  07.01.2013 11:45:25
VBASE015.VDF   : 7.11.56.83    186880 Bytes  08.01.2013 11:45:30
VBASE016.VDF   : 7.11.56.145   135168 Bytes  09.01.2013 09:55:36
VBASE017.VDF   : 7.11.56.211   139776 Bytes  11.01.2013 16:08:56
VBASE018.VDF   : 7.11.57.11    153088 Bytes  13.01.2013 18:25:30
VBASE019.VDF   : 7.11.57.75    165888 Bytes  15.01.2013 16:24:05
VBASE020.VDF   : 7.11.57.163   190976 Bytes  17.01.2013 16:24:06
VBASE021.VDF   : 7.11.57.219   119808 Bytes  18.01.2013 13:30:38
VBASE022.VDF   : 7.11.58.7     167936 Bytes  21.01.2013 13:30:41
VBASE023.VDF   : 7.11.58.49    140288 Bytes  22.01.2013 14:39:37
VBASE024.VDF   : 7.11.58.119   137728 Bytes  24.01.2013 14:39:38
VBASE025.VDF   : 7.11.58.175   132608 Bytes  25.01.2013 16:18:34
VBASE026.VDF   : 7.11.58.213   116736 Bytes  27.01.2013 21:56:03
VBASE027.VDF   : 7.11.58.236  1738752 Bytes  28.01.2013 21:56:03
VBASE028.VDF   : 7.11.58.237     2048 Bytes  28.01.2013 21:56:04
VBASE029.VDF   : 7.11.58.238     2048 Bytes  28.01.2013 21:56:04
VBASE030.VDF   : 7.11.58.239     2048 Bytes  28.01.2013 21:56:04
VBASE031.VDF   : 7.11.58.248    31744 Bytes  28.01.2013 21:56:04
Engineversion  : 8.2.10.238
AEVDF.DLL      : 8.1.2.10      102772 Bytes  02.08.2012 09:25:23
AESCRIPT.DLL   : 8.1.4.84      467322 Bytes  24.01.2013 14:39:47
AESCN.DLL      : 8.1.10.0      131445 Bytes  13.12.2012 15:08:35
AESBX.DLL      : 8.2.5.12      606578 Bytes  18.07.2012 16:04:20
AERDL.DLL      : 8.2.0.88      643444 Bytes  11.01.2013 09:55:47
AEPACK.DLL     : 8.3.1.2       819574 Bytes  21.12.2012 12:24:05
AEOFFICE.DLL   : 8.1.2.50      201084 Bytes  05.11.2012 15:47:13
AEHEUR.DLL     : 8.1.4.182    5706104 Bytes  24.01.2013 14:39:46
AEHELP.DLL     : 8.1.25.2      258423 Bytes  12.10.2012 13:37:10
AEGEN.DLL      : 8.1.6.16      434549 Bytes  24.01.2013 14:39:39
AEEXP.DLL      : 8.3.0.14      188788 Bytes  24.01.2013 14:39:47
AEEMU.DLL      : 8.1.3.2       393587 Bytes  02.08.2012 09:25:14
AECORE.DLL     : 8.1.30.0      201079 Bytes  13.12.2012 15:08:33
AEBB.DLL       : 8.1.1.4        53619 Bytes  05.11.2012 15:47:04
AVWINLL.DLL    : 12.3.0.15      27344 Bytes  18.07.2012 16:04:25
AVPREF.DLL     : 12.3.0.32      50720 Bytes  16.11.2012 12:45:30
AVREP.DLL      : 12.3.0.15     179208 Bytes  18.07.2012 16:04:23
AVARKT.DLL     : 12.3.0.33     209696 Bytes  16.11.2012 12:45:29
AVEVTLOG.DLL   : 12.3.0.15     169168 Bytes  18.07.2012 16:04:22
SQLITE3.DLL    : 3.7.0.1       398288 Bytes  18.07.2012 16:04:34
AVSMTP.DLL     : 12.3.0.32      63480 Bytes  18.07.2012 16:04:24
NETNT.DLL      : 12.3.0.15      17104 Bytes  18.07.2012 16:04:31
RCIMAGE.DLL    : 12.3.0.31    4444408 Bytes  18.07.2012 16:04:41
RCTEXT.DLL     : 12.3.0.32      98848 Bytes  16.11.2012 12:45:17

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: interaktiv
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, 
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Abweichende Gefahrenkategorien........: +PFS,

Beginn des Suchlaufs: Dienstag, 29. Januar 2013  09:20

Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
    [INFO]      Es wurde kein Virus gefunden!
Masterbootsektor HD1
    [INFO]      Es wurde kein Virus gefunden!
Masterbootsektor HD2
    [INFO]      Es wurde kein Virus gefunden!

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'C:\'
    [INFO]      Es wurde kein Virus gefunden!

Der Suchlauf nach versteckten Objekten wird begonnen.

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'avscan.exe' - '90' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCService.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'AdobeARM.exe' - '72' Modul(e) wurden durchsucht
Durchsuche Prozess 'listener.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'iviRegMgr.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'wfcrun32.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'SelfServicePlugin.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'Receiver.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '82' Modul(e) wurden durchsucht
Durchsuche Prozess 'concentr.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'CNMNSUT.EXE' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'ElbServer.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'VESMgrSub.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAAnotif.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'SOHCImp.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAANTMon.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'SOHPlMgr.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'SOHDs.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'SOHDms.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'VzCdbSvc.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'VcmIAlzMgr.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCFw.exe' - '72' Modul(e) wurden durchsucht
Durchsuche Prozess 'VESMgr.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'uCamMonitor.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'SOHDBSvr.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'PsiService_2.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'PMBDeviceInfoProvider.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'GoogleUpdate.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '42' Modul(e) wurden durchsucht

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '1355' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\'
C:\Users\Tanja\AppData\Local\Temp\jar_cache3342788618231897045.tmp
  [0] Archivtyp: ZIP
  --> avpmfsym/acsyab.class
      [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Themod.ES
  --> avpmfsym/bptfrr.class
      [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Themod.ET
  --> avpmfsym/hrhwjrdgtuabrq.class
      [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Karamel.BQ
  --> avpmfsym/pntkmfgpqthk.class
      [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Lamar.RJ
  --> avpmfsym/qfkwegsfeackrwlgnswjnffs.class
      [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Dermit.GG
  --> avpmfsym/rryjdtbufw.class
      [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Themod.EU
  --> avpmfsym/sjedv.class
      [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Lamar.RK
  --> avpmfsym/vclscmurstlrcefumaftw.class
      [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Themod.EV
  --> avpmfsym/vwsvyuwcktdldbrfjr.class
      [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Treams.JJ
  --> avpmfsym/wsjvnvnbthq.class
      [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Lamar.RL

Beginne mit der Desinfektion:
C:\Users\Tanja\AppData\Local\Temp\jar_cache3342788618231897045.tmp
  [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Lamar.RL
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '56f603b7.qua' verschoben!


Ende des Suchlaufs: Dienstag, 29. Januar 2013  11:14
Benötigte Zeit:  1:50:55 Stunde(n)

Der Suchlauf wurde vollständig durchgeführt.

  46771 Verzeichnisse wurden überprüft
 564901 Dateien wurden geprüft
     10 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      1 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
 564891 Dateien ohne Befall
   4419 Archive wurden durchsucht
      0 Warnungen
      1 Hinweise
 744056 Objekte wurden beim Rootkitscan durchsucht
      0 Versteckte Objekte wurden gefunden
         


Alt 01.02.2013, 14:33   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TrojanDownloader:Win32/Adload.Da-Virus - Standard

TrojanDownloader:Win32/Adload.Da-Virus



Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehlalarm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

__________________
--> TrojanDownloader:Win32/Adload.Da-Virus

Alt 01.02.2013, 15:08   #7
Tanija
 
TrojanDownloader:Win32/Adload.Da-Virus - Standard

TrojanDownloader:Win32/Adload.Da-Virus



Der log ist wohl zu lang.. ich teile ihn
Code:
ATTFilter
15:59:05.0528 6632  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:59:05.0887 6632  ============================================================
15:59:05.0887 6632  Current date / time: 2013/02/01 15:59:05.0887
15:59:05.0887 6632  SystemInfo:
15:59:05.0887 6632  
15:59:05.0887 6632  OS Version: 6.1.7601 ServicePack: 1.0
15:59:05.0887 6632  Product type: Workstation
15:59:05.0887 6632  ComputerName: TANJA-VAIO
15:59:05.0887 6632  UserName: Tanja
15:59:05.0887 6632  Windows directory: C:\Windows
15:59:05.0887 6632  System windows directory: C:\Windows
15:59:05.0887 6632  Running under WOW64
15:59:05.0887 6632  Processor architecture: Intel x64
15:59:05.0887 6632  Number of processors: 4
15:59:05.0887 6632  Page size: 0x1000
15:59:05.0887 6632  Boot type: Normal boot
15:59:05.0887 6632  ============================================================
15:59:06.0293 6632  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:59:06.0293 6632  ============================================================
15:59:06.0293 6632  \Device\Harddisk0\DR0:
15:59:06.0293 6632  MBR partitions:
15:59:06.0293 6632  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x155E000, BlocksNum 0x32000
15:59:06.0293 6632  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1590000, BlocksNum 0x38DF5830
15:59:06.0293 6632  ============================================================
15:59:06.0355 6632  C: <-> \Device\Harddisk0\DR0\Partition2
15:59:06.0355 6632  ============================================================
15:59:06.0355 6632  Initialize success
15:59:06.0355 6632  ============================================================
15:59:19.0459 1164  ============================================================
15:59:19.0459 1164  Scan started
15:59:19.0459 1164  Mode: Manual; 
15:59:19.0459 1164  ============================================================
15:59:19.0787 1164  ================ Scan system memory ========================
15:59:19.0787 1164  System memory - ok
15:59:19.0787 1164  ================ Scan services =============================
15:59:19.0989 1164  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:59:19.0989 1164  1394ohci - ok
15:59:20.0099 1164  [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
15:59:20.0099 1164  ACDaemon - ok
15:59:20.0145 1164  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:59:20.0145 1164  ACPI - ok
15:59:20.0177 1164  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:59:20.0177 1164  AcpiPmi - ok
15:59:20.0223 1164  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:59:20.0223 1164  adp94xx - ok
15:59:20.0255 1164  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:59:20.0270 1164  adpahci - ok
15:59:20.0286 1164  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:59:20.0286 1164  adpu320 - ok
15:59:20.0348 1164  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:59:20.0348 1164  AeLookupSvc - ok
15:59:20.0411 1164  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
15:59:20.0411 1164  AFD - ok
15:59:20.0457 1164  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:59:20.0457 1164  agp440 - ok
15:59:20.0489 1164  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
15:59:20.0489 1164  ALG - ok
15:59:20.0535 1164  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:59:20.0535 1164  aliide - ok
15:59:20.0598 1164  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
15:59:20.0598 1164  amdide - ok
15:59:20.0629 1164  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:59:20.0629 1164  AmdK8 - ok
15:59:20.0660 1164  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
15:59:20.0660 1164  AmdPPM - ok
15:59:20.0691 1164  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:59:20.0691 1164  amdsata - ok
15:59:20.0738 1164  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
15:59:20.0738 1164  amdsbs - ok
15:59:20.0754 1164  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:59:20.0754 1164  amdxata - ok
15:59:20.0847 1164  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:59:20.0847 1164  AntiVirSchedulerService - ok
15:59:20.0879 1164  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:59:20.0879 1164  AntiVirService - ok
15:59:20.0941 1164  [ 1661F9C9E4B0049FA0A5E30264375A87 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
15:59:20.0941 1164  ApfiltrService - ok
15:59:21.0035 1164  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
15:59:21.0035 1164  AppID - ok
15:59:21.0066 1164  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:59:21.0081 1164  AppIDSvc - ok
15:59:21.0128 1164  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
15:59:21.0128 1164  Appinfo - ok
15:59:21.0191 1164  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
15:59:21.0191 1164  arc - ok
15:59:21.0191 1164  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:59:21.0191 1164  arcsas - ok
15:59:21.0253 1164  [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
15:59:21.0253 1164  ArcSoftKsUFilter - ok
15:59:21.0284 1164  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:59:21.0284 1164  AsyncMac - ok
15:59:21.0331 1164  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
15:59:21.0331 1164  atapi - ok
15:59:21.0393 1164  [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
15:59:21.0409 1164  athr - ok
15:59:21.0487 1164  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:59:21.0487 1164  AudioEndpointBuilder - ok
15:59:21.0503 1164  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:59:21.0503 1164  AudioSrv - ok
15:59:21.0596 1164  [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
15:59:21.0612 1164  avgntflt - ok
15:59:21.0659 1164  [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
15:59:21.0659 1164  avipbb - ok
15:59:21.0690 1164  [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
15:59:21.0690 1164  avkmgr - ok
15:59:21.0799 1164  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:59:21.0815 1164  AxInstSV - ok
15:59:21.0846 1164  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
15:59:21.0861 1164  b06bdrv - ok
15:59:21.0924 1164  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:59:21.0924 1164  b57nd60a - ok
15:59:22.0017 1164  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:59:22.0017 1164  BDESVC - ok
15:59:22.0049 1164  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:59:22.0049 1164  Beep - ok
15:59:22.0111 1164  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
15:59:22.0111 1164  BFE - ok
15:59:22.0173 1164  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
15:59:22.0173 1164  BITS - ok
15:59:22.0220 1164  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
15:59:22.0220 1164  blbdrive - ok
15:59:22.0267 1164  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:59:22.0267 1164  bowser - ok
15:59:22.0361 1164  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
15:59:22.0361 1164  BrFiltLo - ok
15:59:22.0361 1164  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
15:59:22.0361 1164  BrFiltUp - ok
15:59:22.0407 1164  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
15:59:22.0407 1164  Browser - ok
15:59:22.0423 1164  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:59:22.0423 1164  Brserid - ok
15:59:22.0439 1164  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:59:22.0454 1164  BrSerWdm - ok
15:59:22.0470 1164  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:59:22.0470 1164  BrUsbMdm - ok
15:59:22.0485 1164  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:59:22.0485 1164  BrUsbSer - ok
15:59:22.0548 1164  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
15:59:22.0548 1164  BthEnum - ok
15:59:22.0563 1164  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
15:59:22.0563 1164  BTHMODEM - ok
15:59:22.0579 1164  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
15:59:22.0579 1164  BthPan - ok
15:59:22.0657 1164  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
15:59:22.0657 1164  BTHPORT - ok
15:59:22.0704 1164  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
15:59:22.0704 1164  bthserv - ok
15:59:22.0719 1164  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
15:59:22.0719 1164  BTHUSB - ok
15:59:22.0751 1164  [ 6E04458E98DAF28826482E41A7A62DF5 ] btusbflt        C:\Windows\system32\drivers\btusbflt.sys
15:59:22.0751 1164  btusbflt - ok
15:59:22.0797 1164  [ 4BDBDB86ABBA924E029FB2683BE7C505 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
15:59:22.0797 1164  btwaudio - ok
15:59:22.0829 1164  [ 5C849BD7C78791C5CEE9F4651D7FE38D ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
15:59:22.0829 1164  btwavdt - ok
15:59:22.0938 1164  [ 31DA517946FFE416442E864592548F8A ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
15:59:22.0953 1164  btwdins - ok
15:59:22.0969 1164  [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
15:59:22.0969 1164  btwl2cap - ok
15:59:22.0985 1164  [ 3E1991AFA851A36DC978B0A1B0535C8B ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
15:59:22.0985 1164  btwrchid - ok
15:59:23.0016 1164  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:59:23.0016 1164  cdfs - ok
15:59:23.0078 1164  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
15:59:23.0078 1164  cdrom - ok
15:59:23.0125 1164  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
15:59:23.0125 1164  CertPropSvc - ok
15:59:23.0156 1164  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
15:59:23.0156 1164  circlass - ok
15:59:23.0203 1164  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
15:59:23.0203 1164  CLFS - ok
15:59:23.0281 1164  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:59:23.0281 1164  clr_optimization_v2.0.50727_32 - ok
15:59:23.0343 1164  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:59:23.0359 1164  clr_optimization_v2.0.50727_64 - ok
15:59:23.0437 1164  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:59:23.0437 1164  clr_optimization_v4.0.30319_32 - ok
15:59:23.0468 1164  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:59:23.0484 1164  clr_optimization_v4.0.30319_64 - ok
15:59:23.0515 1164  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
15:59:23.0515 1164  CmBatt - ok
15:59:23.0531 1164  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:59:23.0531 1164  cmdide - ok
15:59:23.0593 1164  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
15:59:23.0593 1164  CNG - ok
15:59:23.0640 1164  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
15:59:23.0640 1164  Compbatt - ok
15:59:23.0687 1164  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
15:59:23.0687 1164  CompositeBus - ok
15:59:23.0702 1164  COMSysApp - ok
15:59:23.0718 1164  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:59:23.0718 1164  crcdisk - ok
15:59:23.0765 1164  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:59:23.0765 1164  CryptSvc - ok
15:59:23.0811 1164  [ F02D7FD231AF76C69A8F09C619DEE384 ] ctxusbm         C:\Windows\system32\DRIVERS\ctxusbm.sys
15:59:23.0811 1164  ctxusbm - ok
15:59:23.0874 1164  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:59:23.0874 1164  DcomLaunch - ok
15:59:23.0905 1164  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
15:59:23.0921 1164  defragsvc - ok
15:59:23.0999 1164  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:59:23.0999 1164  DfsC - ok
15:59:24.0030 1164  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:59:24.0030 1164  Dhcp - ok
15:59:24.0077 1164  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
15:59:24.0077 1164  discache - ok
15:59:24.0108 1164  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
15:59:24.0108 1164  Disk - ok
15:59:24.0170 1164  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:59:24.0170 1164  Dnscache - ok
15:59:24.0233 1164  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:59:24.0233 1164  dot3svc - ok
15:59:24.0279 1164  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
15:59:24.0279 1164  DPS - ok
15:59:24.0295 1164  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:59:24.0295 1164  drmkaud - ok
15:59:24.0357 1164  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:59:24.0357 1164  DXGKrnl - ok
15:59:24.0389 1164  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
15:59:24.0389 1164  EapHost - ok
15:59:24.0482 1164  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
15:59:24.0513 1164  ebdrv - ok
15:59:24.0560 1164  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
15:59:24.0560 1164  EFS - ok
15:59:24.0654 1164  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:59:24.0654 1164  ehRecvr - ok
15:59:24.0685 1164  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
15:59:24.0685 1164  ehSched - ok
15:59:24.0732 1164  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:59:24.0747 1164  elxstor - ok
15:59:24.0779 1164  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:59:24.0779 1164  ErrDev - ok
15:59:24.0841 1164  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
15:59:24.0857 1164  EventSystem - ok
15:59:24.0950 1164  [ 51643EE2712D9212E1E53CA7E8D8EB4A ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:59:24.0966 1164  EvtEng - ok
15:59:24.0997 1164  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
15:59:24.0997 1164  exfat - ok
15:59:25.0028 1164  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:59:25.0028 1164  fastfat - ok
15:59:25.0091 1164  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
15:59:25.0091 1164  Fax - ok
15:59:25.0122 1164  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
15:59:25.0122 1164  fdc - ok
15:59:25.0137 1164  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
15:59:25.0153 1164  fdPHost - ok
15:59:25.0153 1164  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:59:25.0153 1164  FDResPub - ok
15:59:25.0169 1164  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:59:25.0169 1164  FileInfo - ok
15:59:25.0184 1164  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:59:25.0184 1164  Filetrace - ok
15:59:25.0200 1164  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
15:59:25.0200 1164  flpydisk - ok
15:59:25.0231 1164  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:59:25.0231 1164  FltMgr - ok
15:59:25.0293 1164  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
15:59:25.0309 1164  FontCache - ok
15:59:25.0371 1164  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:59:25.0371 1164  FontCache3.0.0.0 - ok
15:59:25.0403 1164  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:59:25.0403 1164  FsDepends - ok
15:59:25.0434 1164  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:59:25.0434 1164  Fs_Rec - ok
15:59:25.0496 1164  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:59:25.0496 1164  fvevol - ok
15:59:25.0527 1164  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:59:25.0543 1164  gagp30kx - ok
15:59:25.0574 1164  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
15:59:25.0590 1164  gpsvc - ok
15:59:25.0637 1164  [ 626A24ED1228580B9518C01930936DF9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:59:25.0637 1164  gupdate - ok
15:59:25.0652 1164  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:59:25.0652 1164  hcw85cir - ok
15:59:25.0715 1164  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:59:25.0715 1164  HdAudAddService - ok
15:59:25.0746 1164  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
15:59:25.0746 1164  HDAudBus - ok
15:59:25.0777 1164  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
15:59:25.0777 1164  HidBatt - ok
15:59:25.0793 1164  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
15:59:25.0808 1164  HidBth - ok
15:59:25.0824 1164  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:59:25.0839 1164  HidIr - ok
15:59:25.0855 1164  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
15:59:25.0855 1164  hidserv - ok
15:59:25.0933 1164  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:59:25.0933 1164  HidUsb - ok
15:59:25.0995 1164  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:59:25.0995 1164  hkmsvc - ok
15:59:26.0042 1164  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:59:26.0058 1164  HomeGroupListener - ok
15:59:26.0120 1164  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:59:26.0120 1164  HomeGroupProvider - ok
15:59:26.0183 1164  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:59:26.0183 1164  HpSAMD - ok
15:59:26.0245 1164  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:59:26.0245 1164  HTTP - ok
15:59:26.0292 1164  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:59:26.0292 1164  hwpolicy - ok
15:59:26.0354 1164  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:59:26.0354 1164  i8042prt - ok
15:59:26.0401 1164  [ 660BF3255A1EB18ED803FD2FBA6AE400 ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
15:59:26.0417 1164  IAANTMON - ok
15:59:26.0448 1164  [ BE7D72FCF442C26975942007E0831241 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
15:59:26.0448 1164  iaStor - ok
15:59:26.0495 1164  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:59:26.0495 1164  iaStorV - ok
15:59:26.0604 1164  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:59:26.0619 1164  idsvc - ok
15:59:26.0651 1164  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:59:26.0651 1164  iirsp - ok
15:59:26.0713 1164  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
15:59:26.0713 1164  IKEEXT - ok
15:59:26.0775 1164  [ 4FF8A2082D78255D2EB169F986BCC981 ] Impcd           C:\Windows\system32\drivers\Impcd.sys
15:59:26.0775 1164  Impcd - ok
15:59:26.0869 1164  [ 2E3B99E8C23BE2BF32EBE1DB5261F275 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:59:26.0885 1164  IntcAzAudAddService - ok
15:59:26.0947 1164  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
15:59:26.0947 1164  intelide - ok
15:59:26.0978 1164  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
15:59:26.0994 1164  intelppm - ok
15:59:27.0009 1164  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:59:27.0009 1164  IPBusEnum - ok
15:59:27.0072 1164  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:59:27.0072 1164  IpFilterDriver - ok
15:59:27.0119 1164  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:59:27.0134 1164  iphlpsvc - ok
15:59:27.0181 1164  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:59:27.0181 1164  IPMIDRV - ok
15:59:27.0197 1164  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:59:27.0197 1164  IPNAT - ok
15:59:27.0228 1164  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:59:27.0228 1164  IRENUM - ok
15:59:27.0275 1164  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:59:27.0275 1164  isapnp - ok
15:59:27.0290 1164  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:59:27.0290 1164  iScsiPrt - ok
15:59:27.0337 1164  [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr       C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
15:59:27.0337 1164  IviRegMgr - ok
15:59:27.0368 1164  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:59:27.0368 1164  kbdclass - ok
15:59:27.0431 1164  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:59:27.0431 1164  kbdhid - ok
15:59:27.0446 1164  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
15:59:27.0462 1164  KeyIso - ok
15:59:27.0509 1164  [ 322CD7A01A961D94C6EAB640D6427504 ] KOBCCEX         C:\Windows\system32\drivers\KOBCCEX.sys
15:59:27.0524 1164  KOBCCEX - ok
15:59:27.0555 1164  [ 000200AD75DE8363546EECAFF77980FE ] KOBCCID         C:\Windows\system32\drivers\KOBCCID.sys
15:59:27.0555 1164  KOBCCID - ok
15:59:27.0618 1164  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:59:27.0618 1164  KSecDD - ok
15:59:27.0649 1164  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:59:27.0665 1164  KSecPkg - ok
15:59:27.0696 1164  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:59:27.0696 1164  ksthunk - ok
15:59:27.0743 1164  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:59:27.0743 1164  KtmRm - ok
15:59:27.0805 1164  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:59:27.0805 1164  LanmanServer - ok
15:59:27.0852 1164  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:59:27.0867 1164  LanmanWorkstation - ok
15:59:27.0930 1164  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:59:27.0930 1164  lltdio - ok
15:59:27.0945 1164  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:59:27.0961 1164  lltdsvc - ok
15:59:27.0977 1164  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:59:27.0977 1164  lmhosts - ok
15:59:28.0023 1164  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:59:28.0023 1164  LSI_FC - ok
15:59:28.0039 1164  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:59:28.0039 1164  LSI_SAS - ok
15:59:28.0055 1164  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
15:59:28.0055 1164  LSI_SAS2 - ok
15:59:28.0070 1164  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:59:28.0070 1164  LSI_SCSI - ok
15:59:28.0117 1164  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
15:59:28.0117 1164  luafv - ok
15:59:28.0164 1164  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:59:28.0164 1164  Mcx2Svc - ok
15:59:28.0179 1164  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
15:59:28.0179 1164  megasas - ok
15:59:28.0195 1164  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
15:59:28.0195 1164  MegaSR - ok
15:59:28.0226 1164  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
15:59:28.0226 1164  MMCSS - ok
15:59:28.0242 1164  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
15:59:28.0242 1164  Modem - ok
15:59:28.0257 1164  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:59:28.0257 1164  monitor - ok
15:59:28.0320 1164  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:59:28.0320 1164  mouclass - ok
15:59:28.0382 1164  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:59:28.0382 1164  mouhid - ok
15:59:28.0429 1164  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:59:28.0429 1164  mountmgr - ok
15:59:28.0507 1164  [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:59:28.0507 1164  MozillaMaintenance - ok
15:59:28.0554 1164  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:59:28.0554 1164  mpio - ok
15:59:28.0569 1164  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:59:28.0569 1164  mpsdrv - ok
15:59:28.0632 1164  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:59:28.0632 1164  MpsSvc - ok
15:59:28.0694 1164  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:59:28.0694 1164  MRxDAV - ok
15:59:28.0741 1164  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:59:28.0741 1164  mrxsmb - ok
15:59:28.0788 1164  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:59:28.0788 1164  mrxsmb10 - ok
15:59:28.0819 1164  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:59:28.0819 1164  mrxsmb20 - ok
15:59:28.0835 1164  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:59:28.0835 1164  msahci - ok
15:59:28.0850 1164  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:59:28.0850 1164  msdsm - ok
15:59:28.0881 1164  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
15:59:28.0881 1164  MSDTC - ok
15:59:28.0928 1164  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:59:28.0928 1164  Msfs - ok
15:59:28.0944 1164  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:59:28.0944 1164  mshidkmdf - ok
15:59:28.0991 1164  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:59:28.0991 1164  msisadrv - ok
15:59:29.0037 1164  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:59:29.0037 1164  MSiSCSI - ok
15:59:29.0037 1164  msiserver - ok
15:59:29.0069 1164  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:59:29.0069 1164  MSKSSRV - ok
15:59:29.0084 1164  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:59:29.0084 1164  MSPCLOCK - ok
15:59:29.0115 1164  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:59:29.0115 1164  MSPQM - ok
15:59:29.0147 1164  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:59:29.0162 1164  MsRPC - ok
15:59:29.0178 1164  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
15:59:29.0178 1164  mssmbios - ok
15:59:29.0209 1164  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:59:29.0209 1164  MSTEE - ok
15:59:29.0225 1164  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
15:59:29.0225 1164  MTConfig - ok
15:59:29.0256 1164  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:59:29.0256 1164  Mup - ok
15:59:29.0303 1164  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
15:59:29.0318 1164  napagent - ok
15:59:29.0365 1164  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:59:29.0365 1164  NativeWifiP - ok
15:59:29.0427 1164  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:59:29.0443 1164  NDIS - ok
15:59:29.0459 1164  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:59:29.0459 1164  NdisCap - ok
15:59:29.0505 1164  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:59:29.0505 1164  NdisTapi - ok
15:59:29.0552 1164  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:59:29.0552 1164  Ndisuio - ok
15:59:29.0599 1164  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:59:29.0599 1164  NdisWan - ok
15:59:29.0646 1164  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:59:29.0646 1164  NDProxy - ok
15:59:29.0677 1164  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:59:29.0677 1164  NetBIOS - ok
15:59:29.0724 1164  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:59:29.0739 1164  NetBT - ok
15:59:29.0755 1164  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
15:59:29.0755 1164  Netlogon - ok
15:59:29.0817 1164  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
15:59:29.0817 1164  Netman - ok
15:59:29.0833 1164  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
15:59:29.0849 1164  netprofm - ok
15:59:29.0880 1164  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:59:29.0895 1164  NetTcpPortSharing - ok
15:59:30.0036 1164  [ 4D85A450EDEF10C38882182753A49AAE ] NETw5s64        C:\Windows\system32\DRIVERS\NETw5s64.sys
15:59:30.0161 1164  NETw5s64 - ok
15:59:30.0192 1164  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:59:30.0192 1164  nfrd960 - ok
15:59:30.0270 1164  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:59:30.0270 1164  NlaSvc - ok
15:59:30.0285 1164  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:59:30.0285 1164  Npfs - ok
15:59:30.0317 1164  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
15:59:30.0317 1164  nsi - ok
15:59:30.0317 1164  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:59:30.0332 1164  nsiproxy - ok
15:59:30.0395 1164  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:59:30.0410 1164  Ntfs - ok
15:59:30.0426 1164  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
15:59:30.0426 1164  Null - ok
15:59:30.0488 1164  [ AD37248BD442D41C9A896E53EB8A85EE ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
15:59:30.0488 1164  NVHDA - ok
15:59:30.0707 1164  [ CA8447574E9DAE22250C723819D3EF96 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:59:30.0925 1164  nvlddmkm - ok
15:59:30.0956 1164  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:59:30.0956 1164  nvraid - ok
15:59:30.0987 1164  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:59:30.0987 1164  nvstor - ok
15:59:31.0034 1164  [ AD1E49BCEB5D446A271C43BFA8FD71D2 ] nvsvc           C:\Windows\system32\nvvsvc.exe
15:59:31.0034 1164  nvsvc - ok
15:59:31.0065 1164  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:59:31.0065 1164  nv_agp - ok
15:59:31.0112 1164  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:59:31.0112 1164  ohci1394 - ok
15:59:31.0190 1164  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:59:31.0190 1164  ose - ok
15:59:31.0346 1164  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:59:31.0424 1164  osppsvc - ok
15:59:31.0487 1164  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:59:31.0487 1164  p2pimsvc - ok
15:59:31.0518 1164  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:59:31.0518 1164  p2psvc - ok
15:59:31.0549 1164  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
15:59:31.0549 1164  Parport - ok
15:59:31.0580 1164  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:59:31.0580 1164  partmgr - ok
15:59:31.0611 1164  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:59:31.0611 1164  PcaSvc - ok
15:59:31.0658 1164  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
15:59:31.0674 1164  pci - ok
15:59:31.0705 1164  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
15:59:31.0705 1164  pciide - ok
15:59:31.0736 1164  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:59:31.0736 1164  pcmcia - ok
15:59:31.0752 1164  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:59:31.0752 1164  pcw - ok
15:59:31.0767 1164  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:59:31.0783 1164  PEAUTH - ok
15:59:31.0861 1164  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:59:31.0861 1164  PerfHost - ok
15:59:31.0939 1164  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
15:59:31.0955 1164  pla - ok
15:59:32.0001 1164  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:59:32.0001 1164  PlugPlay - ok
15:59:32.0111 1164  [ 627FA58ADC043704F9D14CA44340956F ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
15:59:32.0111 1164  PMBDeviceInfoProvider - ok
15:59:32.0126 1164  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:59:32.0142 1164  PNRPAutoReg - ok
15:59:32.0157 1164  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:59:32.0157 1164  PNRPsvc - ok
15:59:32.0204 1164  [ B8D8EC78B0F9ED8E220506181274F3D3 ] Point64         C:\Windows\system32\DRIVERS\point64.sys
15:59:32.0204 1164  Point64 - ok
15:59:32.0251 1164  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:59:32.0251 1164  PolicyAgent - ok
15:59:32.0298 1164  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
15:59:32.0298 1164  Power - ok
15:59:32.0360 1164  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:59:32.0360 1164  PptpMiniport - ok
15:59:32.0376 1164  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
15:59:32.0376 1164  Processor - ok
15:59:32.0438 1164  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:59:32.0438 1164  ProfSvc - ok
15:59:32.0454 1164  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:59:32.0454 1164  ProtectedStorage - ok
15:59:32.0516 1164  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:59:32.0516 1164  Psched - ok
15:59:32.0547 1164  [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2       C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
15:59:32.0547 1164  PSI_SVC_2 - ok
15:59:32.0579 1164  [ AED797CCA02783296C68AA10D0CFF8A9 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
15:59:32.0579 1164  PxHlpa64 - ok
15:59:32.0625 1164  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:59:32.0641 1164  ql2300 - ok
15:59:32.0672 1164  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:59:32.0672 1164  ql40xx - ok
15:59:32.0719 1164  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
15:59:32.0719 1164  QWAVE - ok
15:59:32.0735 1164  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:59:32.0735 1164  QWAVEdrv - ok
15:59:32.0766 1164  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:59:32.0766 1164  RasAcd - ok
15:59:32.0797 1164  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:59:32.0797 1164  RasAgileVpn - ok
15:59:32.0813 1164  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
15:59:32.0813 1164  RasAuto - ok
15:59:32.0859 1164  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:59:32.0859 1164  Rasl2tp - ok
15:59:32.0906 1164  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
15:59:32.0906 1164  RasMan - ok
15:59:32.0937 1164  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:59:32.0937 1164  RasPppoe - ok
15:59:32.0953 1164  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:59:32.0953 1164  RasSstp - ok
15:59:33.0000 1164  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:59:33.0000 1164  rdbss - ok
15:59:33.0015 1164  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
15:59:33.0015 1164  rdpbus - ok
15:59:33.0031 1164  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:59:33.0031 1164  RDPCDD - ok
15:59:33.0062 1164  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:59:33.0062 1164  RDPENCDD - ok
15:59:33.0078 1164  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:59:33.0078 1164  RDPREFMP - ok
15:59:33.0125 1164  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:59:33.0125 1164  RDPWD - ok
15:59:33.0187 1164  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:59:33.0187 1164  rdyboost - ok
15:59:33.0218 1164  [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi            C:\Windows\system32\drivers\regi.sys
15:59:33.0234 1164  regi - ok
15:59:33.0312 1164  [ 3B71B5B91E7DCA93585D5A86C897ADC4 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:59:33.0327 1164  RegSrvc - ok
15:59:33.0359 1164  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:59:33.0359 1164  RemoteAccess - ok
15:59:33.0405 1164  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:59:33.0405 1164  RemoteRegistry - ok
15:59:33.0452 1164  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
15:59:33.0452 1164  RFCOMM - ok
15:59:33.0515 1164  [ 5CA4ABD888B602551B59BAA26941C167 ] rimspci         C:\Windows\system32\drivers\rimssne64.sys
15:59:33.0515 1164  rimspci - ok
15:59:33.0561 1164  [ BB6E138AEB351728959DA5E2731D8140 ] risdsnpe        C:\Windows\system32\drivers\risdsne64.sys
15:59:33.0561 1164  risdsnpe - ok
15:59:33.0608 1164  [ D151224BC11078895A60FA970728FF59 ] Roxio UPnP Renderer 10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
15:59:33.0608 1164  Roxio UPnP Renderer 10 - ok
15:59:33.0639 1164  [ 5022A927944878BD750960BD21E751AF ] Roxio Upnp Server 10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
15:59:33.0639 1164  Roxio Upnp Server 10 - ok
15:59:33.0686 1164  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:59:33.0686 1164  RpcEptMapper - ok
15:59:33.0717 1164  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
15:59:33.0717 1164  RpcLocator - ok
15:59:33.0780 1164  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
15:59:33.0780 1164  RpcSs - ok
15:59:33.0827 1164  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:59:33.0827 1164  rspndr - ok
15:59:33.0936 1164  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
15:59:33.0936 1164  SamSs - ok
15:59:33.0983 1164  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:59:33.0983 1164  sbp2port - ok
15:59:34.0029 1164  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:59:34.0029 1164  SCardSvr - ok
15:59:34.0076 1164  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:59:34.0076 1164  scfilter - ok
15:59:34.0139 1164  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
15:59:34.0154 1164  Schedule - ok
15:59:34.0185 1164  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:59:34.0185 1164  SCPolicySvc - ok
15:59:34.0217 1164  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\drivers\sdbus.sys
15:59:34.0217 1164  sdbus - ok
15:59:34.0248 1164  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:59:34.0263 1164  SDRSVC - ok
15:59:34.0295 1164  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:59:34.0295 1164  secdrv - ok
15:59:34.0310 1164  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
15:59:34.0310 1164  seclogon - ok
15:59:34.0357 1164  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
15:59:34.0357 1164  SENS - ok
15:59:34.0388 1164  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:59:34.0388 1164  SensrSvc - ok
15:59:34.0419 1164  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
15:59:34.0419 1164  Serenum - ok
15:59:34.0466 1164  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
15:59:34.0466 1164  Serial - ok
15:59:34.0497 1164  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:59:34.0497 1164  sermouse - ok
15:59:34.0544 1164  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:59:34.0560 1164  SessionEnv - ok
15:59:34.0607 1164  [ 70F9C476B62DE4F2823E918A6C181ADE ] SFEP            C:\Windows\system32\drivers\SFEP.sys
15:59:34.0607 1164  SFEP - ok
15:59:34.0638 1164  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:59:34.0638 1164  sffdisk - ok
15:59:34.0653 1164  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:59:34.0653 1164  sffp_mmc - ok
15:59:34.0669 1164  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:59:34.0669 1164  sffp_sd - ok
15:59:34.0685 1164  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:59:34.0685 1164  sfloppy - ok
15:59:34.0731 1164  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:59:34.0731 1164  SharedAccess - ok
15:59:34.0778 1164  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:59:34.0794 1164  ShellHWDetection - ok
15:59:34.0825 1164  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
15:59:34.0825 1164  SiSRaid2 - ok
15:59:34.0841 1164  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:59:34.0856 1164  SiSRaid4 - ok
15:59:34.0919 1164  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
15:59:34.0919 1164  SkypeUpdate - ok
15:59:34.0950 1164  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:59:34.0950 1164  Smb - ok
15:59:35.0012 1164  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:59:35.0012 1164  SNMPTRAP - ok
15:59:35.0075 1164  [ 98886C88A1CB13D61672AE2C638B7E1C ] SOHCImp         C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
15:59:35.0075 1164  SOHCImp - ok
15:59:35.0090 1164  [ 442A13F395546F4564C377296D43B564 ] SOHDBSvr        C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
15:59:35.0090 1164  SOHDBSvr - ok
15:59:35.0137 1164  [ 556681BE668D71DC162391A45422B52C ] SOHDms          C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
15:59:35.0137 1164  SOHDms - ok
15:59:35.0153 1164  [ 72B46103E4111439109ACF5882627C24 ] SOHDs           C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
15:59:35.0153 1164  SOHDs - ok
15:59:35.0153 1164  [ 725B6E9CD1959271AC993DC035E1606D ] SOHPlMgr        C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
15:59:35.0168 1164  SOHPlMgr - ok
15:59:35.0199 1164  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:59:35.0199 1164  spldr - ok
15:59:35.0262 1164  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
15:59:35.0262 1164  Spooler - ok
15:59:35.0355 1164  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
15:59:35.0402 1164  sppsvc - ok
15:59:35.0433 1164  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:59:35.0433 1164  sppuinotify - ok
15:59:35.0480 1164  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:59:35.0480 1164  srv - ok
15:59:35.0527 1164  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:59:35.0527 1164  srv2 - ok
15:59:35.0543 1164  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:59:35.0543 1164  srvnet - ok
15:59:35.0574 1164  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:59:35.0589 1164  SSDPSRV - ok
15:59:35.0605 1164  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:59:35.0605 1164  SstpSvc - ok
15:59:35.0621 1164  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
15:59:35.0621 1164  stexstor - ok
15:59:35.0652 1164  [ DECACB6921DED1A38642642685D77DAC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
15:59:35.0652 1164  StillCam - ok
15:59:35.0699 1164  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
15:59:35.0714 1164  stisvc - ok
15:59:35.0745 1164  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
15:59:35.0745 1164  swenum - ok
15:59:35.0792 1164  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
15:59:35.0808 1164  swprv - ok
15:59:35.0870 1164  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
15:59:35.0886 1164  SysMain - ok
15:59:35.0933 1164  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:59:35.0933 1164  TabletInputService - ok
15:59:35.0948 1164  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:59:35.0964 1164  TapiSrv - ok
15:59:35.0979 1164  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
15:59:35.0995 1164  TBS - ok
15:59:36.0073 1164  [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:59:36.0089 1164  Tcpip - ok
15:59:36.0120 1164  [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:59:36.0135 1164  TCPIP6 - ok
15:59:36.0182 1164  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:59:36.0182 1164  tcpipreg - ok
15:59:36.0213 1164  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:59:36.0229 1164  TDPIPE - ok
15:59:36.0276 1164  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:59:36.0276 1164  TDTCP - ok
15:59:36.0323 1164  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:59:36.0323 1164  tdx - ok
15:59:36.0338 1164  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
15:59:36.0338 1164  TermDD - ok
15:59:36.0401 1164  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
15:59:36.0401 1164  TermService - ok
15:59:36.0432 1164  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
15:59:36.0432 1164  Themes - ok
15:59:36.0447 1164  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
15:59:36.0447 1164  THREADORDER - ok
15:59:36.0463 1164  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
15:59:36.0479 1164  TrkWks - ok
15:59:36.0525 1164  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:59:36.0525 1164  TrustedInstaller - ok
15:59:36.0557 1164  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:59:36.0557 1164  tssecsrv - ok
15:59:36.0619 1164  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:59:36.0619 1164  TsUsbFlt - ok
15:59:36.0713 1164  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:59:36.0713 1164  tunnel - ok
15:59:36.0744 1164  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:59:36.0744 1164  uagp35 - ok
15:59:36.0791 1164  [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor     C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
15:59:36.0791 1164  uCamMonitor - ok
15:59:36.0853 1164  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:59:36.0853 1164  udfs - ok
15:59:36.0884 1164  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:59:36.0884 1164  UI0Detect - ok
15:59:36.0900 1164  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:59:36.0900 1164  uliagpkx - ok
15:59:36.0947 1164  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
15:59:36.0947 1164  umbus - ok
15:59:36.0978 1164  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
15:59:36.0978 1164  UmPass - ok
15:59:37.0009 1164  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
15:59:37.0009 1164  upnphost - ok
15:59:37.0025 1164  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:59:37.0025 1164  usbccgp - ok
15:59:37.0071 1164  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:59:37.0071 1164  usbcir - ok
15:59:37.0103 1164  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
15:59:37.0103 1164  usbehci - ok
15:59:37.0149 1164  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:59:37.0149 1164  usbhub - ok
15:59:37.0181 1164  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:59:37.0181 1164  usbohci - ok
15:59:37.0212 1164  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:59:37.0212 1164  usbprint - ok
15:59:37.0227 1164  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:59:37.0227 1164  USBSTOR - ok
15:59:37.0243 1164  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:59:37.0243 1164  usbuhci - ok
15:59:37.0305 1164  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
15:59:37.0305 1164  usbvideo - ok
15:59:37.0337 1164  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
15:59:37.0352 1164  UxSms - ok
15:59:37.0415 1164  [ 4E7135D6D0127067E4CFEE12259F895D ] VAIO Entertainment TV Device Arbitration Service C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
15:59:37.0415 1164  VAIO Entertainment TV Device Arbitration Service - ok
15:59:37.0461 1164  [ 6B31C9CB94927DBEEB62E15275F4CC54 ] VAIO Event Service C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
15:59:37.0461 1164  VAIO Event Service - ok
15:59:37.0539 1164  [ B8C9A7010AFD5CBBE194CB9EF7C4FD14 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
15:59:37.0555 1164  VAIO Power Management - ok
15:59:37.0571 1164  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
15:59:37.0571 1164  VaultSvc - ok
15:59:37.0617 1164  [ 6A740F5FF3246C3BE3DD317299EFC88E ] VCFw            C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
15:59:37.0633 1164  VCFw - ok
15:59:37.0727 1164  [ 10E212BFB7EAB152A64C1AAEC2F7F4E0 ] VcmIAlzMgr      C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
15:59:37.0727 1164  VcmIAlzMgr - ok
15:59:37.0773 1164  [ 9D9B34B430B4DC683112F59C80D20AB8 ] VcmINSMgr       C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
15:59:37.0773 1164  VcmINSMgr - ok
15:59:37.0836 1164  [ 8EFAACCC7BFA1E9031EFDFB01A1B0D69 ] VcmXmlIfHelper  C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
15:59:37.0836 1164  VcmXmlIfHelper - ok
15:59:37.0898 1164  [ D347D3ABE070AA09C22FC37121555D52 ] VCService       C:\Program Files\Sony\VAIO Care\VCService.exe
15:59:37.0914 1164  VCService - ok
15:59:37.0961 1164  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:59:37.0961 1164  vdrvroot - ok
15:59:38.0023 1164  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
15:59:38.0039 1164  vds - ok
15:59:38.0054 1164  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:59:38.0070 1164  vga - ok
15:59:38.0085 1164  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:59:38.0085 1164  VgaSave - ok
15:59:38.0117 1164  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:59:38.0117 1164  vhdmp - ok
15:59:38.0132 1164  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:59:38.0148 1164  viaide - ok
15:59:38.0163 1164  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:59:38.0163 1164  volmgr - ok
15:59:38.0210 1164  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:59:38.0226 1164  volmgrx - ok
15:59:38.0241 1164  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:59:38.0241 1164  volsnap - ok
15:59:38.0288 1164  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:59:38.0288 1164  vsmraid - ok
15:59:38.0351 1164  [ 047F22BDFDAE6DF6F1E47E747A1237A2 ] VSNService      C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
15:59:38.0351 1164  VSNService - ok
15:59:38.0429 1164  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
15:59:38.0444 1164  VSS - ok
15:59:38.0553 1164  [ D2D646D4D686C6996BA1FF96E11BE570 ] VUAgent         C:\Program Files\Sony\VAIO Update\VUAgent.exe
15:59:38.0569 1164  VUAgent - ok
15:59:38.0585 1164  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
15:59:38.0585 1164  vwifibus - ok
15:59:38.0616 1164  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:59:38.0616 1164  vwififlt - ok
15:59:38.0647 1164  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
15:59:38.0663 1164  vwifimp - ok
15:59:38.0678 1164  [ D8BEF4AC1EAC809DBDBD441D6CFF6C4C ] VzCdbSvc        C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
15:59:38.0678 1164  VzCdbSvc - ok
15:59:38.0725 1164  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
15:59:38.0741 1164  W32Time - ok
15:59:38.0756 1164  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:59:38.0756 1164  WacomPen - ok
15:59:38.0819 1164  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:59:38.0819 1164  WANARP - ok
15:59:38.0834 1164  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:59:38.0834 1164  Wanarpv6 - ok
15:59:38.0897 1164  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
15:59:38.0912 1164  wbengine - ok
15:59:38.0928 1164  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:59:38.0943 1164  WbioSrvc - ok
15:59:38.0975 1164  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:59:38.0990 1164  wcncsvc - ok
15:59:39.0021 1164  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:59:39.0021 1164  WcsPlugInService - ok
15:59:39.0037 1164  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
15:59:39.0037 1164  Wd - ok
15:59:39.0099 1164  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:59:39.0099 1164  Wdf01000 - ok
15:59:39.0115 1164  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:59:39.0115 1164  WdiServiceHost - ok
15:59:39.0131 1164  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:59:39.0131 1164  WdiSystemHost - ok
15:59:39.0177 1164  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
15:59:39.0177 1164  WebClient - ok
15:59:39.0193 1164  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:59:39.0193 1164  Wecsvc - ok
15:59:39.0209 1164  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:59:39.0209 1164  wercplsupport - ok
15:59:39.0240 1164  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:59:39.0240 1164  WerSvc - ok
15:59:39.0287 1164  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:59:39.0287 1164  WfpLwf - ok
15:59:39.0302 1164  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:59:39.0302 1164  WIMMount - ok
15:59:39.0318 1164  WinDefend - ok
15:59:39.0318 1164  WinHttpAutoProxySvc - ok
15:59:39.0380 1164  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:59:39.0396 1164  Winmgmt - ok
15:59:39.0458 1164  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
15:59:39.0489 1164  WinRM - ok
15:59:39.0552 1164  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
15:59:39.0552 1164  WinUsb - ok
15:59:39.0583 1164  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:59:39.0599 1164  Wlansvc - ok
15:59:39.0614 1164  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:59:39.0614 1164  WmiAcpi - ok
15:59:39.0661 1164  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:59:39.0661 1164  wmiApSrv - ok
15:59:39.0692 1164  WMPNetworkSvc - ok
15:59:39.0708 1164  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:59:39.0708 1164  WPCSvc - ok
15:59:39.0755 1164  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:59:39.0770 1164  WPDBusEnum - ok
15:59:39.0801 1164  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:59:39.0801 1164  ws2ifsl - ok
         

Alt 01.02.2013, 15:11   #8
Tanija
 
TrojanDownloader:Win32/Adload.Da-Virus - Standard

TrojanDownloader:Win32/Adload.Da-Virus



Hier der Rest
Code:
ATTFilter
15:59:39.0833 1164  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
15:59:39.0833 1164  wscsvc - ok
15:59:39.0833 1164  WSearch - ok
15:59:39.0942 1164  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:59:39.0973 1164  wuauserv - ok
15:59:40.0020 1164  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:59:40.0020 1164  WudfPf - ok
15:59:40.0067 1164  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:59:40.0067 1164  WUDFRd - ok
15:59:40.0113 1164  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:59:40.0113 1164  wudfsvc - ok
15:59:40.0160 1164  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:59:40.0160 1164  WwanSvc - ok
15:59:40.0207 1164  [ 6AFFD75C6807B3DD3AB018E27B88EF95 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
15:59:40.0207 1164  yukonw7 - ok
15:59:40.0254 1164  ================ Scan global ===============================
15:59:40.0285 1164  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:59:40.0316 1164  [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
15:59:40.0332 1164  [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
15:59:40.0363 1164  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:59:40.0394 1164  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:59:40.0410 1164  [Global] - ok
15:59:40.0410 1164  ================ Scan MBR ==================================
15:59:40.0425 1164  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:59:40.0628 1164  \Device\Harddisk0\DR0 - ok
15:59:40.0644 1164  ================ Scan VBR ==================================
15:59:40.0644 1164  [ B075350F0E2E906626AFA655B02DEA20 ] \Device\Harddisk0\DR0\Partition1
15:59:40.0644 1164  \Device\Harddisk0\DR0\Partition1 - ok
15:59:40.0659 1164  [ 6DFC446AC7C7BF87F4EBC2D9F954570F ] \Device\Harddisk0\DR0\Partition2
15:59:40.0659 1164  \Device\Harddisk0\DR0\Partition2 - ok
15:59:40.0659 1164  ============================================================
15:59:40.0659 1164  Scan finished
15:59:40.0659 1164  ============================================================
15:59:40.0659 4572  Detected object count: 0
15:59:40.0659 4572  Actual detected object count: 0
16:00:10.0767 6856  ============================================================
16:00:10.0767 6856  Scan started
16:00:10.0767 6856  Mode: Manual; SigCheck; TDLFS; 
16:00:10.0767 6856  ============================================================
16:00:11.0095 6856  ================ Scan system memory ========================
16:00:11.0095 6856  System memory - ok
16:00:11.0095 6856  ================ Scan services =============================
16:00:11.0672 6856  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:00:11.0860 6856  1394ohci - ok
16:00:12.0156 6856  [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
16:00:12.0172 6856  ACDaemon - ok
16:00:12.0328 6856  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:00:12.0343 6856  ACPI - ok
16:00:12.0406 6856  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:00:13.0061 6856  AcpiPmi - ok
16:00:13.0217 6856  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:00:13.0232 6856  adp94xx - ok
16:00:13.0357 6856  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:00:13.0373 6856  adpahci - ok
16:00:13.0482 6856  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:00:13.0498 6856  adpu320 - ok
16:00:13.0544 6856  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:00:17.0226 6856  AeLookupSvc - ok
16:00:17.0398 6856  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
16:00:17.0507 6856  AFD - ok
16:00:17.0538 6856  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
16:00:17.0554 6856  agp440 - ok
16:00:17.0616 6856  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
16:00:17.0663 6856  ALG - ok
16:00:17.0694 6856  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:00:17.0710 6856  aliide - ok
16:00:17.0725 6856  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
16:00:17.0741 6856  amdide - ok
16:00:17.0803 6856  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
16:00:17.0850 6856  AmdK8 - ok
16:00:17.0928 6856  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
16:00:18.0006 6856  AmdPPM - ok
16:00:18.0053 6856  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:00:18.0068 6856  amdsata - ok
16:00:18.0131 6856  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
16:00:18.0146 6856  amdsbs - ok
16:00:18.0178 6856  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:00:18.0193 6856  amdxata - ok
16:00:18.0287 6856  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
16:00:18.0287 6856  AntiVirSchedulerService - ok
16:00:18.0365 6856  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
16:00:18.0380 6856  AntiVirService - ok
16:00:18.0474 6856  [ 1661F9C9E4B0049FA0A5E30264375A87 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
16:00:18.0490 6856  ApfiltrService - ok
16:00:18.0536 6856  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
16:00:22.0795 6856  AppID - ok
16:00:22.0858 6856  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:00:22.0967 6856  AppIDSvc - ok
16:00:23.0029 6856  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
16:00:23.0092 6856  Appinfo - ok
16:00:23.0123 6856  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
16:00:23.0138 6856  arc - ok
16:00:23.0170 6856  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:00:23.0185 6856  arcsas - ok
16:00:23.0216 6856  [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
16:00:23.0232 6856  ArcSoftKsUFilter - ok
16:00:23.0248 6856  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:00:23.0310 6856  AsyncMac - ok
16:00:23.0341 6856  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
16:00:23.0357 6856  atapi - ok
16:00:23.0466 6856  [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
16:00:23.0497 6856  athr - ok
16:00:23.0575 6856  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:00:23.0653 6856  AudioEndpointBuilder - ok
16:00:23.0669 6856  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:00:23.0731 6856  AudioSrv - ok
16:00:23.0762 6856  [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
16:00:23.0778 6856  avgntflt - ok
16:00:23.0825 6856  [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
16:00:23.0840 6856  avipbb - ok
16:00:23.0903 6856  [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
16:00:23.0918 6856  avkmgr - ok
16:00:23.0965 6856  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:00:24.0028 6856  AxInstSV - ok
16:00:24.0059 6856  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
16:00:24.0090 6856  b06bdrv - ok
16:00:24.0199 6856  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:00:24.0277 6856  b57nd60a - ok
16:00:24.0340 6856  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:00:24.0386 6856  BDESVC - ok
16:00:24.0418 6856  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:00:24.0480 6856  Beep - ok
16:00:24.0527 6856  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
16:00:24.0574 6856  BFE - ok
16:00:24.0636 6856  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
16:00:24.0730 6856  BITS - ok
16:00:24.0761 6856  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
16:00:24.0792 6856  blbdrive - ok
16:00:24.0839 6856  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:00:24.0917 6856  bowser - ok
16:00:25.0010 6856  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
16:00:25.0198 6856  BrFiltLo - ok
16:00:25.0213 6856  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
16:00:25.0229 6856  BrFiltUp - ok
16:00:25.0322 6856  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
16:00:25.0385 6856  Browser - ok
16:00:25.0494 6856  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:00:25.0588 6856  Brserid - ok
16:00:25.0666 6856  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:00:25.0712 6856  BrSerWdm - ok
16:00:25.0728 6856  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:00:25.0790 6856  BrUsbMdm - ok
16:00:25.0822 6856  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:00:25.0853 6856  BrUsbSer - ok
16:00:25.0931 6856  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
16:00:26.0009 6856  BthEnum - ok
16:00:26.0040 6856  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
16:00:26.0087 6856  BTHMODEM - ok
16:00:26.0118 6856  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
16:00:26.0165 6856  BthPan - ok
16:00:26.0352 6856  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
16:00:26.0430 6856  BTHPORT - ok
16:00:26.0492 6856  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
16:00:26.0570 6856  bthserv - ok
16:00:26.0602 6856  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
16:00:26.0648 6856  BTHUSB - ok
16:00:26.0726 6856  [ 6E04458E98DAF28826482E41A7A62DF5 ] btusbflt        C:\Windows\system32\drivers\btusbflt.sys
16:00:26.0726 6856  btusbflt - ok
16:00:26.0804 6856  [ 4BDBDB86ABBA924E029FB2683BE7C505 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
16:00:26.0820 6856  btwaudio - ok
16:00:26.0914 6856  [ 5C849BD7C78791C5CEE9F4651D7FE38D ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
16:00:26.0929 6856  btwavdt - ok
16:00:27.0553 6856  [ 31DA517946FFE416442E864592548F8A ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
16:00:27.0569 6856  btwdins - ok
16:00:27.0600 6856  [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
16:00:27.0616 6856  btwl2cap - ok
16:00:27.0647 6856  [ 3E1991AFA851A36DC978B0A1B0535C8B ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
16:00:27.0662 6856  btwrchid - ok
16:00:27.0694 6856  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:00:27.0772 6856  cdfs - ok
16:00:27.0896 6856  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
16:00:27.0959 6856  cdrom - ok
16:00:28.0006 6856  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
16:00:28.0068 6856  CertPropSvc - ok
16:00:28.0130 6856  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
16:00:28.0162 6856  circlass - ok
16:00:28.0224 6856  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
16:00:28.0240 6856  CLFS - ok
16:00:28.0708 6856  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:00:28.0723 6856  clr_optimization_v2.0.50727_32 - ok
16:00:29.0035 6856  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:00:29.0051 6856  clr_optimization_v2.0.50727_64 - ok
16:00:29.0472 6856  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:00:29.0488 6856  clr_optimization_v4.0.30319_32 - ok
16:00:29.0722 6856  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:00:29.0722 6856  clr_optimization_v4.0.30319_64 - ok
16:00:29.0815 6856  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
16:00:29.0862 6856  CmBatt - ok
16:00:29.0878 6856  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:00:29.0893 6856  cmdide - ok
16:00:29.0987 6856  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
16:00:30.0034 6856  CNG - ok
16:00:30.0096 6856  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
16:00:30.0112 6856  Compbatt - ok
16:00:30.0174 6856  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
16:00:30.0221 6856  CompositeBus - ok
16:00:30.0236 6856  COMSysApp - ok
16:00:30.0252 6856  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:00:30.0268 6856  crcdisk - ok
16:00:30.0377 6856  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:00:30.0455 6856  CryptSvc - ok
16:00:30.0486 6856  [ F02D7FD231AF76C69A8F09C619DEE384 ] ctxusbm         C:\Windows\system32\DRIVERS\ctxusbm.sys
16:00:30.0486 6856  ctxusbm - ok
16:00:30.0533 6856  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:00:30.0626 6856  DcomLaunch - ok
16:00:30.0767 6856  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
16:00:30.0814 6856  defragsvc - ok
16:00:30.0845 6856  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:00:30.0938 6856  DfsC - ok
16:00:31.0079 6856  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:00:31.0172 6856  Dhcp - ok
16:00:31.0204 6856  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
16:00:31.0282 6856  discache - ok
16:00:31.0313 6856  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
16:00:31.0328 6856  Disk - ok
16:00:31.0422 6856  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:00:31.0500 6856  Dnscache - ok
16:00:31.0547 6856  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:00:31.0640 6856  dot3svc - ok
16:00:31.0781 6856  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
16:00:31.0859 6856  DPS - ok
16:00:31.0921 6856  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:00:31.0968 6856  drmkaud - ok
16:00:32.0062 6856  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:00:32.0093 6856  DXGKrnl - ok
16:00:32.0140 6856  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
16:00:32.0218 6856  EapHost - ok
16:00:33.0154 6856  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
16:00:33.0232 6856  ebdrv - ok
16:00:33.0325 6856  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
16:00:33.0372 6856  EFS - ok
16:00:33.0653 6856  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:00:33.0746 6856  ehRecvr - ok
16:00:33.0809 6856  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
16:00:33.0856 6856  ehSched - ok
16:00:34.0074 6856  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
16:00:34.0090 6856  elxstor - ok
16:00:34.0168 6856  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:00:34.0214 6856  ErrDev - ok
16:00:34.0324 6856  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
16:00:34.0402 6856  EventSystem - ok
16:00:34.0651 6856  [ 51643EE2712D9212E1E53CA7E8D8EB4A ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
16:00:34.0682 6856  EvtEng - ok
16:00:34.0760 6856  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
16:00:34.0823 6856  exfat - ok
16:00:34.0901 6856  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:00:34.0994 6856  fastfat - ok
16:00:35.0260 6856  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
16:00:35.0306 6856  Fax - ok
16:00:35.0338 6856  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
16:00:35.0353 6856  fdc - ok
16:00:35.0384 6856  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
16:00:35.0462 6856  fdPHost - ok
16:00:35.0478 6856  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:00:35.0556 6856  FDResPub - ok
16:00:35.0587 6856  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:00:35.0603 6856  FileInfo - ok
16:00:35.0634 6856  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:00:35.0696 6856  Filetrace - ok
16:00:35.0728 6856  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
16:00:35.0759 6856  flpydisk - ok
16:00:35.0884 6856  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:00:35.0899 6856  FltMgr - ok
16:00:36.0258 6856  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
16:00:36.0289 6856  FontCache - ok
16:00:36.0367 6856  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:00:36.0367 6856  FontCache3.0.0.0 - ok
16:00:36.0445 6856  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:00:36.0461 6856  FsDepends - ok
16:00:36.0492 6856  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:00:36.0508 6856  Fs_Rec - ok
16:00:36.0601 6856  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:00:36.0617 6856  fvevol - ok
16:00:36.0695 6856  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:00:36.0695 6856  gagp30kx - ok
16:00:36.0913 6856  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
16:00:36.0991 6856  gpsvc - ok
16:00:37.0178 6856  [ 626A24ED1228580B9518C01930936DF9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:00:37.0194 6856  gupdate - ok
16:00:37.0225 6856  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:00:37.0272 6856  hcw85cir - ok
16:00:37.0397 6856  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:00:37.0459 6856  HdAudAddService - ok
16:00:37.0522 6856  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
16:00:37.0568 6856  HDAudBus - ok
16:00:37.0600 6856  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
16:00:37.0662 6856  HidBatt - ok
16:00:37.0678 6856  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
16:00:37.0740 6856  HidBth - ok
16:00:37.0771 6856  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
16:00:37.0802 6856  HidIr - ok
16:00:37.0849 6856  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
16:00:37.0912 6856  hidserv - ok
16:00:37.0990 6856  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:00:38.0005 6856  HidUsb - ok
16:00:38.0068 6856  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:00:38.0146 6856  hkmsvc - ok
16:00:38.0224 6856  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:00:38.0270 6856  HomeGroupListener - ok
16:00:38.0364 6856  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:00:38.0411 6856  HomeGroupProvider - ok
16:00:38.0489 6856  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:00:38.0489 6856  HpSAMD - ok
16:00:38.0738 6856  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:00:38.0816 6856  HTTP - ok
16:00:38.0863 6856  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:00:38.0879 6856  hwpolicy - ok
16:00:38.0957 6856  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
16:00:38.0972 6856  i8042prt - ok
16:00:39.0253 6856  [ 660BF3255A1EB18ED803FD2FBA6AE400 ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
16:00:39.0269 6856  IAANTMON - ok
16:00:39.0394 6856  [ BE7D72FCF442C26975942007E0831241 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
16:00:39.0425 6856  iaStor - ok
16:00:39.0550 6856  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:00:39.0581 6856  iaStorV - ok
16:00:39.0893 6856  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:00:39.0908 6856  idsvc - ok
16:00:39.0986 6856  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:00:40.0002 6856  iirsp - ok
16:00:40.0314 6856  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
16:00:40.0392 6856  IKEEXT - ok
16:00:40.0454 6856  [ 4FF8A2082D78255D2EB169F986BCC981 ] Impcd           C:\Windows\system32\drivers\Impcd.sys
16:00:40.0517 6856  Impcd - ok
16:00:41.0250 6856  [ 2E3B99E8C23BE2BF32EBE1DB5261F275 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:00:41.0297 6856  IntcAzAudAddService - ok
16:00:41.0344 6856  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
16:00:41.0359 6856  intelide - ok
16:00:41.0422 6856  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
16:00:41.0453 6856  intelppm - ok
16:00:41.0531 6856  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:00:41.0609 6856  IPBusEnum - ok
16:00:41.0671 6856  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:00:41.0734 6856  IpFilterDriver - ok
16:00:41.0905 6856  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:00:42.0030 6856  iphlpsvc - ok
16:00:42.0092 6856  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:00:42.0108 6856  IPMIDRV - ok
16:00:42.0170 6856  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:00:42.0248 6856  IPNAT - ok
16:00:42.0373 6856  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:00:43.0091 6856  IRENUM - ok
16:00:43.0138 6856  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:00:43.0153 6856  isapnp - ok
16:00:43.0262 6856  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:00:43.0294 6856  iScsiPrt - ok
16:00:43.0356 6856  [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr       C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
16:00:43.0356 6856  IviRegMgr - ok
16:00:43.0387 6856  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:00:43.0403 6856  kbdclass - ok
16:00:43.0418 6856  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:00:43.0465 6856  kbdhid - ok
16:00:43.0512 6856  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
16:00:43.0528 6856  KeyIso - ok
16:00:43.0590 6856  [ 322CD7A01A961D94C6EAB640D6427504 ] KOBCCEX         C:\Windows\system32\drivers\KOBCCEX.sys
16:00:43.0637 6856  KOBCCEX - ok
16:00:43.0668 6856  [ 000200AD75DE8363546EECAFF77980FE ] KOBCCID         C:\Windows\system32\drivers\KOBCCID.sys
16:00:43.0715 6856  KOBCCID - ok
16:00:43.0793 6856  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:00:43.0808 6856  KSecDD - ok
16:00:43.0886 6856  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:00:43.0902 6856  KSecPkg - ok
16:00:43.0964 6856  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:00:44.0042 6856  ksthunk - ok
16:00:44.0214 6856  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:00:44.0292 6856  KtmRm - ok
16:00:44.0386 6856  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:00:44.0464 6856  LanmanServer - ok
16:00:44.0510 6856  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:00:44.0557 6856  LanmanWorkstation - ok
16:00:44.0588 6856  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:00:44.0651 6856  lltdio - ok
16:00:44.0698 6856  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:00:44.0729 6856  lltdsvc - ok
16:00:44.0760 6856  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:00:44.0791 6856  lmhosts - ok
16:00:44.0822 6856  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:00:44.0838 6856  LSI_FC - ok
16:00:44.0854 6856  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:00:44.0869 6856  LSI_SAS - ok
16:00:44.0900 6856  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
16:00:44.0916 6856  LSI_SAS2 - ok
16:00:44.0932 6856  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:00:44.0947 6856  LSI_SCSI - ok
16:00:44.0978 6856  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
16:00:45.0056 6856  luafv - ok
16:00:45.0103 6856  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:00:45.0134 6856  Mcx2Svc - ok
16:00:45.0150 6856  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
16:00:45.0150 6856  megasas - ok
16:00:45.0181 6856  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
16:00:45.0181 6856  MegaSR - ok
16:00:45.0228 6856  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
16:00:45.0290 6856  MMCSS - ok
16:00:45.0306 6856  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
16:00:45.0384 6856  Modem - ok
16:00:45.0400 6856  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:00:45.0431 6856  monitor - ok
16:00:45.0462 6856  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:00:45.0478 6856  mouclass - ok
16:00:45.0509 6856  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:00:45.0540 6856  mouhid - ok
16:00:45.0587 6856  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:00:45.0602 6856  mountmgr - ok
16:00:45.0634 6856  [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:00:45.0649 6856  MozillaMaintenance - ok
16:00:45.0696 6856  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:00:45.0712 6856  mpio - ok
16:00:45.0743 6856  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:00:45.0790 6856  mpsdrv - ok
16:00:45.0852 6856  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:00:45.0914 6856  MpsSvc - ok
16:00:45.0992 6856  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:00:46.0024 6856  MRxDAV - ok
16:00:46.0102 6856  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:00:46.0148 6856  mrxsmb - ok
16:00:46.0242 6856  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:00:46.0273 6856  mrxsmb10 - ok
16:00:46.0304 6856  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:00:46.0320 6856  mrxsmb20 - ok
16:00:46.0351 6856  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:00:46.0351 6856  msahci - ok
16:00:46.0382 6856  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:00:46.0398 6856  msdsm - ok
16:00:46.0414 6856  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
16:00:46.0429 6856  MSDTC - ok
16:00:46.0460 6856  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:00:46.0507 6856  Msfs - ok
16:00:46.0523 6856  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:00:46.0570 6856  mshidkmdf - ok
16:00:46.0616 6856  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:00:46.0632 6856  msisadrv - ok
16:00:46.0663 6856  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:00:46.0726 6856  MSiSCSI - ok
16:00:46.0741 6856  msiserver - ok
16:00:46.0757 6856  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:00:46.0819 6856  MSKSSRV - ok
16:00:46.0850 6856  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:00:46.0897 6856  MSPCLOCK - ok
16:00:46.0928 6856  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:00:46.0975 6856  MSPQM - ok
16:00:47.0038 6856  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:00:47.0053 6856  MsRPC - ok
16:00:47.0116 6856  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
16:00:47.0116 6856  mssmbios - ok
16:00:47.0147 6856  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:00:47.0209 6856  MSTEE - ok
16:00:47.0225 6856  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
16:00:47.0240 6856  MTConfig - ok
16:00:47.0256 6856  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
16:00:47.0272 6856  Mup - ok
16:00:47.0318 6856  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
16:00:47.0381 6856  napagent - ok
16:00:47.0474 6856  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:00:47.0506 6856  NativeWifiP - ok
16:00:47.0599 6856  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:00:47.0630 6856  NDIS - ok
16:00:47.0646 6856  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:00:47.0693 6856  NdisCap - ok
16:00:47.0708 6856  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:00:47.0755 6856  NdisTapi - ok
16:00:47.0802 6856  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:00:47.0864 6856  Ndisuio - ok
16:00:47.0927 6856  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:00:47.0974 6856  NdisWan - ok
16:00:48.0020 6856  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:00:48.0083 6856  NDProxy - ok
16:00:48.0114 6856  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:00:48.0176 6856  NetBIOS - ok
16:00:48.0223 6856  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:00:48.0270 6856  NetBT - ok
16:00:48.0301 6856  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
16:00:48.0317 6856  Netlogon - ok
16:00:48.0395 6856  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
16:00:48.0457 6856  Netman - ok
16:00:48.0504 6856  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
16:00:48.0551 6856  netprofm - ok
16:00:48.0598 6856  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:00:48.0613 6856  NetTcpPortSharing - ok
16:00:48.0863 6856  [ 4D85A450EDEF10C38882182753A49AAE ] NETw5s64        C:\Windows\system32\DRIVERS\NETw5s64.sys
16:00:49.0003 6856  NETw5s64 - ok
16:00:49.0034 6856  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:00:49.0050 6856  nfrd960 - ok
16:00:49.0081 6856  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:00:49.0112 6856  NlaSvc - ok
16:00:49.0128 6856  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:00:49.0159 6856  Npfs - ok
16:00:49.0206 6856  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
16:00:49.0268 6856  nsi - ok
16:00:49.0284 6856  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:00:49.0346 6856  nsiproxy - ok
16:00:49.0456 6856  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:00:49.0487 6856  Ntfs - ok
16:00:49.0502 6856  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
16:00:49.0565 6856  Null - ok
16:00:49.0612 6856  [ AD37248BD442D41C9A896E53EB8A85EE ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
16:00:49.0643 6856  NVHDA - ok
16:00:50.0080 6856  [ CA8447574E9DAE22250C723819D3EF96 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:00:50.0298 6856  nvlddmkm - ok
16:00:50.0360 6856  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:00:50.0376 6856  nvraid - ok
16:00:50.0438 6856  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:00:50.0454 6856  nvstor - ok
16:00:50.0516 6856  [ AD1E49BCEB5D446A271C43BFA8FD71D2 ] nvsvc           C:\Windows\system32\nvvsvc.exe
16:00:50.0532 6856  nvsvc - ok
16:00:50.0548 6856  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:00:50.0563 6856  nv_agp - ok
16:00:50.0594 6856  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:00:50.0641 6856  ohci1394 - ok
16:00:50.0688 6856  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:00:50.0704 6856  ose - ok
16:00:50.0906 6856  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:00:51.0031 6856  osppsvc - ok
16:00:51.0094 6856  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:00:51.0109 6856  p2pimsvc - ok
16:00:51.0187 6856  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
16:00:51.0203 6856  p2psvc - ok
16:00:51.0218 6856  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
16:00:51.0234 6856  Parport - ok
16:00:51.0281 6856  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:00:51.0281 6856  partmgr - ok
16:00:51.0328 6856  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:00:51.0359 6856  PcaSvc - ok
16:00:51.0437 6856  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
16:00:51.0452 6856  pci - ok
16:00:51.0468 6856  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
16:00:51.0484 6856  pciide - ok
16:00:51.0499 6856  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:00:51.0530 6856  pcmcia - ok
16:00:51.0546 6856  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:00:51.0562 6856  pcw - ok
16:00:51.0608 6856  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:00:51.0686 6856  PEAUTH - ok
16:00:51.0796 6856  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:00:51.0827 6856  PerfHost - ok
16:00:51.0952 6856  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
16:00:52.0014 6856  pla - ok
16:00:52.0061 6856  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:00:52.0076 6856  PlugPlay - ok
16:00:52.0186 6856  [ 627FA58ADC043704F9D14CA44340956F ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
16:00:52.0201 6856  PMBDeviceInfoProvider - ok
16:00:52.0232 6856  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:00:52.0264 6856  PNRPAutoReg - ok
16:00:52.0295 6856  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:00:52.0310 6856  PNRPsvc - ok
16:00:52.0342 6856  [ B8D8EC78B0F9ED8E220506181274F3D3 ] Point64         C:\Windows\system32\DRIVERS\point64.sys
16:00:52.0357 6856  Point64 - ok
16:00:52.0404 6856  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:00:52.0466 6856  PolicyAgent - ok
16:00:52.0544 6856  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
16:00:52.0607 6856  Power - ok
16:00:52.0638 6856  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:00:52.0685 6856  PptpMiniport - ok
16:00:52.0716 6856  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
16:00:52.0732 6856  Processor - ok
16:00:52.0825 6856  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:00:52.0872 6856  ProfSvc - ok
16:00:52.0903 6856  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:00:52.0919 6856  ProtectedStorage - ok
16:00:52.0950 6856  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:00:53.0012 6856  Psched - ok
16:00:53.0044 6856  [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2       C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
16:00:53.0044 6856  PSI_SVC_2 - ok
16:00:53.0075 6856  [ AED797CCA02783296C68AA10D0CFF8A9 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
16:00:53.0090 6856  PxHlpa64 - ok
16:00:53.0153 6856  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
16:00:53.0200 6856  ql2300 - ok
16:00:53.0246 6856  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:00:53.0262 6856  ql40xx - ok
16:00:53.0309 6856  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
16:00:53.0324 6856  QWAVE - ok
16:00:53.0340 6856  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:00:53.0371 6856  QWAVEdrv - ok
16:00:53.0387 6856  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:00:53.0434 6856  RasAcd - ok
16:00:53.0496 6856  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:00:53.0527 6856  RasAgileVpn - ok
16:00:53.0543 6856  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
16:00:53.0574 6856  RasAuto - ok
16:00:53.0636 6856  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:00:53.0714 6856  Rasl2tp - ok
16:00:53.0761 6856  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
16:00:53.0824 6856  RasMan - ok
16:00:53.0870 6856  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:00:53.0902 6856  RasPppoe - ok
16:00:53.0948 6856  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:00:53.0995 6856  RasSstp - ok
16:00:54.0104 6856  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:00:54.0182 6856  rdbss - ok
16:00:54.0214 6856  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
16:00:54.0276 6856  rdpbus - ok
16:00:54.0292 6856  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:00:54.0338 6856  RDPCDD - ok
16:00:54.0370 6856  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:00:54.0432 6856  RDPENCDD - ok
16:00:54.0448 6856  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:00:54.0494 6856  RDPREFMP - ok
16:00:54.0541 6856  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:00:54.0557 6856  RDPWD - ok
16:00:54.0588 6856  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:00:54.0619 6856  rdyboost - ok
16:00:54.0619 6856  [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi            C:\Windows\system32\drivers\regi.sys
16:00:54.0635 6856  regi - ok
16:00:54.0760 6856  [ 3B71B5B91E7DCA93585D5A86C897ADC4 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
16:00:54.0791 6856  RegSrvc - ok
16:00:54.0822 6856  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:00:54.0869 6856  RemoteAccess - ok
16:00:54.0900 6856  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:00:54.0947 6856  RemoteRegistry - ok
16:00:54.0978 6856  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
16:00:55.0009 6856  RFCOMM - ok
16:00:55.0056 6856  [ 5CA4ABD888B602551B59BAA26941C167 ] rimspci         C:\Windows\system32\drivers\rimssne64.sys
16:00:55.0103 6856  rimspci - ok
16:00:55.0118 6856  [ BB6E138AEB351728959DA5E2731D8140 ] risdsnpe        C:\Windows\system32\drivers\risdsne64.sys
16:00:55.0134 6856  risdsnpe - ok
16:00:55.0212 6856  [ D151224BC11078895A60FA970728FF59 ] Roxio UPnP Renderer 10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
16:00:55.0228 6856  Roxio UPnP Renderer 10 - ok
16:00:55.0259 6856  [ 5022A927944878BD750960BD21E751AF ] Roxio Upnp Server 10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
16:00:55.0274 6856  Roxio Upnp Server 10 - ok
16:00:55.0321 6856  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:00:55.0399 6856  RpcEptMapper - ok
16:00:55.0415 6856  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
16:00:55.0462 6856  RpcLocator - ok
16:00:55.0540 6856  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
16:00:55.0586 6856  RpcSs - ok
16:00:55.0618 6856  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:00:55.0664 6856  rspndr - ok
16:00:55.0696 6856  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
16:00:55.0711 6856  SamSs - ok
16:00:55.0758 6856  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:00:55.0774 6856  sbp2port - ok
16:00:55.0836 6856  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:00:55.0914 6856  SCardSvr - ok
16:00:55.0945 6856  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:00:56.0008 6856  scfilter - ok
16:00:56.0101 6856  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
16:00:56.0148 6856  Schedule - ok
16:00:56.0195 6856  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:00:56.0242 6856  SCPolicySvc - ok
16:00:56.0304 6856  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\drivers\sdbus.sys
16:00:56.0335 6856  sdbus - ok
16:00:56.0382 6856  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:00:56.0413 6856  SDRSVC - ok
16:00:56.0444 6856  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:00:56.0507 6856  secdrv - ok
16:00:56.0554 6856  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
16:00:56.0632 6856  seclogon - ok
16:00:56.0663 6856  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
16:00:56.0710 6856  SENS - ok
16:00:56.0725 6856  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:00:56.0741 6856  SensrSvc - ok
16:00:56.0756 6856  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
16:00:56.0803 6856  Serenum - ok
16:00:56.0834 6856  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
16:00:56.0866 6856  Serial - ok
16:00:56.0912 6856  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
16:00:56.0944 6856  sermouse - ok
16:00:56.0990 6856  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
16:00:57.0053 6856  SessionEnv - ok
16:00:57.0084 6856  [ 70F9C476B62DE4F2823E918A6C181ADE ] SFEP            C:\Windows\system32\drivers\SFEP.sys
16:00:57.0131 6856  SFEP - ok
16:00:57.0178 6856  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:00:57.0209 6856  sffdisk - ok
16:00:57.0224 6856  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:00:57.0256 6856  sffp_mmc - ok
16:00:57.0271 6856  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:00:57.0302 6856  sffp_sd - ok
16:00:57.0349 6856  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:00:57.0365 6856  sfloppy - ok
16:00:57.0412 6856  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:00:57.0490 6856  SharedAccess - ok
16:00:57.0568 6856  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:00:57.0614 6856  ShellHWDetection - ok
16:00:57.0630 6856  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
16:00:57.0646 6856  SiSRaid2 - ok
16:00:57.0661 6856  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:00:57.0677 6856  SiSRaid4 - ok
16:00:57.0755 6856  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
16:00:57.0770 6856  SkypeUpdate - ok
16:00:57.0817 6856  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:00:57.0880 6856  Smb - ok
16:00:57.0911 6856  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:00:57.0958 6856  SNMPTRAP - ok
16:00:58.0036 6856  [ 98886C88A1CB13D61672AE2C638B7E1C ] SOHCImp         C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
16:00:58.0051 6856  SOHCImp - ok
16:00:58.0067 6856  [ 442A13F395546F4564C377296D43B564 ] SOHDBSvr        C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
16:00:58.0067 6856  SOHDBSvr - ok
16:00:58.0114 6856  [ 556681BE668D71DC162391A45422B52C ] SOHDms          C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
16:00:58.0129 6856  SOHDms - ok
16:00:58.0145 6856  [ 72B46103E4111439109ACF5882627C24 ] SOHDs           C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
16:00:58.0145 6856  SOHDs - ok
16:00:58.0160 6856  [ 725B6E9CD1959271AC993DC035E1606D ] SOHPlMgr        C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
16:00:58.0176 6856  SOHPlMgr - ok
16:00:58.0207 6856  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:00:58.0223 6856  spldr - ok
16:00:58.0301 6856  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
16:00:58.0316 6856  Spooler - ok
16:00:58.0488 6856  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
16:00:58.0613 6856  sppsvc - ok
16:00:58.0644 6856  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:00:58.0706 6856  sppuinotify - ok
16:00:58.0753 6856  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:00:58.0816 6856  srv - ok
16:00:58.0847 6856  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:00:58.0878 6856  srv2 - ok
16:00:58.0909 6856  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:00:58.0925 6856  srvnet - ok
16:00:58.0987 6856  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:00:59.0065 6856  SSDPSRV - ok
16:00:59.0081 6856  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:00:59.0128 6856  SstpSvc - ok
16:00:59.0143 6856  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
16:00:59.0159 6856  stexstor - ok
16:00:59.0190 6856  [ DECACB6921DED1A38642642685D77DAC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
16:00:59.0221 6856  StillCam - ok
16:00:59.0284 6856  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
16:00:59.0346 6856  stisvc - ok
16:00:59.0377 6856  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
16:00:59.0377 6856  swenum - ok
16:00:59.0455 6856  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
16:00:59.0533 6856  swprv - ok
16:00:59.0611 6856  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
16:00:59.0674 6856  SysMain - ok
16:00:59.0736 6856  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:00:59.0767 6856  TabletInputService - ok
16:00:59.0798 6856  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:00:59.0845 6856  TapiSrv - ok
16:00:59.0892 6856  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
16:00:59.0954 6856  TBS - ok
16:01:00.0032 6856  [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:01:00.0095 6856  Tcpip - ok
16:01:00.0110 6856  [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:01:00.0173 6856  TCPIP6 - ok
16:01:00.0220 6856  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:01:00.0235 6856  tcpipreg - ok
16:01:00.0266 6856  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:01:00.0282 6856  TDPIPE - ok
16:01:00.0344 6856  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:01:00.0360 6856  TDTCP - ok
16:01:00.0407 6856  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:01:00.0469 6856  tdx - ok
16:01:00.0485 6856  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
16:01:00.0500 6856  TermDD - ok
16:01:00.0578 6856  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
16:01:00.0641 6856  TermService - ok
16:01:00.0672 6856  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
16:01:00.0719 6856  Themes - ok
16:01:00.0750 6856  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
16:01:00.0797 6856  THREADORDER - ok
16:01:00.0828 6856  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
16:01:00.0890 6856  TrkWks - ok
16:01:00.0953 6856  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:01:01.0000 6856  TrustedInstaller - ok
16:01:01.0046 6856  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:01:01.0093 6856  tssecsrv - ok
16:01:01.0156 6856  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:01:01.0171 6856  TsUsbFlt - ok
16:01:01.0218 6856  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:01:01.0280 6856  tunnel - ok
16:01:01.0327 6856  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:01:01.0327 6856  uagp35 - ok
16:01:01.0390 6856  [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor     C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
16:01:01.0390 6856  uCamMonitor - ok
16:01:01.0452 6856  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:01:01.0514 6856  udfs - ok
16:01:01.0561 6856  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:01:01.0577 6856  UI0Detect - ok
16:01:01.0592 6856  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:01:01.0608 6856  uliagpkx - ok
16:01:01.0639 6856  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
16:01:01.0670 6856  umbus - ok
16:01:01.0686 6856  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
16:01:01.0702 6856  UmPass - ok
16:01:01.0733 6856  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
16:01:01.0795 6856  upnphost - ok
16:01:01.0811 6856  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:01:01.0842 6856  usbccgp - ok
16:01:01.0873 6856  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:01:01.0889 6856  usbcir - ok
16:01:01.0936 6856  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
16:01:01.0967 6856  usbehci - ok
16:01:01.0998 6856  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:01:02.0029 6856  usbhub - ok
16:01:02.0060 6856  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
16:01:02.0076 6856  usbohci - ok
16:01:02.0107 6856  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:01:02.0138 6856  usbprint - ok
16:01:02.0154 6856  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:01:02.0170 6856  USBSTOR - ok
16:01:02.0185 6856  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
16:01:02.0216 6856  usbuhci - ok
16:01:02.0279 6856  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
16:01:02.0294 6856  usbvideo - ok
16:01:02.0341 6856  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
16:01:02.0404 6856  UxSms - ok
16:01:02.0497 6856  [ 4E7135D6D0127067E4CFEE12259F895D ] VAIO Entertainment TV Device Arbitration Service C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
16:01:02.0513 6856  VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - warning
16:01:02.0513 6856  VAIO Entertainment TV Device Arbitration Service - detected UnsignedFile.Multi.Generic (1)
16:01:02.0560 6856  [ 6B31C9CB94927DBEEB62E15275F4CC54 ] VAIO Event Service C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
16:01:02.0575 6856  VAIO Event Service - ok
16:01:02.0731 6856  [ B8C9A7010AFD5CBBE194CB9EF7C4FD14 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
16:01:02.0747 6856  VAIO Power Management - ok
16:01:02.0778 6856  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
16:01:02.0794 6856  VaultSvc - ok
16:01:02.0903 6856  [ 6A740F5FF3246C3BE3DD317299EFC88E ] VCFw            C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
16:01:02.0918 6856  VCFw - ok
16:01:02.0996 6856  [ 10E212BFB7EAB152A64C1AAEC2F7F4E0 ] VcmIAlzMgr      C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
16:01:03.0012 6856  VcmIAlzMgr - ok
16:01:03.0090 6856  [ 9D9B34B430B4DC683112F59C80D20AB8 ] VcmINSMgr       C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
16:01:03.0106 6856  VcmINSMgr - ok
16:01:03.0184 6856  [ 8EFAACCC7BFA1E9031EFDFB01A1B0D69 ] VcmXmlIfHelper  C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
16:01:03.0199 6856  VcmXmlIfHelper - ok
16:01:03.0230 6856  [ D347D3ABE070AA09C22FC37121555D52 ] VCService       C:\Program Files\Sony\VAIO Care\VCService.exe
16:01:03.0246 6856  VCService - ok
16:01:03.0308 6856  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:01:03.0324 6856  vdrvroot - ok
16:01:03.0402 6856  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
16:01:03.0464 6856  vds - ok
16:01:03.0511 6856  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:01:03.0542 6856  vga - ok
16:01:03.0558 6856  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:01:03.0605 6856  VgaSave - ok
16:01:03.0667 6856  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:01:03.0683 6856  vhdmp - ok
16:01:03.0745 6856  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:01:03.0745 6856  viaide - ok
16:01:03.0776 6856  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:01:03.0792 6856  volmgr - ok
16:01:03.0870 6856  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:01:03.0886 6856  volmgrx - ok
16:01:03.0979 6856  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:01:03.0995 6856  volsnap - ok
16:01:04.0010 6856  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:01:04.0026 6856  vsmraid - ok
16:01:04.0088 6856  [ 047F22BDFDAE6DF6F1E47E747A1237A2 ] VSNService      C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
16:01:04.0120 6856  VSNService ( UnsignedFile.Multi.Generic ) - warning
16:01:04.0120 6856  VSNService - detected UnsignedFile.Multi.Generic (1)
16:01:04.0182 6856  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
16:01:04.0260 6856  VSS - ok
16:01:04.0369 6856  [ D2D646D4D686C6996BA1FF96E11BE570 ] VUAgent         C:\Program Files\Sony\VAIO Update\VUAgent.exe
16:01:04.0416 6856  VUAgent - ok
16:01:04.0432 6856  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
16:01:04.0463 6856  vwifibus - ok
16:01:04.0478 6856  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:01:04.0510 6856  vwififlt - ok
16:01:04.0525 6856  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
16:01:04.0556 6856  vwifimp - ok
16:01:04.0588 6856  [ D8BEF4AC1EAC809DBDBD441D6CFF6C4C ] VzCdbSvc        C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
16:01:04.0588 6856  VzCdbSvc ( UnsignedFile.Multi.Generic ) - warning
16:01:04.0588 6856  VzCdbSvc - detected UnsignedFile.Multi.Generic (1)
16:01:04.0634 6856  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
16:01:04.0681 6856  W32Time - ok
16:01:04.0712 6856  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:01:04.0744 6856  WacomPen - ok
16:01:04.0790 6856  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:01:04.0853 6856  WANARP - ok
16:01:04.0853 6856  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:01:04.0915 6856  Wanarpv6 - ok
16:01:04.0978 6856  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
16:01:05.0009 6856  wbengine - ok
16:01:05.0056 6856  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:01:05.0071 6856  WbioSrvc - ok
16:01:05.0149 6856  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:01:05.0180 6856  wcncsvc - ok
16:01:05.0196 6856  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:01:05.0212 6856  WcsPlugInService - ok
16:01:05.0243 6856  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
16:01:05.0258 6856  Wd - ok
16:01:05.0321 6856  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:01:05.0336 6856  Wdf01000 - ok
16:01:05.0368 6856  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:01:05.0399 6856  WdiServiceHost - ok
16:01:05.0399 6856  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:01:05.0414 6856  WdiSystemHost - ok
16:01:05.0508 6856  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
16:01:05.0555 6856  WebClient - ok
16:01:05.0586 6856  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:01:05.0664 6856  Wecsvc - ok
16:01:05.0680 6856  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:01:05.0758 6856  wercplsupport - ok
16:01:05.0789 6856  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:01:05.0867 6856  WerSvc - ok
16:01:05.0914 6856  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:01:05.0960 6856  WfpLwf - ok
16:01:05.0976 6856  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:01:05.0992 6856  WIMMount - ok
16:01:06.0023 6856  WinDefend - ok
16:01:06.0038 6856  WinHttpAutoProxySvc - ok
16:01:06.0132 6856  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:01:06.0194 6856  Winmgmt - ok
16:01:06.0319 6856  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
16:01:06.0413 6856  WinRM - ok
16:01:06.0444 6856  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
16:01:06.0491 6856  WinUsb - ok
16:01:06.0569 6856  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:01:06.0616 6856  Wlansvc - ok
16:01:06.0647 6856  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
16:01:06.0678 6856  WmiAcpi - ok
16:01:06.0709 6856  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:01:06.0740 6856  wmiApSrv - ok
16:01:06.0756 6856  WMPNetworkSvc - ok
16:01:06.0772 6856  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:01:06.0787 6856  WPCSvc - ok
16:01:06.0834 6856  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:01:06.0850 6856  WPDBusEnum - ok
16:01:06.0881 6856  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:01:06.0959 6856  ws2ifsl - ok
16:01:06.0990 6856  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
16:01:07.0021 6856  wscsvc - ok
16:01:07.0037 6856  WSearch - ok
16:01:07.0240 6856  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:01:07.0286 6856  wuauserv - ok
16:01:07.0333 6856  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:01:07.0364 6856  WudfPf - ok
16:01:07.0380 6856  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:01:07.0427 6856  WUDFRd - ok
16:01:07.0474 6856  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:01:07.0489 6856  wudfsvc - ok
16:01:07.0552 6856  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:01:07.0598 6856  WwanSvc - ok
16:01:07.0692 6856  [ 6AFFD75C6807B3DD3AB018E27B88EF95 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
16:01:07.0739 6856  yukonw7 - ok
16:01:07.0754 6856  ================ Scan global ===============================
16:01:07.0786 6856  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:01:07.0848 6856  [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
16:01:07.0848 6856  [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
16:01:07.0879 6856  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:01:07.0926 6856  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:01:07.0926 6856  [Global] - ok
16:01:07.0926 6856  ================ Scan MBR ==================================
16:01:07.0942 6856  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:01:08.0285 6856  \Device\Harddisk0\DR0 - ok
16:01:08.0285 6856  ================ Scan VBR ==================================
16:01:08.0285 6856  [ B075350F0E2E906626AFA655B02DEA20 ] \Device\Harddisk0\DR0\Partition1
16:01:08.0285 6856  \Device\Harddisk0\DR0\Partition1 - ok
16:01:08.0316 6856  [ 6DFC446AC7C7BF87F4EBC2D9F954570F ] \Device\Harddisk0\DR0\Partition2
16:01:08.0316 6856  \Device\Harddisk0\DR0\Partition2 - ok
16:01:08.0316 6856  ============================================================
16:01:08.0316 6856  Scan finished
16:01:08.0316 6856  ============================================================
16:01:08.0332 5828  Detected object count: 3
16:01:08.0332 5828  Actual detected object count: 3
16:01:53.0369 5828  VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - skipped by user
16:01:53.0369 5828  VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:01:53.0369 5828  VSNService ( UnsignedFile.Multi.Generic ) - skipped by user
16:01:53.0369 5828  VSNService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:01:53.0369 5828  VzCdbSvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:01:53.0369 5828  VzCdbSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 01.02.2013, 15:20   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TrojanDownloader:Win32/Adload.Da-Virus - Standard

TrojanDownloader:Win32/Adload.Da-Virus



Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm!
  • Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 01.02.2013, 15:47   #10
Tanija
 
TrojanDownloader:Win32/Adload.Da-Virus - Standard

TrojanDownloader:Win32/Adload.Da-Virus



Code:
ATTFilter
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-01 16:45:24
-----------------------------
16:45:24.328    OS Version: Windows x64 6.1.7601 Service Pack 1
16:45:24.328    Number of processors: 4 586 0x2502
16:45:24.328    ComputerName: TANJA-VAIO  UserName: Tanja
16:45:25.966    Initialize success
16:45:34.078    AVAST engine defs: 13020100
16:45:41.473    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
16:45:41.473    Disk 0 Vendor: SAMSUNG_ 2AC1 Size: 476940MB BusType: 3
16:45:41.473    Disk 1  \Device\Harddisk1\DR1 -> \Device\00000067
16:45:41.473    Disk 1 Vendor: RICOH 02 Size: 476940MB BusType: 0
16:45:41.473    Disk 2  \Device\Harddisk2\DR2 -> \Device\00000068
16:45:41.473    Disk 2 Vendor: RICOH 02 Size: 476940MB BusType: 0
16:45:41.520    Disk 0 MBR read successfully
16:45:41.520    Disk 0 MBR scan
16:45:41.520    Disk 0 Windows 7 default MBR code
16:45:41.551    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        10939 MB offset 2048
16:45:41.582    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 22405120
16:45:41.598    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       465899 MB offset 22609920
16:45:41.629    Disk 0 scanning C:\Windows\system32\drivers
16:45:57.057    Service scanning
16:46:26.214    Modules scanning
16:46:26.214    Disk 0 trace - called modules:
16:46:26.245    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll 
16:46:26.245    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006e20060]
16:46:26.245    3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa8005212340]
16:46:26.261    5 ACPI.sys[fffff88000f837a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8006025050]
16:46:26.261    Scan finished successfully
16:46:41.049    Disk 0 MBR has been saved successfully to "C:\Users\Tanja\Desktop\MBR.dat"
16:46:41.049    The log file has been saved successfully to "C:\Users\Tanja\Desktop\aswMBR.txt"
         

Alt 01.02.2013, 15:48   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TrojanDownloader:Win32/Adload.Da-Virus - Standard

TrojanDownloader:Win32/Adload.Da-Virus



adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 01.02.2013, 17:38   #12
Tanija
 
TrojanDownloader:Win32/Adload.Da-Virus - Standard

TrojanDownloader:Win32/Adload.Da-Virus



Code:
ATTFilter
# AdwCleaner v2.109 - Datei am 01/02/2013 um 18:00:16 erstellt
# Aktualisiert am 26/01/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Tanja - TANJA-VAIO
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Tanja\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\ProgramData\Partner

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}

***** [Internet Browser] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v15.0.1 (de)

Datei : C:\Users\Tanja\AppData\Roaming\Mozilla\Firefox\Profiles\6j3uywea.default\prefs.js

C:\Users\Tanja\AppData\Roaming\Mozilla\Firefox\Profiles\6j3uywea.default\user.js ... Gelöscht !

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [1107 octets] - [01/02/2013 18:00:16]

########## EOF - C:\AdwCleaner[S1].txt - [1167 octets] ##########
         
Code:
ATTFilter
OTL Extras logfile created on: 01.02.2013 18:15:01 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Tanja\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5,98 Gb Total Physical Memory | 4,23 Gb Available Physical Memory | 70,76% Memory free
11,96 Gb Paging File | 10,20 Gb Available in Paging File | 85,25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 454,98 Gb Total Space | 231,71 Gb Free Space | 50,93% Space Free | Partition Type: NTFS
 
Computer Name: TANJA-VAIO | User Name: Tanja | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10B442BD-DFB5-4E86-90E0-CFC90BC59E05}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{110645FA-BB19-46CF-B7A2-8E76DDB1CF21}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | 
"{21D03D28-EF68-4C13-AF4E-3CE0CAFA7D95}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{35F51B6B-CDCB-4D72-9260-E3826BFE3E16}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{37BE7AD7-3C1D-47C2-859D-F81BA53FDD0E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{516FCAD6-851D-433F-A983-8BBC3F689FC8}" = lport=138 | protocol=17 | dir=in | app=system | 
"{5393DC26-67E3-44ED-90DE-BED9579C6F43}" = lport=445 | protocol=6 | dir=in | app=system | 
"{57CB749C-D1C9-455E-A2EF-8D383ACBFA2D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{64A3E7FF-AB44-4A6C-AF59-51AD7E9F0D07}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{66D3BED6-D9F6-4D90-89D7-0E12F5AA90E0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{6E21C973-F5DB-4E1C-8978-FE6ECDBB83B0}" = rport=139 | protocol=6 | dir=out | app=system | 
"{705BD42A-28C8-405A-99EB-4010E091D7D2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{7FD074BB-1DEC-4BA0-A01A-AE3594476FBD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{8792BBE2-0F3C-4F06-A2C0-C08761A072D7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{A782875F-F385-4C91-98C9-1071FAF5306B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{AA5344F8-ACA1-48EE-88F0-0B62C5B42B42}" = rport=138 | protocol=17 | dir=out | app=system | 
"{AD05BCE5-1478-451B-9A2F-8C6597DB278B}" = lport=139 | protocol=6 | dir=in | app=system | 
"{B5272B77-9C94-4DCE-8A7C-5C5438DAC172}" = rport=445 | protocol=6 | dir=out | app=system | 
"{C2BC52AF-0E86-4C60-8C0F-EA6E73A2D8A4}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{C2EDCCCF-BA4A-434C-B0C0-0858DBD773E8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{D3282030-F4D6-4EF7-BEA0-790885C55F04}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{DA7059A6-C12F-4933-BE23-9612DD136CC1}" = lport=137 | protocol=17 | dir=in | app=system | 
"{DB4DF86F-03AD-4BD4-81D8-774BFEA7555E}" = rport=137 | protocol=17 | dir=out | app=system | 
"{FE942CA7-A3FA-4350-95A6-7338163E41AC}" = rport=10243 | protocol=6 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{158EA3F7-DDD6-4FAD-BBD8-5185250DDD08}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 
"{18A0B89B-C0D0-4EA7-AE8C-86260A92AD4D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{18CAA21B-4C93-4AAC-98EF-11D80E91A59E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{240EAEB4-9657-4719-8005-776FCD37FD69}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{2DB0E936-E6FE-4609-B6E8-2566FEA183FB}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohcimp.exe | 
"{3D65CA5B-1479-4BF7-8DE0-646294859A6A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{41CC3F14-262B-4484-BF28-C596DF83A90C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{42CE20A8-9C18-4739-8A50-2DD1B059E46F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{51FFC3B5-0A27-4B90-93E0-E3D136E793D7}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{5ACAE82E-8775-409E-8A67-12C96E66304D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{75C739D6-36AD-4310-B21A-D2ECEDA39B38}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{7FDD127F-7E9F-4A9C-B724-E02A6C7742C1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{88CD3C6D-16EC-4165-9F1C-F20CA06BA962}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{8B83A074-395D-4083-B12B-AD01CC148589}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{93078FBE-F6BD-4904-A012-DCBF649FF957}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{94174445-0B46-4AA2-A3C6-551545ACA17C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{9848A389-B4FB-44E2-B43D-31175CA26D9F}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohds.exe | 
"{A62F404F-835B-47DB-A5DC-F281B828099F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{A65C2F8B-3A9D-4532-8EED-CFE8434DF34D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{A7BC2CBC-BD4C-47BC-93D3-D229021EB9CD}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{A80C787D-7903-4511-A2DD-2F0A0281AFB3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{B6C31C9C-027A-419E-A277-038F8DE0B8A1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{BD07967F-E6F2-4866-B51D-F9C6C66B1BF4}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohdms.exe | 
"{C9B9BCDA-E0B2-41C9-9BA0-A8F829550C97}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{EDEA445E-EE0A-4CBD-9448-F8BC2FB858A0}" = protocol=6 | dir=out | app=system | 
"{F6329B86-F4A0-4ECE-BBFB-66D07D24A187}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"TCP Query User{52762EA3-8084-4354-BD62-309285570374}C:\program files (x86)\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe | 
"TCP Query User{A0979C04-FDB8-468D-8BA5-6BF363EC93DA}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | 
"TCP Query User{CD410506-F9C7-4149-BDB1-0DD1B6921569}C:\program files (x86)\aom software\voris\fb\bin\fbserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\aom software\voris\fb\bin\fbserver.exe | 
"UDP Query User{1689C937-5DEF-4054-ADFB-6F5B1A0C3241}C:\program files (x86)\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe | 
"UDP Query User{76A96D1E-8993-41C7-951A-1932A99B8800}C:\program files (x86)\aom software\voris\fb\bin\fbserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\aom software\voris\fb\bin\fbserver.exe | 
"UDP Query User{B4528A71-79F3-4EA7-A003-B5CE778750AD}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP980_series" = Canon MP980 series MP Drivers
"{26A24AE4-039D-4CA4-87B4-2F86416016FF}" = Java(TM) 6 Update 16 (64-bit)
"{393A9268-A428-4F5A-9B20-BD753309A98E}" = Click to Disc MergeModules x64
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{6B7DE186-374B-4873-AEC1-7464DA337DD6}" = VU5x64
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{C37B6246-7D4A-4E5C-BFB4-11C8660BDC99}" = VAIO Movie Story MergeModules x64
"{CCAFF072-4DDB-4846-963D-15F02A8E9472}" = Intel(R) PROSet/Wireless WiFi-Software
"{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F83779DF-E1F5-43A2-A7BE-732F856FADB7}" = Microsoft SQL Server Compact 3.5 SP1 x64 English
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800)
"930E4792BDAEAFB62A9514EE7578775658A5D07C" = Windows Driver Package - Broadcom Bluetooth  (09/09/2009 6.2.0.9405)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel PROSet Wireless
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007C5268-FB1C-49B9-A5E7-37D66DE46B9C}" = Online Plug-in
"{00B03993-F5A1-47B1-9C54-EC8FBDDDE17E}" = VAIO Care
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{12D0BE8D-538C-4AB1-86DE-C540308F50DA}" = VAIO Content Metadata Manager Settings
"{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"{1E450972-E996-4EC1-A4C3-1518A46928D0}" = VAIO Content Metadata Intelligent Network Service Manager
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{1FD416D0-CC16-41D1-A25C-C9986CD8BBAB}" = VAIO Content Metadata Intelligent Analyzing Manager
"{208345BE-27BB-4367-B245-A5B6E764FDD0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = Einstellungen für VAIO-Inhaltsüberwachung
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 35
"{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}" = VAIO Content Metadata XML Interface Library
"{2DE9C112-2482-4D27-AA90-1504DFD9F117}" = Citrix Authentication Manager
"{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = PMB VAIO Edition Guide
"{34DC654E-6E43-4BFA-9E00-6C16CFA7B9F0}" = VAIO Data Restore Tool
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{37531547-B1F4-45E6-98FC-8AF5F2F0EAA4}" = VAIO Content Metadata Manager Settings
"{3ECA0079-088F-4E69-B66A-65D5E687B092}" = KOBIL Chipkartenterminal Treiber V2.2.11s  Build: 20100615.1
"{43EF7CA8-0439-4677-BE6B-749B4562BBB6}" = KOBIL drivers x64x86 installation
"{4427F384-B5BE-4769-B7D0-C784FC321EB1}" = VAIO Content Metadata Intelligent Network Service Manager
"{4882EBF5-CA37-4EF4-BCB8-9B0E78B907D0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D320CE8-79EB-4D45-8C6D-DEF74D84B49A}" = VAIO Window Organizer
"{6D8ED20E-E792-4DAC-BB66-009836CBD80B}" = VAIO Content Monitoring Settings
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{70991E0A-1108-437E-BA7D-085702C670C0}" = 
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7392AA60-133D-4761-94DB-8FBC9B6CD5EA}" = VAIO Content Metadata Intelligent Network Service Manager
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" = VAIO Energie Verwaltung
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8EC50898-E24A-4C0C-A1F2-A71A8DBF291F}" = Citrix Receiver Inside
"{8FA63AA5-7138-4B6F-8404-F18835E2B8F4}" = Media Gallery
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" = 
"{96D8E26D-70CB-44DE-AE50-43095A39E5B2}" = VAIO Entertainment Platform
"{97E038E1-41AD-4C93-BCDC-6A2394AEE352}" = Vegas Movie Studio Platinum 9.0
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9B163B82-3B46-4CE5-BF01-A53E550A8E58}" = Sony Home Network Library
"{9D12A8B5-9D41-4465-BF11-70719EB0CD02}" = VU5x86
"{9DA53D22-D922-494C-B1D7-51CD9BCB9E4A}" = VAIO Hardware Diagnostics
"{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}" = VAIO Update
"{A0791198-3F0C-4FB4-870C-5734C4CB5F16}" = Citrix Receiver (USB)
"{A3563827-B0DB-44DC-B037-15CC4E5E692F}" = VAIO Content Metadata XML Interface Library
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Funktion Einstellungen
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A8517496-CC0A-4539-A8D1-71A14A3FDF87}_is1" = VORIS 2011
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A95187EF-BCF4-4468-B501-C0BAB976ADD1}" = VAIO Personalization Manager
"{AB259D46-F851-41B0-9AFA-AED8998AD68A}" = MusicStation
"{AC050677-EAFC-4B57-8F83-8205F65134D2}" = VAIO Content Metadata XML Interface Library
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.3 - Deutsch
"{B1DADBEB-7F82-4B29-84D6-5F14A020F0A0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"{B48A3CE4-2F1E-45EF-841A-C0A3C407EB0F}" = Self-Service Plug-in
"{B4D8A5FE-83C9-44AB-88C7-9AB30EFE482A}" = Citrix Receiver(Aero)
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{BCA907B6-5A0F-473E-8C63-0FF0CFAEB7B7}" = VAIO Personalization Manager
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C7C7FA4B-40FF-4B4E-A566-1ABF8FAC38BB}" = Citrix Receiver (HDX Flash-Umleitung)
"{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}" = Sony Home Network Library
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{D777101F-1708-46ED-916E-3BE885F78F55}" = Citrix Receiver (DV)
"{DD88F979-FA58-41AC-980C-A6E1A82B61D9}" = Media Gallery
"{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3
"{DF0415CC-0563-407F-B560-9B7F277122C5}" = VAIO BD Menu Data
"{E3DC1111-5D32-40F9-BB81-64E31294C1A4}" = VAIO Personalization Manager
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1432614-6183-49E6-98E8-674485463CFE}" = VAIO Original Function Settings
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" = 
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"Canon MP980 series Benutzerregistrierung" = Canon MP980 series Benutzerregistrierung
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CitrixOnlinePluginPackWeb" = Citrix Receiver
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-PhotoPrint Pro" = Canon Utilities Easy-PhotoPrint Pro
"Google Chrome" = Google Chrome
"InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = VAIO - PMB VAIO Edition Guide
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"MarketingTools" = VAIO Marketing Tools
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.SingleImage" = Microsoft Office Professional 2010
"Smart card bundle_is1" = Smart card bundle 0.10
"VAIO Help and Support" = 
"VAIO Premium Partners" = VAIO Premium Partners
"VAIO screensaver" = VAIO screensaver
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 30.01.2013 18:29:02 | Computer Name = Tanja-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 31.01.2013 13:18:06 | Computer Name = Tanja-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA})
 (Fehlercode = 0x80042000)
 
Error - 31.01.2013 13:18:06 | Computer Name = Tanja-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 01.02.2013 07:53:21 | Computer Name = Tanja-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA})
 (Fehlercode = 0x80042000)
 
Error - 01.02.2013 07:53:22 | Computer Name = Tanja-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 01.02.2013 08:48:09 | Computer Name = Tanja-VAIO | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 01.02.2013 08:48:09 | Computer Name = Tanja-VAIO | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 01.02.2013 08:48:09 | Computer Name = Tanja-VAIO | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 01.02.2013 08:48:09 | Computer Name = Tanja-VAIO | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 01.02.2013 11:45:11 | Computer Name = Tanja-VAIO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: aswMBR.exe, Version: 0.9.9.1707, 
Zeitstempel: 0x509be8bf  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
 Zeitstempel: 0x4ec49b8f  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0002e3be  ID des fehlerhaften
 Prozesses: 0x1448  Startzeit der fehlerhaften Anwendung: 0x01ce0091cfa7b5a2  Pfad der
 fehlerhaften Anwendung: C:\Users\Tanja\Desktop\aswMBR.exe  Pfad des fehlerhaften 
Moduls: C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: 5c12ad6c-6c86-11e2-b76a-54424911efca
 
Error - 01.02.2013 13:02:30 | Computer Name = Tanja-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA})
 (Fehlercode = 0x80042000)
 
Error - 01.02.2013 13:02:30 | Computer Name = Tanja-VAIO | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
[ System Events ]
Error - 01.02.2013 08:00:40 | Computer Name = Tanja-VAIO | Source = Service Control Manager | ID = 7022
Description = Der Dienst "VAIO Care Performance Service" wurde nicht richtig gestartet.
 
Error - 01.02.2013 08:04:17 | Computer Name = Tanja-VAIO | Source = DCOM | ID = 10010
Description = 
 
Error - 01.02.2013 08:04:29 | Computer Name = Tanja-VAIO | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Windows Update" wurde nicht richtig gestartet.
 
Error - 01.02.2013 11:05:54 | Computer Name = Tanja-VAIO | Source = DCOM | ID = 10016
Description = 
 
Error - 01.02.2013 13:02:26 | Computer Name = Tanja-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Roxio Upnp Server 10 erreicht.
 
Error - 01.02.2013 13:05:24 | Computer Name = Tanja-VAIO | Source = Service Control Manager | ID = 7022
Description = Der Dienst "VAIO Media plus Digital Media Server" wurde nicht richtig
 gestartet.
 
Error - 01.02.2013 13:09:03 | Computer Name = Tanja-VAIO | Source = WMPNetworkSvc | ID = 866300
Description = 
 
Error - 01.02.2013 13:11:10 | Computer Name = Tanja-VAIO | Source = Service Control Manager | ID = 7022
Description = Der Dienst "VAIO Care Performance Service" wurde nicht richtig gestartet.
 
Error - 01.02.2013 13:14:29 | Computer Name = Tanja-VAIO | Source = DCOM | ID = 10010
Description = 
 
Error - 01.02.2013 13:14:29 | Computer Name = Tanja-VAIO | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Windows Update" wurde nicht richtig gestartet.
 
 
< End of report >
         
Code:
ATTFilter
OTL logfile created on: 01.02.2013 18:15:01 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Tanja\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5,98 Gb Total Physical Memory | 4,23 Gb Available Physical Memory | 70,76% Memory free
11,96 Gb Paging File | 10,20 Gb Available in Paging File | 85,25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 454,98 Gb Total Space | 231,71 Gb Free Space | 50,93% Space Free | Partition Type: NTFS
 
Computer Name: TANJA-VAIO | User Name: Tanja | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Tanja\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe (Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe (Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe (Citrix Systems, Inc.)
PRC - C:\Programme\Sony\VAIO Care\listener.exe (Sony of America Corporation)
PRC - C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\SONY\Media Gallery\ElbServer.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Personalization Manager\VpmLM.exe (Sony Corporation)
PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
PRC - C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.)
PRC - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Programme\Sony\VAIO Personalization Manager\sqlite3.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update\VUAgent.exe (Sony Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (VCService) -- C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation)
SRV - (VSNService) -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (VcmXmlIfHelper) -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)
SRV - (VcmIAlzMgr) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)
SRV - (SOHPlMgr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
SRV - (SOHDBSvr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe (Sony Corporation)
SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (VzCdbSvc) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (VcmINSMgr) -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation)
SRV - (Roxio Upnp Server 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe (Sonic Solutions)
SRV - (Roxio UPnP Renderer 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe (Sonic Solutions)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
SRV - (PSI_SVC_2) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (IviRegMgr) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (ctxusbm) -- C:\Windows\SysNative\drivers\ctxusbm.sys (Citrix Systems, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (KOBCCEX) -- C:\Windows\SysNative\drivers\KOBCCEX.sys (KOBIL Systems GmbH)
DRV:64bit: - (KOBCCID) -- C:\Windows\SysNative\drivers\KOBCCID.sys (KOBIL Systems GmbH)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (rimspci) -- C:\Windows\SysNative\drivers\rimssne64.sys (REDC)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (risdsnpe) -- C:\Windows\SysNative\drivers\risdsne64.sys (REDC)
DRV:64bit: - (NETw5s64) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)
DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (regi) -- C:\Windows\SysNative\drivers\regi.sys (InterVideo)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (regi) -- C:\Windows\SysWOW64\drivers\regi.sys (InterVideo)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-724336481-3898033179-696243705-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01
IE - HKU\S-1-5-21-724336481-3898033179-696243705-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-724336481-3898033179-696243705-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-724336481-3898033179-696243705-1000\..\SearchScopes,DefaultScope = {4E74D889-955C-4EB7-A6C3-71D144E1F2C1}
IE - HKU\S-1-5-21-724336481-3898033179-696243705-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-724336481-3898033179-696243705-1000\..\SearchScopes\{4E74D889-955C-4EB7-A6C3-71D144E1F2C1}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SVEC
IE - HKU\S-1-5-21-724336481-3898033179-696243705-1000\..\SearchScopes\{5AFF30F8-EBA6-47A0-8188-29499155AF38}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-0/4?satitle={searchTerms}
IE - HKU\S-1-5-21-724336481-3898033179-696243705-1000\..\SearchScopes\{6F18D802-A1E3-49EB-AA92-94EF5DAE0B42}: "URL" = hxxp://www.zinio.com/search/index.jsp?s={searchTerms}&rf=sonyie8search
IE - HKU\S-1-5-21-724336481-3898033179-696243705-1000\..\SearchScopes\{F2BB138A-F4F7-45C1-A738-BF19D35757FD}: "URL" = hxxp://de.shopping.com/?linkin_id=8056363
IE - HKU\S-1-5-21-724336481-3898033179-696243705-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "https://flexnow3.uni-giessen.de/flexnow/index.html"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Citrix.com/npican: C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Program Files (x86)\Google\Update\1.2.183.7\npGoogleOneClick8.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.05 17:54:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.01.30 22:07:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.05 17:54:53 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.01.30 22:07:28 | 000,000,000 | ---D | M]
 
[2010.10.07 09:17:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tanja\AppData\Roaming\mozilla\Extensions
[2012.11.19 18:39:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tanja\AppData\Roaming\mozilla\Firefox\Profiles\6j3uywea.default\extensions
[2012.09.04 14:12:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.06.20 16:07:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.09.04 14:12:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012.11.05 17:54:53 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.11.05 17:54:49 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.11.05 17:54:49 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.11.05 17:54:49 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.11.05 17:54:49 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.11.05 17:54:49 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.11.05 17:54:49 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (CtxIEInterceptorBHO Class) - {2C4631FF-5CC8-4EBC-A0DF-34C92291759E} - C:\Program Files (x86)\Citrix\ICA Client\IEInterceptor.dll (Citrix Systems, Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-724336481-3898033179-696243705-1000..\Run: [Elbserver] C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe (Sony Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab (20-20 3D Viewer for IKEA)
O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_Win32.cab (20-20 3D Viewer)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8ABCCEA5-814C-4A5F-9BAB-937AF458DA1D}: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB8C9484-BDD0-485F-9085-847F9BF303D0}: DhcpNameServer = 192.168.2.1 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\ica - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.01 16:33:59 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\Tanja\Desktop\aswMBR.exe
[2013.02.01 15:57:12 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Tanja\Desktop\tdsskiller.exe
[2013.02.01 13:17:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.02.01 13:16:13 | 000,000,000 | ---D | C] -- C:\Users\Tanja\Desktop\mbar-1.01.0.1017
[2013.01.30 22:11:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Tanja\Desktop\OTL.exe
[2013.01.09 11:46:35 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013.01.09 11:46:35 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013.01.09 11:46:15 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013.01.09 11:46:14 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013.01.09 11:46:13 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013.01.09 11:46:13 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013.01.09 11:46:13 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013.01.09 11:46:13 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013.01.09 11:46:13 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013.01.09 11:46:13 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013.01.09 11:46:13 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013.01.09 11:46:13 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013.01.09 11:46:13 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013.01.09 11:46:13 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013.01.09 11:46:13 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013.01.09 11:46:13 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013.01.09 11:46:13 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013.01.09 11:46:13 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013.01.09 11:46:13 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013.01.09 11:46:13 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013.01.09 11:46:13 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013.01.09 11:46:13 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013.01.09 11:46:12 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013.01.09 11:46:12 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013.01.09 11:46:12 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013.01.09 11:46:12 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013.01.09 11:46:12 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013.01.09 11:46:12 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013.01.09 11:46:12 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013.01.09 11:46:12 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013.01.09 11:46:12 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013.01.09 11:46:12 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013.01.09 11:46:12 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013.01.09 11:46:12 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013.01.09 11:46:12 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013.01.09 11:46:12 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013.01.09 11:45:52 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013.01.09 11:45:52 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013.01.09 11:45:51 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013.01.09 11:45:51 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013.01.09 11:45:51 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013.01.09 11:45:51 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.01.09 11:45:51 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013.01.09 11:45:51 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.01.09 11:45:51 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013.01.09 11:45:51 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013.01.09 11:45:51 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013.01.09 11:45:51 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013.01.09 11:45:51 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.01.09 11:45:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.09 11:45:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.09 11:45:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.09 11:45:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013.01.09 11:45:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013.01.09 11:45:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.09 11:45:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.09 11:45:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013.01.09 11:45:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013.01.09 11:45:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013.01.09 11:45:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013.01.09 11:45:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013.01.09 11:45:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.09 11:45:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.09 11:45:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.09 11:45:50 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.01.09 11:45:50 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.01.09 11:45:50 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013.01.09 11:45:50 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.09 11:45:50 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.09 11:45:50 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.09 11:45:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013.01.09 11:45:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.09 11:45:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.09 11:45:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013.01.09 11:45:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013.01.09 11:45:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.09 11:45:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.09 11:45:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.09 11:45:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.09 11:45:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.09 11:45:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013.01.09 11:45:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013.01.09 11:45:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013.01.09 11:45:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.09 11:45:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.09 11:45:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.09 11:45:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013.01.09 11:45:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013.01.09 11:45:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013.01.09 11:45:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.09 11:45:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013.01.09 11:45:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013.01.09 11:45:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.09 11:45:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013.01.09 11:45:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013.01.09 11:45:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.09 11:45:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.09 11:45:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.09 11:45:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013.01.09 11:45:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013.01.09 11:45:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.09 11:45:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.09 11:45:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013.01.09 11:45:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013.01.09 11:45:50 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.01.09 11:45:31 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.01 18:21:54 | 000,009,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.01 18:21:54 | 000,009,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.01 18:02:25 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.01 18:02:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.01 18:02:09 | 522,784,767 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.01 17:58:42 | 000,580,235 | ---- | M] () -- C:\Users\Tanja\Desktop\adwcleaner.exe
[2013.02.01 17:55:00 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.01 16:46:41 | 000,000,512 | ---- | M] () -- C:\Users\Tanja\Desktop\MBR.dat
[2013.02.01 16:34:01 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Tanja\Desktop\aswMBR.exe
[2013.02.01 15:57:26 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Tanja\Desktop\tdsskiller.exe
[2013.01.30 22:27:05 | 000,365,568 | ---- | M] () -- C:\Users\Tanja\Desktop\gmer_2.0.18454.exe
[2013.01.30 22:11:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tanja\Desktop\OTL.exe
[2013.01.30 22:10:31 | 000,000,000 | ---- | M] () -- C:\Users\Tanja\defogger_reenable
[2013.01.30 22:07:28 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2013.01.29 10:28:24 | 000,050,477 | ---- | M] () -- C:\Users\Tanja\Desktop\Defogger.exe
[2013.01.21 12:21:24 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.01.21 12:21:24 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.01.21 12:21:24 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.01.21 12:21:24 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.01.21 12:21:24 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.01.18 18:32:57 | 000,400,350 | ---- | M] () -- C:\test.xml
[2013.01.12 17:03:10 | 000,462,560 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.01.09 17:07:25 | 005,379,340 | ---- | M] () -- C:\Users\Tanja\Desktop\A.P.EX_._ProAuPair_Auslandshandbuch2012Small[1].pdf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.02.01 17:58:35 | 000,580,235 | ---- | C] () -- C:\Users\Tanja\Desktop\adwcleaner.exe
[2013.02.01 16:46:41 | 000,000,512 | ---- | C] () -- C:\Users\Tanja\Desktop\MBR.dat
[2013.01.30 22:27:02 | 000,365,568 | ---- | C] () -- C:\Users\Tanja\Desktop\gmer_2.0.18454.exe
[2013.01.30 22:10:31 | 000,000,000 | ---- | C] () -- C:\Users\Tanja\defogger_reenable
[2013.01.29 10:28:20 | 000,050,477 | ---- | C] () -- C:\Users\Tanja\Desktop\Defogger.exe
[2013.01.25 17:41:22 | 000,001,141 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
[2013.01.09 17:07:25 | 005,379,340 | ---- | C] () -- C:\Users\Tanja\Desktop\A.P.EX_._ProAuPair_Auslandshandbuch2012Small[1].pdf
[2012.08.06 18:54:50 | 000,000,523 | ---- | C] () -- C:\Windows\eReg.dat
[2011.12.19 07:38:25 | 000,000,221 | ---- | C] () -- C:\ProgramData\MusicStation.xml
[2011.06.03 10:54:37 | 000,000,355 | ---- | C] () -- C:\Users\Tanja\Netzwerk - Verknüpfung.lnk
[2011.02.06 13:14:15 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.09.07 20:26:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
         

Alt 01.02.2013, 17:47   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TrojanDownloader:Win32/Adload.Da-Virus - Standard

TrojanDownloader:Win32/Adload.Da-Virus



Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 01.02.2013, 19:48   #14
Tanija
 
TrojanDownloader:Win32/Adload.Da-Virus - Standard

TrojanDownloader:Win32/Adload.Da-Virus



Code:
ATTFilter
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.02.01.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Tanja :: TANJA-VAIO [Administrator]

01.02.2013 19:07:18
mbam-log-2013-02-01 (19-07-18).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 215920
Laufzeit: 2 Minute(n), 17 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6889
# api_version=3.0.2
# EOSSerial=90ae6430137fc046bc671a3b5a608e57
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-02-01 07:44:20
# local_time=2013-02-01 08:44:20 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 97 12079 225171150 4843 0
# compatibility_mode=5893 16776573 100 94 13357 111377710 0 0
# scanned=220018
# found=0
# cleaned=0
# scan_time=5000
         

Alt 02.02.2013, 14:36   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TrojanDownloader:Win32/Adload.Da-Virus - Standard

TrojanDownloader:Win32/Adload.Da-Virus



Sieht soweit ok aus

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat.

Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu TrojanDownloader:Win32/Adload.Da-Virus
angezeigt, downloader, entferne, entfernen, ergebnisse, folge, folgendes, gmer, hoffe, inhalt, loader, thema, troja, trojandownloader, trojandownloader:win32/adload.da-virus, win, win32/adload.da-virus



Ähnliche Themen: TrojanDownloader:Win32/Adload.Da-Virus


  1. Windows 7: Win32/Adload.DA-Virus
    Log-Analyse und Auswertung - 21.11.2015 (13)
  2. Wartungscenter meldet Fund des TrojanDownloader:Win32/Adload.DA
    Log-Analyse und Auswertung - 13.01.2015 (7)
  3. TrojanDownloader win32/adload.da-virus
    Plagegeister aller Art und deren Bekämpfung - 10.04.2014 (9)
  4. TrojanDownloader:Win32/Adload.DA richtig entfernen
    Log-Analyse und Auswertung - 18.03.2014 (21)
  5. Win 7: TrojanDownloader:Win32/Adload.DA-Virus kann mit MS-Tool nicht entfernt werden
    Log-Analyse und Auswertung - 06.01.2014 (13)
  6. trojandownloader win32/adload.da
    Log-Analyse und Auswertung - 10.11.2013 (9)
  7. Windows-Wartungscenter meldet mir: Entfernen des TrojanDownloader:Win32/Adload.DA-Virus
    Plagegeister aller Art und deren Bekämpfung - 10.09.2013 (1)
  8. TrojanDownloader:Win32/Adload.DA-Virus gefunden
    Log-Analyse und Auswertung - 30.06.2013 (8)
  9. TrojanDownloader: Win32/Adload.DA-Virus eingefangen! Wie kann ich ihn entfernen?
    Log-Analyse und Auswertung - 27.06.2013 (1)
  10. TrojanDownloader:Win32/Adload.DA
    Log-Analyse und Auswertung - 13.06.2013 (15)
  11. TrojanDownloader:Win32/Adload.DA-Virus
    Log-Analyse und Auswertung - 02.05.2013 (9)
  12. TrojanDownloader: Win32/Adload.DA-Virus
    Plagegeister aller Art und deren Bekämpfung - 19.04.2013 (17)
  13. TrojanDownloader:Win32/Adload.DA
    Plagegeister aller Art und deren Bekämpfung - 27.03.2013 (17)
  14. TrojanDownloader:Win32/Adload.DA-Virus
    Plagegeister aller Art und deren Bekämpfung - 23.01.2013 (32)
  15. TrojanDownloader:Win32/Adload.DA-Virus
    Plagegeister aller Art und deren Bekämpfung - 13.12.2012 (19)
  16. TrojanDownloader:Win32/Adload.DA !?
    Plagegeister aller Art und deren Bekämpfung - 11.12.2012 (41)
  17. Wartungscenter Meldung: TrojanDownloader: Win32/Adload.DA Virus
    Plagegeister aller Art und deren Bekämpfung - 06.11.2012 (3)

Zum Thema TrojanDownloader:Win32/Adload.Da-Virus - Hallo, Windows hat bei mir im Wartungssender folgendes angezeigt: Entfernen des TrojanDownloader:Win32/Adload.Da-Virus Leider weiß ich nicht, seit wann genau es angezeigt wird, allerdings habe ich auch keine Beeinträchtigungen bemerkt. Ich - TrojanDownloader:Win32/Adload.Da-Virus...
Archiv
Du betrachtest: TrojanDownloader:Win32/Adload.Da-Virus auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.