Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Trojaner - es ist einfach nur langsam!

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 19.02.2013, 22:37   #1
trampeltier
 
Trojaner - es ist einfach nur langsam! - Standard

Trojaner - es ist einfach nur langsam!



Servus und hallo!

Mein Netbook war von einem Trojaner befallen und hat so und so ein paar Macken gehabt und so entschied ich mich das ganze noch einmal neu aufzusetzen, damit mal wieder etwas Fahrt in die ganze Sache kommt.
Das Problem ist nur, dass das drecks Gerät immernoch super langsam ist und Anti-Vir schon wieder ausgeschlagen hat, dass ein Trojaner an Bord sei. Leider habe ich diesen einfach nur gelöscht ohne mir einen Kopf zu machen.

Bin nun mit Oldtimer einmal über mein System gegangen und habe hier die beiden Datein:

OTl.txtOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 19.02.2013 23:10:14 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mirko\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,50 Gb Total Physical Memory | 2,70 Gb Available Physical Memory | 77,25% Memory free
6,99 Gb Paging File | 5,80 Gb Available in Paging File | 82,99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 453,50 Gb Total Space | 407,52 Gb Free Space | 89,86% Space Free | Partition Type: NTFS
 
Computer Name: MIRKO-VAIO | User Name: Mirko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.02.19 23:09:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mirko\Desktop\OTL.exe
PRC - [2013.02.19 23:07:09 | 000,050,477 | ---- | M] () -- C:\Users\Mirko\Desktop\Defogger.exe
PRC - [2013.02.13 09:47:08 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2013.02.13 09:46:30 | 000,079,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013.02.13 09:46:25 | 000,385,248 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.02.13 09:46:25 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.12.18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.11.23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012.10.26 10:33:12 | 001,038,496 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Update\VAIOUpdt.exe
PRC - [2012.10.26 09:44:42 | 000,957,056 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Update\VUAgent.exe
PRC - [2012.10.04 15:57:58 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011.07.04 13:46:04 | 003,454,904 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Smart Network\VSNClient.exe
PRC - [2011.07.04 13:46:00 | 000,866,952 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe
PRC - [2011.07.01 05:10:14 | 000,401,408 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011.07.01 05:10:14 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2011.05.27 19:47:58 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.05.24 23:17:32 | 000,294,400 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2011.03.05 16:42:36 | 000,180,928 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2011.03.05 16:42:36 | 000,064,704 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe
PRC - [2011.02.23 14:05:04 | 000,105,024 | ---- | M] (ArcSoft, Inc.) -- C:\Programme\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2011.02.16 14:08:52 | 001,166,016 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Care\VCsystray.exe
PRC - [2011.02.15 11:47:02 | 002,757,312 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\ISB Utility\ISBMgr.exe
PRC - [2011.02.14 13:23:50 | 000,086,208 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Care\VCAgent.exe
PRC - [2011.02.14 13:23:50 | 000,044,736 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Care\VCService.exe
PRC - [2011.02.14 13:23:50 | 000,013,504 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Care\Admload.exe
PRC - [2011.01.29 05:36:18 | 000,189,048 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Care\VCPerfService.exe
PRC - [2011.01.29 05:36:18 | 000,081,016 | ---- | M] (Sony of America Corporation) -- C:\Programme\Sony\VAIO Care\listener.exe
PRC - [2010.11.27 00:55:42 | 000,648,032 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2010.11.27 00:55:42 | 000,398,176 | ---- | M] (Sony Corporation) -- c:\Programme\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2010.11.20 22:29:49 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.09.21 14:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2010.09.21 14:03:14 | 000,193,408 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2010.07.29 18:45:48 | 002,839,840 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2010.07.29 18:45:48 | 000,836,896 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2010.07.29 18:45:48 | 000,656,672 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2010.04.05 11:55:02 | 000,116,104 | ---- | M] () -- C:\Programme\Canon\IJPLM\ijplmsvc.exe
PRC - [2010.03.24 18:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Programme\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2010.03.02 19:52:00 | 000,140,640 | ---- | M] (CANON INC.) -- C:\Programme\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.02.19 23:07:09 | 000,050,477 | ---- | M] () -- C:\Users\Mirko\Desktop\Defogger.exe
MOD - [2013.02.14 23:23:25 | 001,358,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\9266d6e1f8057b5b62b460cbf33cda21\System.WorkflowServices.ni.dll
MOD - [2013.02.14 23:22:39 | 001,707,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\1e04a5319c58010e945220af2751d34e\System.ServiceModel.Web.ni.dll
MOD - [2013.02.14 23:20:11 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll
MOD - [2013.02.14 17:50:06 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\78967b28f748b8807eaa97c1cb454adc\WindowsFormsIntegration.ni.dll
MOD - [2013.02.14 16:39:42 | 017,478,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\3e79256ce40faa9682f9e3511ca115ea\System.ServiceModel.ni.dll
MOD - [2013.02.14 16:39:04 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll
MOD - [2013.02.14 16:38:59 | 001,084,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\219c68f83fa608b496b163fd6782e696\System.IdentityModel.ni.dll
MOD - [2013.02.14 16:38:54 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\eb33bf977e97e97b12e82c18e36fbaee\SMDiagnostics.ni.dll
MOD - [2013.02.14 16:38:20 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
MOD - [2013.02.14 16:38:05 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a013e3b347de5b1b608daebdff0d46c0\PresentationFramework.ni.dll
MOD - [2013.02.14 16:37:31 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll
MOD - [2013.02.14 16:37:08 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013.02.14 16:36:52 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013.02.14 16:35:52 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013.02.14 16:35:34 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll
MOD - [2013.02.14 16:35:17 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.02.14 16:35:07 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013.02.14 16:34:58 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013.02.14 16:34:45 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.02.14 16:34:30 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2013.02.13 02:49:50 | 000,249,856 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2013.02.13 02:49:50 | 000,110,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_de_31bf3856ad364e35\PresentationCore.resources.dll
MOD - [2013.02.13 02:49:22 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2011.05.24 23:50:44 | 000,243,712 | ---- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2011.05.24 23:17:38 | 000,095,232 | ---- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
MOD - [2011.03.14 14:21:10 | 000,016,384 | ---- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2010.11.13 00:19:05 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2010.11.13 00:19:04 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2013.02.13 12:50:40 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.02.13 09:47:08 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.02.13 09:46:25 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.02.01 19:21:08 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.12.18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.10.26 09:44:42 | 000,957,056 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Update\VUAgent.exe -- (VUAgent)
SRV - [2011.07.04 13:46:00 | 000,866,952 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV - [2011.07.01 05:10:14 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011.05.24 23:17:32 | 000,294,400 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2011.05.19 19:15:44 | 000,549,616 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2011.03.05 16:42:36 | 000,064,704 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2011.02.23 14:05:04 | 000,105,024 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Programme\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2011.02.18 22:15:04 | 000,083,232 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)
SRV - [2011.02.14 13:23:50 | 000,044,736 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Care\VCService.exe -- (VCService)
SRV - [2011.01.29 05:36:18 | 000,189,048 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV - [2011.01.20 12:27:18 | 000,228,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe -- (SpfService)
SRV - [2011.01.20 12:16:26 | 000,887,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2010.11.27 00:55:42 | 000,398,176 | ---- | M] (Sony Corporation) [Auto | Running] -- c:\Programme\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2010.11.20 22:29:49 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.09.22 16:33:04 | 000,051,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.09.21 14:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.07.29 18:45:48 | 000,656,672 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2010.04.05 11:55:02 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Programme\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2013.02.13 09:47:29 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013.02.13 09:47:29 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2013.02.13 09:47:28 | 000,134,336 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2013.02.13 09:47:27 | 000,083,944 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.07.01 05:10:32 | 000,100,880 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2011.07.01 05:10:19 | 007,800,832 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011.07.01 05:10:19 | 000,245,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011.03.28 09:54:52 | 000,197,224 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2011.02.17 19:00:18 | 000,032,384 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_xata.sys -- (amd_xata)
DRV - [2011.02.17 19:00:17 | 000,064,128 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_sata.sys -- (amd_sata)
DRV - [2011.01.07 07:27:50 | 000,035,968 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2010.11.20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010.11.01 04:20:30 | 001,800,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2010.11.01 04:17:29 | 000,068,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2010.04.26 21:20:29 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV - [2010.02.18 09:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2009.07.14 01:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2009.07.14 01:14:49 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDScan.sys -- (WSDScan)
DRV - [2009.07.14 00:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009.07.13 23:02:52 | 000,214,016 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1y6032.sys -- (e1yexpress)
DRV - [2009.06.10 22:19:48 | 009,853,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009.05.26 14:32:02 | 000,017,408 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vaioportal.sony.eu
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://sony.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://vaioportal.sony.eu
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{35318879-41EA-4F52-AA6D-CB7BBF4CAD0C}: "URL" = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
IE - HKCU\..\SearchScopes\{3711784D-2B2E-454A-AACE-0C0B1EB4F70E}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q311&_nkw={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_168.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.02.15 20:36:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2013.02.15 20:36:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mirko\AppData\Roaming\mozilla\Extensions
[2013.02.15 20:36:30 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013.02.01 19:21:57 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013.02.01 20:33:32 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.02.01 20:33:32 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013.02.01 20:33:32 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2013.02.01 20:33:32 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.02.01 20:33:32 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.02.01 20:33:32 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Programme\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] c:\Programme\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 168.95.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{62D10511-3169-4EF7-B43A-C72FE57F320E}: DhcpNameServer = 168.95.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.19 23:09:23 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mirko\Desktop\OTL.exe
[2013.02.19 23:07:15 | 000,000,000 | ---D | C] -- C:\Users\Mirko\Desktop\quanti
[2013.02.17 22:47:38 | 000,000,000 | ---D | C] -- C:\Users\Mirko\AppData\Local\Microsoft Games
[2013.02.15 20:37:12 | 000,000,000 | ---D | C] -- C:\Users\Mirko\AppData\Local\Macromedia
[2013.02.15 20:36:45 | 000,000,000 | ---D | C] -- C:\Users\Mirko\AppData\Roaming\Mozilla
[2013.02.15 20:36:45 | 000,000,000 | ---D | C] -- C:\Users\Mirko\AppData\Local\Mozilla
[2013.02.15 20:36:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013.02.15 20:36:32 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013.02.15 20:36:29 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.02.15 15:11:41 | 000,000,000 | ---D | C] -- C:\Users\Mirko\Documents\Bluetooth-Exchange-Ordner
[2013.02.15 15:11:26 | 000,000,000 | ---D | C] -- C:\Users\Mirko\AppData\Local\Broadcom
[2013.02.15 12:54:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013.02.14 00:11:41 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.02.13 18:03:39 | 000,000,000 | ---D | C] -- C:\Users\Mirko\AppData\Roaming\Winamp
[2013.02.13 18:03:39 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2013.02.13 18:01:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013.02.13 18:00:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2013.02.13 18:00:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013.02.13 17:58:08 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013.02.13 17:20:39 | 000,000,000 | ---D | C] -- C:\Users\Mirko\AppData\Local\Adobe
[2013.02.13 16:55:21 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJMyPrinter
[2013.02.13 16:50:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Canon IJ Network Tool
[2013.02.13 16:50:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon IJ Network Utilities
[2013.02.13 16:49:04 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJPLM
[2013.02.13 16:46:43 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJMSetup
[2013.02.13 16:46:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG6100 series Benutzerregistrierung
[2013.02.13 16:45:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CD-LabelPrint
[2013.02.13 16:44:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2013.02.13 16:43:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG6100 series Manual
[2013.02.13 16:43:40 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2013.02.13 16:43:21 | 000,000,000 | -H-D | C] -- C:\Windows\System32\CanonIJ Uninstaller Information
[2013.02.13 16:43:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG6100 series
[2013.02.13 16:42:22 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2013.02.13 16:42:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\STRING
[2013.02.13 16:40:24 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2013.02.13 14:49:32 | 000,000,000 | ---D | C] -- C:\Users\Mirko\AppData\Roaming\skypePM
[2013.02.13 14:48:23 | 000,000,000 | ---D | C] -- C:\Users\Mirko\AppData\Roaming\Skype
[2013.02.13 13:40:35 | 000,000,000 | ---D | C] -- C:\Users\Mirko\Desktop\Bilder
[2013.02.13 13:40:30 | 000,000,000 | ---D | C] -- C:\Users\Mirko\Desktop\Uni
[2013.02.13 13:31:05 | 000,000,000 | ---D | C] -- C:\Users\Mirko\Desktop\Musik
[2013.02.13 13:30:58 | 000,000,000 | ---D | C] -- C:\Users\Mirko\Desktop\Dokumente
[2013.02.13 13:30:55 | 000,000,000 | ---D | C] -- C:\Users\Mirko\Desktop\cinemaxx
[2013.02.13 11:52:25 | 000,000,000 | ---D | C] -- C:\Update
[2013.02.13 09:59:22 | 000,000,000 | ---D | C] -- C:\Users\Mirko\AppData\Roaming\Opera
[2013.02.13 09:59:22 | 000,000,000 | ---D | C] -- C:\Users\Mirko\AppData\Local\Opera
[2013.02.13 09:59:03 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2013.02.13 09:57:01 | 000,000,000 | ---D | C] -- C:\Users\Mirko\AppData\Roaming\Avira
[2013.02.13 09:54:36 | 000,000,000 | ---D | C] -- C:\Users\Mirko\AppData\Roaming\WinRAR
[2013.02.13 09:54:36 | 000,000,000 | ---D | C] -- C:\Users\Mirko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.02.13 09:54:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.02.13 09:53:50 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013.02.13 09:50:45 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2013.02.13 09:50:34 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2013.02.13 09:50:33 | 000,134,336 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2013.02.13 09:50:33 | 000,083,944 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2013.02.13 09:50:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2013.02.13 09:50:28 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2013.02.13 09:47:38 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.02.13 09:41:31 | 000,000,000 | ---D | C] -- C:\Users\Mirko\AppData\Roaming\Adobe
[2013.02.13 09:40:16 | 000,000,000 | ---D | C] -- C:\Users\Mirko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2013.02.13 09:40:14 | 000,000,000 | ---D | C] -- C:\Users\Mirko\AppData\Local\AMD
[2013.02.13 09:39:49 | 000,000,000 | ---D | C] -- C:\Users\Mirko\AppData\Roaming\ATI
[2013.02.13 09:39:49 | 000,000,000 | ---D | C] -- C:\Users\Mirko\AppData\Local\ATI
[2013.02.13 09:37:41 | 000,000,000 | R--D | C] -- C:\Users\Mirko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013.02.13 09:37:41 | 000,000,000 | R--D | C] -- C:\Users\Mirko\Searches
[2013.02.13 09:37:41 | 000,000,000 | R--D | C] -- C:\Users\Mirko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013.02.13 09:37:20 | 000,000,000 | ---D | C] -- C:\Users\Mirko\AppData\Roaming\Identities
[2013.02.13 09:37:17 | 000,000,000 | R--D | C] -- C:\Users\Mirko\Contacts
[2013.02.13 09:35:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\VAIO Startup Setting Tool
[2013.02.13 09:35:13 | 000,000,000 | ---D | C] -- C:\Users\Mirko\AppData\Roaming\Sony Corporation
[2013.02.13 09:35:13 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013.02.13 09:34:33 | 000,000,000 | ---D | C] -- C:\Users\Mirko\AppData\Local\VirtualStore
[2013.02.13 09:34:31 | 000,000,000 | --SD | C] -- C:\Users\Mirko\AppData\Roaming\Microsoft
[2013.02.13 09:34:31 | 000,000,000 | R--D | C] -- C:\Users\Mirko\Videos
[2013.02.13 09:34:31 | 000,000,000 | R--D | C] -- C:\Users\Mirko\Saved Games
[2013.02.13 09:34:31 | 000,000,000 | R--D | C] -- C:\Users\Mirko\Pictures
[2013.02.13 09:34:31 | 000,000,000 | R--D | C] -- C:\Users\Mirko\Music
[2013.02.13 09:34:31 | 000,000,000 | R--D | C] -- C:\Users\Mirko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013.02.13 09:34:31 | 000,000,000 | R--D | C] -- C:\Users\Mirko\Links
[2013.02.13 09:34:31 | 000,000,000 | R--D | C] -- C:\Users\Mirko\Favorites
[2013.02.13 09:34:31 | 000,000,000 | R--D | C] -- C:\Users\Mirko\Downloads
[2013.02.13 09:34:31 | 000,000,000 | R--D | C] -- C:\Users\Mirko\Documents
[2013.02.13 09:34:31 | 000,000,000 | R--D | C] -- C:\Users\Mirko\Desktop
[2013.02.13 09:34:31 | 000,000,000 | R--D | C] -- C:\Users\Mirko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013.02.13 09:34:31 | 000,000,000 | -HSD | C] -- C:\Users\Mirko\Vorlagen
[2013.02.13 09:34:31 | 000,000,000 | -HSD | C] -- C:\Users\Mirko\AppData\Local\Verlauf
[2013.02.13 09:34:31 | 000,000,000 | -HSD | C] -- C:\Users\Mirko\AppData\Local\Temporary Internet Files
[2013.02.13 09:34:31 | 000,000,000 | -HSD | C] -- C:\Users\Mirko\Startmenü
[2013.02.13 09:34:31 | 000,000,000 | -HSD | C] -- C:\Users\Mirko\SendTo
[2013.02.13 09:34:31 | 000,000,000 | -HSD | C] -- C:\Users\Mirko\Recent
[2013.02.13 09:34:31 | 000,000,000 | -HSD | C] -- C:\Users\Mirko\Netzwerkumgebung
[2013.02.13 09:34:31 | 000,000,000 | -HSD | C] -- C:\Users\Mirko\Lokale Einstellungen
[2013.02.13 09:34:31 | 000,000,000 | -HSD | C] -- C:\Users\Mirko\Documents\Eigene Videos
[2013.02.13 09:34:31 | 000,000,000 | -HSD | C] -- C:\Users\Mirko\Documents\Eigene Musik
[2013.02.13 09:34:31 | 000,000,000 | -HSD | C] -- C:\Users\Mirko\Eigene Dateien
[2013.02.13 09:34:31 | 000,000,000 | -HSD | C] -- C:\Users\Mirko\Documents\Eigene Bilder
[2013.02.13 09:34:31 | 000,000,000 | -HSD | C] -- C:\Users\Mirko\Druckumgebung
[2013.02.13 09:34:31 | 000,000,000 | -HSD | C] -- C:\Users\Mirko\Cookies
[2013.02.13 09:34:31 | 000,000,000 | -HSD | C] -- C:\Users\Mirko\AppData\Local\Anwendungsdaten
[2013.02.13 09:34:31 | 000,000,000 | -HSD | C] -- C:\Users\Mirko\Anwendungsdaten
[2013.02.13 09:34:31 | 000,000,000 | -H-D | C] -- C:\Users\Mirko\AppData
[2013.02.13 09:34:31 | 000,000,000 | ---D | C] -- C:\Users\Mirko\AppData\Local\Temp
[2013.02.13 09:34:31 | 000,000,000 | ---D | C] -- C:\Users\Mirko\AppData\Local\Microsoft
[2013.02.13 09:34:31 | 000,000,000 | ---D | C] -- C:\Users\Mirko\AppData\Roaming\Media Center Programs
[2013.02.13 09:34:31 | 000,000,000 | ---D | C] -- C:\Users\Mirko\AppData\Roaming\Macromedia
[2013.02.13 09:34:04 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2013.02.13 09:34:04 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2013.02.13 09:34:04 | 000,000,000 | -HSD | C] -- C:\Programme
[2013.02.13 09:34:04 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2013.02.13 09:34:04 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2013.02.13 09:34:04 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2013.02.13 09:34:04 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2013.02.13 09:34:04 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2013.02.13 09:34:04 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2013.02.13 09:34:04 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2013.02.13 09:34:04 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2013.02.13 09:30:06 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013.02.13 04:29:14 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
[2013.02.13 04:27:08 | 000,000,000 | ---D | C] -- C:\VAIO Sample Contents
[2013.02.13 04:27:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2013.02.13 04:25:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013.02.13 04:25:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013.02.13 04:25:29 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2013.02.13 04:25:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2013.02.13 04:25:07 | 000,000,000 | ---D | C] -- C:\Program Files\Nascom
[2013.02.13 04:25:05 | 097,167,020 | ---- | C] (Axialis Software) -- C:\Windows\System32\VAIO Hero Screensaver - Summer 2011.scr
[2013.02.13 04:22:34 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayStation Extras
[2013.02.13 04:16:29 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2013.02.13 04:16:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMB
[2013.02.13 04:06:08 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Windows\System32\PCDLIB32.DLL
[2013.02.13 04:06:03 | 000,055,808 | ---- | C] (ArcSoft, Inc.) -- C:\Windows\System32\ArcSoftKsUFilter.dll
[2013.02.13 04:06:03 | 000,017,408 | ---- | C] (ArcSoft, Inc.) -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys
[2013.02.13 04:05:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Webcam Suite
[2013.02.13 04:05:51 | 000,000,000 | ---D | C] -- C:\ProgramData\ArcSoft
[2013.02.13 04:05:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ArcSoft
[2013.02.13 04:05:22 | 000,000,000 | ---D | C] -- C:\Program Files\ArcSoft
[2013.02.13 04:03:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2013.02.13 04:03:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013.02.13 04:03:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2013.02.13 04:03:40 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013.02.13 04:01:53 | 000,000,000 | ---D | C] -- C:\Windows\en
[2013.02.13 03:54:29 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2013.02.13 03:54:21 | 000,000,000 | ---D | C] -- C:\Windows\uk
[2013.02.13 03:54:09 | 000,000,000 | ---D | C] -- C:\Windows\tr
[2013.02.13 03:53:58 | 000,000,000 | ---D | C] -- C:\Windows\sv
[2013.02.13 03:53:44 | 000,000,000 | ---D | C] -- C:\Windows\sk
[2013.02.13 03:53:29 | 000,000,000 | ---D | C] -- C:\Windows\ru
[2013.02.13 03:53:14 | 000,000,000 | ---D | C] -- C:\Windows\ro
[2013.02.13 03:52:52 | 000,000,000 | ---D | C] -- C:\Windows\pt-pt
[2013.02.13 03:52:36 | 000,000,000 | ---D | C] -- C:\Windows\pl
[2013.02.13 03:52:20 | 000,000,000 | ---D | C] -- C:\Windows\no
[2013.02.13 03:52:06 | 000,000,000 | ---D | C] -- C:\Windows\it
[2013.02.13 03:51:55 | 000,000,000 | ---D | C] -- C:\Windows\hu
[2013.02.13 03:51:44 | 000,000,000 | ---D | C] -- C:\Windows\el
[2013.02.13 03:51:33 | 000,000,000 | ---D | C] -- C:\Windows\de
[2013.02.13 03:51:16 | 000,000,000 | ---D | C] -- C:\Windows\fr
[2013.02.13 03:51:01 | 000,000,000 | ---D | C] -- C:\Windows\fi
[2013.02.13 03:50:47 | 000,000,000 | ---D | C] -- C:\Windows\nl
[2013.02.13 03:50:36 | 000,000,000 | ---D | C] -- C:\Windows\da
[2013.02.13 03:50:22 | 000,000,000 | ---D | C] -- C:\Windows\cs
[2013.02.13 03:50:07 | 000,000,000 | ---D | C] -- C:\Windows\bg
[2013.02.13 03:49:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2013.02.13 03:33:05 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013.02.13 03:32:44 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2013.02.13 03:32:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.02.13 03:31:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013.02.13 03:30:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2013.02.13 03:28:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2013.02.13 03:28:18 | 000,000,000 | ---D | C] -- C:\temp
[2013.02.13 03:27:41 | 000,000,000 | ---D | C] -- C:\_FS_SWRINFO
[2013.02.13 03:27:40 | 000,000,000 | ---D | C] -- C:\Documentation
[2013.02.13 03:26:33 | 000,000,000 | ---D | C] -- C:\Windows\Sonysys
[2013.02.13 03:22:39 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2013.02.13 03:21:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013.02.13 03:21:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013.02.13 03:21:33 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.02.13 03:21:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sony Shared
[2013.02.13 03:17:03 | 000,000,000 | ---D | C] -- C:\Program Files\WIDCOMM
[2013.02.13 03:16:21 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2013.02.13 03:15:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\sda
[2013.02.13 03:15:27 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP
[2013.02.13 03:15:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2013.02.13 03:15:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2013.02.13 03:14:24 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2013.02.13 03:13:52 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2013.02.13 03:11:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2013.02.13 03:11:29 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2013.02.13 03:11:29 | 001,738,072 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2013.02.13 03:11:29 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2013.02.13 03:11:29 | 000,214,352 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFNHK.dll
[2013.02.13 03:11:29 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2013.02.13 03:11:29 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2013.02.13 03:11:29 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2013.02.13 03:11:29 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFCOM.dll
[2013.02.13 03:11:29 | 000,068,944 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFAPO.dll
[2013.02.13 03:11:28 | 001,938,704 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2013.02.13 03:11:28 | 001,327,104 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2013.02.13 03:11:28 | 000,357,576 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2013.02.13 03:11:28 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2013.02.13 03:11:28 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2013.02.13 03:11:28 | 000,252,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2013.02.13 03:11:28 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2013.02.13 03:11:28 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2013.02.13 03:11:28 | 000,168,648 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2013.02.13 03:11:28 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2013.02.13 03:11:28 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2013.02.13 03:11:28 | 000,062,664 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2013.02.13 03:11:27 | 001,131,280 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2013.02.13 03:11:27 | 000,961,296 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2013.02.13 03:11:27 | 000,900,368 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2013.02.13 03:11:27 | 000,448,272 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2013.02.13 03:11:27 | 000,427,792 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2013.02.13 03:11:27 | 000,405,776 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2013.02.13 03:11:27 | 000,299,424 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2013.02.13 03:11:27 | 000,290,064 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2013.02.13 03:11:27 | 000,235,280 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2013.02.13 03:11:27 | 000,223,504 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2013.02.13 03:11:27 | 000,104,672 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2013.02.13 03:11:27 | 000,104,672 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2013.02.13 03:11:27 | 000,104,160 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2013.02.13 03:11:27 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2013.02.13 03:11:27 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2013.02.13 03:11:27 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013.02.13 03:11:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2013.02.13 03:08:10 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2013.02.13 03:08:09 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2013.02.13 03:02:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Corporation
[2013.02.13 02:57:18 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013.02.13 02:54:04 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013.02.13 02:53:19 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2013.02.13 02:50:51 | 000,000,000 | ---D | C] -- C:\Windows\de-DE
[2013.02.13 02:50:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\winrm
[2013.02.13 02:50:50 | 000,000,000 | ---D | C] -- C:\Windows\DigitalLocker
[2013.02.13 02:50:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\XPSViewer
[2013.02.13 02:50:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\slmgr
[2013.02.13 02:50:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\0407
[2013.02.13 02:50:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\WCN
[2013.02.13 02:50:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\Printing_Admin_Scripts
[2013.02.13 02:50:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\de-DE
[2013.02.13 02:50:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\de
[2013.02.13 02:49:37 | 000,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\de-DE\yk62x86.sys.mui
[2013.02.13 02:49:37 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrSerIb.sys.mui
[2013.02.13 02:49:37 | 000,010,752 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\de-DE\ltmdmnt.sys.mui
[2013.02.13 02:49:34 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrSerId.sys.mui
[2013.02.13 02:49:34 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\de-DE\pscr.sys.mui
[2013.02.13 02:49:34 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrParwdm.sys.mui
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.19 23:09:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mirko\Desktop\OTL.exe
[2013.02.19 23:07:50 | 000,000,000 | ---- | M] () -- C:\Users\Mirko\defogger_reenable
[2013.02.19 23:07:09 | 000,050,477 | ---- | M] () -- C:\Users\Mirko\Desktop\Defogger.exe
[2013.02.19 22:50:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.19 21:29:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.19 00:42:05 | 000,020,400 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.19 00:42:05 | 000,020,400 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.19 00:39:38 | 000,696,576 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.02.19 00:39:38 | 000,651,854 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.02.19 00:39:38 | 000,147,840 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.02.19 00:39:38 | 000,120,786 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.02.19 00:33:51 | 2814,562,304 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.14 16:32:14 | 000,380,472 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.02.13 18:02:49 | 000,000,400 | ---- | M] () -- C:\Windows\ODBC.INI
[2013.02.13 16:44:22 | 000,002,306 | ---- | M] () -- C:\Users\Public\Desktop\Canon MG6100 series Online-Handbuch.lnk
[2013.02.13 14:49:35 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2013.02.13 09:59:11 | 000,001,779 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2013.02.13 09:47:29 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2013.02.13 09:47:29 | 000,028,520 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2013.02.13 09:47:28 | 000,134,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2013.02.13 09:47:27 | 000,083,944 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2013.02.13 09:36:32 | 000,000,000 | RH-- | M] () -- C:\Windows\System32\drivers\104D_Sony_VPCYB3V1E.mrk
[2013.02.13 09:33:08 | 000,159,772 | ---- | M] () -- C:\Windows\System32\license.rtf
[2013.02.13 04:28:07 | 000,196,608 | ---- | M] () -- C:\Windows\ocsetup_install_OEMHelpCustomization.etl
[2013.02.13 04:25:06 | 097,167,020 | ---- | M] (Axialis Software) -- C:\Windows\System32\VAIO Hero Screensaver - Summer 2011.scr
[2013.02.13 03:20:31 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2013.02.13 03:19:02 | 000,000,834 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2013.02.13 03:16:26 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2013.02.13 02:58:08 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013.02.13 02:50:34 | 000,295,922 | ---- | M] () -- C:\Windows\System32\perfi007.dat
[2013.02.13 02:50:34 | 000,038,104 | ---- | M] () -- C:\Windows\System32\perfd007.dat
[2013.02.13 02:49:37 | 000,033,280 | ---- | M] (Marvell) -- C:\Windows\System32\drivers\de-DE\yk62x86.sys.mui
[2013.02.13 02:49:37 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrSerIb.sys.mui
[2013.02.13 02:49:37 | 000,010,752 | ---- | M] (Agere Systems) -- C:\Windows\System32\drivers\de-DE\ltmdmnt.sys.mui
[2013.02.13 02:49:34 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrSerId.sys.mui
[2013.02.13 02:49:34 | 000,004,096 | ---- | M] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\de-DE\pscr.sys.mui
[2013.02.13 02:49:34 | 000,002,560 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrParwdm.sys.mui
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.02.19 23:07:50 | 000,000,000 | ---- | C] () -- C:\Users\Mirko\defogger_reenable
[2013.02.19 23:07:09 | 000,050,477 | ---- | C] () -- C:\Users\Mirko\Desktop\Defogger.exe
[2013.02.15 12:55:07 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013.02.14 00:12:51 | 000,001,145 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
[2013.02.13 18:02:49 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2013.02.13 16:50:07 | 000,013,056 | ---- | C] () -- C:\Windows\System32\CNC174AD.TBL
[2013.02.13 16:44:22 | 000,002,306 | ---- | C] () -- C:\Users\Public\Desktop\Canon MG6100 series Online-Handbuch.lnk
[2013.02.13 14:49:35 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2013.02.13 12:07:12 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.13 09:59:11 | 000,001,791 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2013.02.13 09:59:11 | 000,001,779 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2013.02.13 09:37:47 | 000,001,413 | ---- | C] () -- C:\Users\Mirko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013.02.13 09:36:32 | 000,000,000 | RH-- | C] () -- C:\Windows\System32\drivers\104D_Sony_VPCYB3V1E.mrk
[2013.02.13 09:36:14 | 000,001,965 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music Unlimited powered by Qriocity.lnk
[2013.02.13 04:29:46 | 2814,562,304 | -HS- | C] () -- C:\hiberfil.sys
[2013.02.13 04:29:11 | 000,002,170 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care.lnk
[2013.02.13 04:28:27 | 000,002,197 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Smart Network.lnk
[2013.02.13 04:27:43 | 000,196,608 | ---- | C] () -- C:\Windows\ocsetup_install_OEMHelpCustomization.etl
[2013.02.13 04:27:26 | 000,001,233 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Transfer.lnk
[2013.02.13 04:26:29 | 000,002,072 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Gate.lnk
[2013.02.13 04:25:50 | 000,001,798 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Easy Connect.lnk
[2013.02.13 04:25:46 | 000,002,203 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Data Restore Tool.lnk
[2013.02.13 04:22:35 | 000,001,147 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Keyboard.lnk
[2013.02.13 04:16:11 | 000,001,097 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMB.lnk
[2013.02.13 03:49:52 | 000,001,251 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2013.02.13 03:49:35 | 000,001,320 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2013.02.13 03:44:49 | 000,001,404 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2013.02.13 03:34:54 | 000,002,432 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2013.02.13 03:27:42 | 000,001,953 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Manual.lnk
[2013.02.13 03:27:05 | 000,001,479 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Control Center.lnk
[2013.02.13 03:20:31 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013.02.13 03:17:13 | 000,000,834 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2013.02.13 03:16:26 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2013.02.13 03:00:18 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2013.02.13 03:00:00 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2013.02.13 02:58:08 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013.02.13 02:51:26 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2013.02.13 02:51:24 | 000,696,576 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2013.02.13 02:51:24 | 000,147,840 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2013.02.13 02:51:24 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2011.07.04 08:44:44 | 000,233,765 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011.07.04 08:44:44 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011.05.24 23:44:26 | 000,059,904 | ---- | C] () -- C:\Windows\System32\OVDecode.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013.02.13 09:59:22 | 000,000,000 | ---D | M] -- C:\Users\Mirko\AppData\Roaming\Opera
 
========== Purity Check ==========
 
 
 
< End of report >
         
--- --- ---



Extras.txtOTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 19.02.2013 23:10:14 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mirko\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,50 Gb Total Physical Memory | 2,70 Gb Available Physical Memory | 77,25% Memory free
6,99 Gb Paging File | 5,80 Gb Available in Paging File | 82,99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 453,50 Gb Total Space | 407,52 Gb Free Space | 89,86% Space Free | Partition Type: NTFS
 
Computer Name: MIRKO-VAIO | User Name: Mirko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0056F05C-AE9C-4C54-8957-A9850BA67123}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{0105294B-822F-4EB0-A26A-D9CD944701BA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{0786BFC1-F70B-44D0-BE10-1099B6B3DF10}" = rport=138 | protocol=17 | dir=out | app=system | 
"{27983742-405E-4BBB-89C5-A4A3B2B40977}" = lport=138 | protocol=17 | dir=in | app=system | 
"{34A7E8F4-EEE2-443C-9FA6-F841E4A7C874}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{34E9EFDC-2C4E-487E-98F8-9268E13EEDE2}" = lport=139 | protocol=6 | dir=in | app=system | 
"{380F2D14-7460-4020-9215-5D555341E1A7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{41B58BAA-B17E-46C3-9B18-ACCF38D4A50D}" = rport=137 | protocol=17 | dir=out | app=system | 
"{55C204BA-5813-46A9-B7C7-EA4B74DB224B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{5C54FB93-AD9E-4A09-BBEC-FBC3715DFDF2}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{6910A137-D898-4E1A-A4F5-20F9105A52B0}" = lport=445 | protocol=6 | dir=in | app=system | 
"{6BB6DC3E-6C76-4EC7-AE6D-48D23EB7FDB3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{6CEE9786-29B6-43D9-896B-33A21EFCED12}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{7738A572-82BB-4327-BFC3-5A677231A13C}" = rport=139 | protocol=6 | dir=out | app=system | 
"{8265DB0D-7D9E-4FBF-A564-1128C6016911}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{8DB35B93-D53B-4B34-850D-77109BF5ED18}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{910530F4-61C4-40A1-B137-15598A5EB53A}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{9394EEE5-E1F0-465C-8D61-E0B91E035B73}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{A84EC9DD-C3DB-4486-BA4A-0C71BAE2AF33}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{B4B82DE5-CF03-4C92-9B06-E3AEED0E2856}" = rport=445 | protocol=6 | dir=out | app=system | 
"{BE65FCE0-6BBE-4C34-8AF4-338B545C50FB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{E1F72686-F32A-40A3-8AEF-ADCD55300BD6}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{E9C4EBA1-AC6F-4E49-A265-2BC2151D875C}" = lport=137 | protocol=17 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04F8F0F0-3900-4540-84C0-759A78DD2214}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{05BC6ECF-64BC-45BA-BE91-1712FA5F6910}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | 
"{112B7F81-15C6-4AFB-9E37-237E3BB315C5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{175941AB-647F-4945-A98C-20731A933567}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{1E65FF69-7084-48B5-8934-A32652AF22CF}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | 
"{2F11F48C-8D4A-4681-AF02-A4ABCF1FF467}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{4B6DA6F9-74C1-4DBF-B11F-458358F53E0F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{509782A3-1A25-43BD-9EB2-D112BDFB76EF}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{57C52AFA-DA3E-4F20-AFDC-464BA1FEE943}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{59D0ACB1-B92A-4E21-A477-C91203490D6D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{5AB7D125-A3C4-423F-AF31-186CB7F8F2A5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{5F8AD2DF-E9B5-4D3B-B6D0-B20BBEF997C9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{67BCB588-7D13-4F91-AC61-EB976995A383}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | 
"{8F98121A-5EED-4E3F-AF40-8D68B9567736}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{91A17848-43B8-4E53-A8BF-5BE51E493CBC}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{9CD47087-42C5-4832-A3E8-88A39FEC01C7}" = dir=in | app=c:\program files\windows live\mesh\moe.exe | 
"{AC5DDD25-EE01-4308-917D-458DC640DEEE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{C71E3AD5-D8D2-4E70-8828-9051BC3D863E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{CA964464-A615-4E68-8FB1-9D747AB046F5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{CE6B5F5A-0512-4744-B4C0-BB7DA8C282D1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{D858A115-9DA3-437B-AAD6-0BC22C8A6988}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{EE1696D9-E6E9-4E4D-9F44-5452E2424C23}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{FAA17A0B-2968-446D-B10C-54935FA89C1E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{FF077EE6-5241-4776-AC05-0CB33051B989}" = protocol=6 | dir=out | app=system | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{0125DB4D-98A0-4DBF-B68A-23BF08FFA6A3}" = Windows Live Messenger
"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{046885A1-B4AE-4459-A0D1-8C93706698D6}" = 
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{063CF438-A265-D88D-FA96-02F13D642018}" = CCC Help Japanese
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{07441A52-E208-478A-92B7-5C337CA8C131}" = VAIO - Remote Play mit PlayStation®3
"{0891B708-EF3F-4D7E-9724-265245F46276}" = Windows Live Remote Service Resources
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08D7BC86-7358-464C-8AD0-0D84B5F0A0C9}" = Remote Keyboard
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{09B7C7EB-3140-4B5E-842F-9C79A7137139}" = Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti
"{0C99EF4B-8242-55C8-6BC6-66DB82C0E99D}" = Catalyst Control Center Localization All
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh
"{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6100_series" = Canon MG6100 series MP Drivers
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{14C9BA5B-09ED-2367-6D15-1847F8564A0A}" = CCC Help French
"{1651B6EC-C0CF-E4E6-2ED6-1D38CB60B7DF}" = CCC Help Italian
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{17E76DF8-5D02-4C73-B03D-156AD18D3295}" = VAIO Improvement Validation
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
"{1B0545C4-620F-4661-A369-C4D113F24932}" = Windows Live Writer Resources
"{1D69D439-D60C-1247-C2A0-B2265AF7B907}" = CCC Help Portuguese
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{201B5096-AF6E-423E-B987-023E040D9B42}" = Windows Live Remote Service Resources
"{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2303F9E7-6293-4A85-BC21-CA226FAD5CE4}" = Windows Live Mail
"{244C5A67-39DC-4C6C-BF1B-BCC9D342A4C4}" = Windows Live Remote Client Resources
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{260E3D78-94E6-47EC-8E29-46301572BB1E}" = Control ActiveX Windows Live Mesh pentru conexiuni la distanță
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{270380EB-8812-42E1-8289-53700DB840D2}" = PMB VAIO Edition Plug-in
"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
"{28E541B1-915C-A21A-68B4-46C76A723B49}" = AMD Fuel
"{28EE1E92-273D-20FE-211A-5A4D173F7E0E}" = CCC Help Hungarian
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger
"{2B3EA5DA-D040-48FB-813F-1CF8C0123698}" = Windows Live Remote Client Resources
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger
"{2C8FBAB0-4564-47B8-AC4B-9C7401B94BF2}" = Основи Windows Live
"{2CC3F1D0-B4FD-DD06-2BF0-9268AF7D9604}" = AMD VISION Engine Control Center
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{303143DD-1F6D-4BC5-9342-FFC2E19B2DBD}" = Windows Live Messenger
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}" = ActiveX-kontroll för fjärranslutningar för Windows Live Mesh
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39889CAB-DE03-B341-CAC0-A6191D3962E1}" = CCC Help Chinese Standard
"{39BDD209-5704-480C-9F4A-B69D0370DDBB}" = Windows Live Messenger
"{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh
"{3A26D9BD-0F73-432D-B522-2BA18138F7EF}" = VAIO Improvement
"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources
"{3A94F54D-A8A4-4B82-B346-92B4D56A2708}" = VESx86
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3BC3B1A5-30E3-4DDB-BE08-E7262B838B5F}" = Windows Live Remote Client Resources
"{3BFB2388-64EE-4AAA-9235-5FE725FED6DE}" = Windows Live Remote Service Resources
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{41E4FA4B-9376-4C32-AA46-65FCC0087CD5}" = Windows Live Remote Service Resources
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{437454B4-E8F4-6435-1B98-B23B5402B3D8}" = CCC Help German
"{443545C3-E73D-F98A-7682-0804B59ADE53}" = CCC Help Dutch
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{454F5782-A4C3-480E-A629-D435795DEFD8}" = Windows Live Remote Client Resources
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{45CE286B-D094-69F2-FA5D-6A2614C3A5BD}" = CCC Help Swedish
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{49D43C8F-D7A3-78EC-AC96-70076927DE7A}" = CCC Help Norwegian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials
"{4AB15610-70BC-195D-EE43-67521381D7F5}" = CCC Help Finnish
"{4B1EDAFC-B0EB-465F-886C-24FAC1BED2AC}" = Windows Live Remote Client Resources
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4CB33CC4-E13B-FB12-5254-AAC82D4A2236}" = CCC Help Chinese Traditional
"{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}" = Windows Live Meshin etäyhteyksien ActiveX-komponentti
"{4E1FC19F-0460-D618-9EF0-878291B562D2}" = Catalyst Control Center Profiles Mobile
"{5008BC55-FD3D-4A32-A1B7-610E18F4D220}" = Windows Live Remote Service Resources
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}" = VAIO Sample Contents
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{57220148-3B2B-412A-A2E0-82B9DF423696}" = Windows Live Mesh ActiveX-objekt til fjernforbindelser
"{578401DB-5B21-FD5D-67EA-F1E271A10527}" = AMD Media Foundation Decoders
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5DA8EF95-939A-111C-3439-B54A12F68A90}" = Catalyst Control Center Graphics Previews Common
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{5FA51AAF-23FE-42F4-A724-D79F85F41D4B}" = Remote Play with PlayStation 3
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{61438020-DDD4-42FA-99A2-50225441980A}" = ArcSoft Magic-i Visual Effects 2
"{61A5DE19-BE38-45AF-A9BC-73E49703315E}" = Windows Live Remote Service Resources
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{6255D9FC-427F-4867-84DB-164DBEA0661F}" = Windows Live Remote Client Resources
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{66B0B400-22AB-47E6-8673-38A5D37F6331}" = Windows Live Remote Client Resources
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6986737B-F286-40D1-87AF-938339DCF6AB}" = Windows Live Messenger
"{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources
"{69CEB718-11A6-7757-29F2-3659AA8BB8D7}" = CCC Help Russian
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6AC57EEF-2733-4DE6-81BB-E78ACB964C22}" = Windows Live Photo Common
"{6D30E864-46AE-435B-8230-8B5D42B4AE37}" = Windows Live Messenger
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}" = Windows Live Messenger
"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{70991E0A-1108-437E-BA7D-085702C670C0}" = 
"{70EED410-697B-4193-A2CB-2F790F82B420}" = VAIO Data Restore Tool
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}" = VAIO - Remote-Tastatur 
"{73D8886A-D416-4687-B609-0D3836BA410C}" = VAIO Event Service
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{79ACFD18-AD87-480B-88E0-CF74DD9BBA63}" = PMB VAIO Edition Plug-in
"{7A143876-9658-4A58-82E7-B5F02D942957}" = Windows Live Remote Client Resources
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7F6021AE-E688-4D03-843A-C2260482BA0D}" = Windows Live Messenger
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{80651674-74AA-4155-AF2D-1339E628D187}" = Windows Live Movie Maker
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{81F81AE6-94F2-A647-747B-4EBC0CE213D9}" = CCC Help Danish
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{82EE333F-45A9-4585-A5D9-31FE16B7FB25}" = Windows Live Remote Service Resources
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" = 
"{8356CB97-A48F-44CB-837A-A12838DC4669}" = PMB VAIO Edition Plug-in
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{845E0BCB-8C8D-4FAB-8588-AD5FFD156C95}" = Windows Live Remote Service Resources
"{84CD9BCD-38B5-C34A-4A2C-6E26E3DE81BA}" = CCC Help Polish
"{84D3CB13-C7EE-4A29-817E-D82697320BF5}" = Windows Live Remote Client Resources
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" = 
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{8604F8AF-08EE-F845-9529-D9997192DD27}" = CCC Help Greek
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{87C83A79-608C-6DE0-F042-39C820A072EC}" = Catalyst Control Center InstallProxy
"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
"{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{91BD94FE-ADCA-49CC-BE96-97D4BBC36FAF}" = Windows Live Mesh
"{92280FD3-A119-41E6-A740-A62DBA4DFB53}" = Windows Live UX Platform Language Pack
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931292A9-7DE7-DCB7-0116-A6883373FCFB}" = CCC Help Korean
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{97124033-1253-4474-8B25-1AB314A920E6}" = Windows Live Remote Service Resources
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9B088046-8A01-4355-99DD-8530C022F682}" = VCCx86
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9D12A8B5-9D41-4465-BF11-70719EB0CD02}" = VU5x86
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E27F3D4-9BF7-7C5D-E761-054B80B7C812}" = CCC Help English
"{9F8E6025-423A-2A9F-3951-71E9BE2A85E7}" = ATI Catalyst Install Manager
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}" = VAIO Update
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A49A517F-5332-4665-922C-6D9AD31ADD4F}" = VSNx86
"{A4C16B19-10AA-4990-AA87-D14F653E3345}" = Windows Live Remote Client Resources
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A9ABC0A6-DC01-4102-BEC9-86974A73B214}" = Windows Live Remote Client Resources
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AB93C51F-71F9-4A28-8134-FE1B5B9373E9}" = Windows Live Remote Service Resources
"{ABF3F2A9-5A4F-8851-05A9-B56E0E3862F7}" = CCC Help Thai
"{AC0628FF-532F-4800-91EC-40903B04682F}" = Windows Live Remote Service Resources
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.01) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B0F02BA9-4ED6-4818-B213-4CFDC1844E61}" = Catalyst Control Center - Branding
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}" = ActiveX контрола на Windows Live Mesh за отдалечени връзки
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B6F55C3E-30EE-4D25-8BAD-CEE4BF8C78EB}" = Windows Live Remote Client Resources
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B7EA9CFF-E16F-7C84-5C3C-50CE04189316}" = CCC Help Spanish
"{B8991D99-88FD-41F2-8C32-DB70278D5C30}" = VWSTx86
"{BA8D4CEF-D23D-44AB-8A89-66E602253791}" = Windows Live Remote Service Resources
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C115A674-A398-49E5-9C6E-C0A541D3EA10}" = Фотоколекція Windows Live
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C30628D8-D3A0-4F23-90F0-F145808087B6}" = Windows Live Remote Client Resources
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C411942C-C26B-4450-8B9A-173DCC22AEC6}" = Windows Live Remote Service Resources
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C4E7704D-5AFB-44CA-B8BA-F16C8FA46D5F}" = Windows Live Remote Service Resources
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C5BD7D41-6F0A-9222-4DF7-DC5187EC786E}" = ccc-utility
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO-Handbuch
"{C72E35E5-C5C6-4328-AD9A-BBCCC816A2E6}" = VAIO Hardware Diagnostics
"{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}" = ArcSoft WebCam Companion 4
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CD6CB7F1-1B8E-424A-9B81-F8D2F03958EC}" = Windows Live Remote Client Resources
"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}" = VIx86
"{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail
"{D378BEA1-912E-4827-B9DB-D3B2C3D0BD4A}" = Windows Live Remote Service Resources
"{D3CAE2CA-BE71-4CA4-9EB9-46E1C82E778B}" = Windows Live Remote Service Resources
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D531F5A4-18F6-4130-B9A4-9179D6E349FC}" = VAIO Care
"{D57A002F-2B34-4E7B-A58B-0A4FBDA2E93F}" = Windows Live Messenger
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEDF8BAB-98D7-4CFA-9C42-27431EC4BD1F}" = Windows Live Remote Service Resources
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}" = Windows Live Remote Client Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1629C45-9CEF-498E-83CD-D6A09CADA176}" = Windows Live Remote Client Resources
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E7688C7D-DE09-4D43-9785-534EDE9BC18E}" = Windows Live Messenger
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB50A96F-8205-41CA-995E-73826CCC9F30}" = Windows Live Remote Service Resources
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EDB85C39-A68C-6EE2-B711-9ADF2653B574}" = CCC Help Turkish
"{EE533B4D-8D00-8841-D11F-CC466FE17F84}" = CCC Help Czech
"{EFB0CE72-A5A7-4185-9B9D-0A6F7812BB17}" = Windows Live Remote Client Resources
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0CCBE54-9132-44E9-82DF-CD364AD5C22D}" = Windows Live Remote Client Resources
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F28C98E9-BAC1-41FF-81F2-8885925CCB48}" = Windows Live Writer
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F694D1F7-1F12-4550-9B7A-C871273ABAD5}" = Windows Live Messenger
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data" = Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data
"Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data" = Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data
"Canon MG6100 series Benutzerregistrierung" = Canon MG6100 series Benutzerregistrierung
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CCleaner" = CCleaner
"Easy-PhotoPrint Pro" = Canon Easy-PhotoPrint Pro
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}" = VAIO - PMB VAIO Edition Plug-in
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Mozilla Firefox 18.0.2 (x86 de)" = Mozilla Firefox 18.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"Opera 12.14.1738" = Opera 12.14
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VAIO Help and Support" = 
"VAIO Hero Screensaver - Summer 2011 Screensaver" = VAIO Hero Screensaver - Summer 2011 Screensaver
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-Bit)
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 13.02.2013 05:04:53 | Computer Name = Mirko-VAIO | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
"System Writer". Details: AddWin32ServiceFiles: Unable to back up image of service
McShield since QueryServiceConfig API failed System Error: Das System kann die angegebene
Datei nicht finden. .
 
Error - 13.02.2013 05:04:53 | Computer Name = Mirko-VAIO | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
"System Writer". Details: AddWin32ServiceFiles: Unable to back up image of service
McAfee Firewall Core Service since QueryServiceConfig API failed System Error: Das
System kann die angegebene Datei nicht finden. .
 
Error - 13.02.2013 05:04:53 | Computer Name = Mirko-VAIO | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
"System Writer". Details: AddWin32ServiceFiles: Unable to back up image of service
McAfee Validation Trust Protection Service since QueryServiceConfig API failed System
Error: Das System kann die angegebene Datei nicht finden. .
 
Error - 13.02.2013 06:45:18 | Computer Name = Mirko-VAIO | Source = WinMgmt | ID = 10
Description = 
 
Error - 13.02.2013 19:04:56 | Computer Name = Mirko-VAIO | Source = WinMgmt | ID = 10
Description = 
 
Error - 13.02.2013 19:11:42 | Computer Name = Mirko-VAIO | Source = Microsoft-Windows-RestartManager | ID = 10007
Description = Die Anwendung oder der Dienst "VUAgent" konnte nicht neu gestartet
werden.
 
Error - 14.02.2013 11:33:29 | Computer Name = Mirko-VAIO | Source = WinMgmt | ID = 10
Description = 
 
Error - 15.02.2013 10:12:01 | Computer Name = Mirko-VAIO | Source = WinMgmt | ID = 10
Description = 
 
Error - 16.02.2013 09:21:02 | Computer Name = Mirko-VAIO | Source = WinMgmt | ID = 10
Description = 
 
Error - 18.02.2013 19:35:35 | Computer Name = Mirko-VAIO | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 15.02.2013 23:45:59 | Computer Name = Mirko-VAIO | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst IPBusEnum erreicht.
 
Error - 16.02.2013 01:42:11 | Computer Name = Mirko-VAIO | Source = DCOM | ID = 10010
Description = 
 
Error - 16.02.2013 01:42:22 | Computer Name = Mirko-VAIO | Source = DCOM | ID = 10010
Description = 
 
Error - 16.02.2013 07:44:36 | Computer Name = Mirko-VAIO | Source = DCOM | ID = 10010
Description = 
 
Error - 16.02.2013 09:21:06 | Computer Name = Mirko-VAIO | Source = DCOM | ID = 10016
Description = 
 
Error - 17.02.2013 10:59:04 | Computer Name = Mirko-VAIO | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst IPBusEnum erreicht.
 
Error - 17.02.2013 11:01:56 | Computer Name = Mirko-VAIO | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.
 
Error - 17.02.2013 11:01:57 | Computer Name = Mirko-VAIO | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.
 
Error - 17.02.2013 11:01:57 | Computer Name = Mirko-VAIO | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.
 
Error - 17.02.2013 11:01:58 | Computer Name = Mirko-VAIO | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.
 
 
< End of report >
         
--- --- ---



Werde als nächstes GMER rüber laufen lassen und das hier direkt posten.

Falls es weitere Anordnung gibt, einfach Bescheid geben - und ich werde spuren.

Alt 19.02.2013, 22:41   #2
markusg
/// Malware-holic
 
Trojaner - es ist einfach nur langsam! - Standard

Trojaner - es ist einfach nur langsam!



hi
http://www.trojaner-board.de/125889-...en-posten.html
avira Fundmeldung posten bitte
__________________

__________________

Alt 19.02.2013, 23:36   #3
trampeltier
 
Trojaner - es ist einfach nur langsam! - Standard

Trojaner - es ist einfach nur langsam!



Das Ergebnis von GMER ist knapp um das 8-fache zu groß.

Hier von avira:
16.02.

In der Datei 'C:\Program Files\Skype\Phone\Skype.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.Gen2' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern

TEIL 1 von GMER

GMER:

GMER 2.1.18952 - hxxp://www.gmer.net
Rootkit scan 2013-02-20 00:24:52
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\00000063 TOSHIBA_ rev.GT00 465,76GB
Running: GMER_2.1.18952.exe; Driver: C:\Users\Mirko\AppData\Local\Temp\ugtyipoc.sys


---- System - GMER 2.1 ----

SSDT 91C682C6 ZwCreateSection
SSDT 91C682D0 ZwRequestWaitReplyPort
SSDT 91C682CB ZwSetContextThread
SSDT 91C682D5 ZwSetSecurityObject
SSDT 91C682DA ZwSystemDebugControl
SSDT 91C68267 ZwTerminateProcess
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAcceptConnectPort [0x82E8FD9F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheck [0x82CD7825]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheckAndAuditAlarm [0x82E1FC67]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheckByType [0x82C3B88A]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheckByTypeAndAuditAlarm [0x82E91675]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheckByTypeResultList [0x82D14122]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheckByTypeResultListAndAuditAlarm [0x82F01E2B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheckByTypeResultListAndAuditAlarmByHandle [0x82F01E74]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAddAtom [0x82E144D1]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAddBootEntry [0x82F1B69E]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAddDriverEntry [0x82F1C8F3]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAdjustGroupsToken [0x82E0ACA9]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAdjustPrivilegesToken [0x82E9BCB3]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlertResumeThread [0x82EF4B8B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlertThread [0x82E47BB0]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAllocateLocallyUniqueId [0x82E177CB]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAllocateReserveObject [0x82DAD9D1]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAllocateUserPhysicalPages [0x82EE6A68]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAllocateUuids [0x82DFE262]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAllocateVirtualMemory [0x82E40BBC]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcAcceptConnectPort [0x82E8CF71]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcCancelMessage [0x82DEE2D4]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcConnectPort [0x82E8C37E]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcCreatePort [0x82E0BD20]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcCreatePortSection [0x82E9D73A]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcCreateResourceReserve [0x82E0E3A3]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcCreateSectionView [0x82E9D51A]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcCreateSecurityContext [0x82E95C72]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcDeletePortSection [0x82E201EF]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcDeleteResourceReserve [0x82EE1807]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcDeleteSectionView [0x82E9303F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcDeleteSecurityContext [0x82E9D96C]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcDisconnectPort [0x82E7637A]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcImpersonateClientOfPort [0x82E910A4]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcOpenSenderProcess [0x82E22E14]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcOpenSenderThread [0x82E16E0D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcQueryInformation [0x82E08C84]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcQueryInformationMessage [0x82E76C01]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcRevokeSecurityContext [0x82EE192F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcSendWaitReceivePort [0x82E6908E]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcSetInformation [0x82E1681D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwApphelpCacheControl [0x82E282FF]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAreMappedFilesTheSame [0x82DE417F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAssignProcessToJobObject [0x82E15FEC]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCallbackReturn [0x82C94CDC]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCancelIoFile [0x82DDF65F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCancelIoFileEx [0x82E13DFB]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCancelSynchronousIoFile [0x82ECE15C]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCancelTimer [0x82C413D6]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwClearEvent [0x82E42CB9]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwClose [0x82E5B4B0]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCloseObjectAuditAlarm [0x82E915A4]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCommitComplete [0x82F0971E]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCommitEnlistment [0x82F0943E]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCommitTransaction [0x82DEAA55]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCompactKeys [0x82EB3193]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCompareTokens [0x82E11DB1]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCompleteConnectPort [0x82E16E03]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCompressKey [0x82EB33FF]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwConnectPort [0x82E8EE80]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwContinue [0x82C573BC]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateDebugObject [0x82EC3DFD]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateDirectoryObject [0x82E19604]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateEnlistment [0x82DBBAF1]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateEvent [0x82E577A6]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateEventPair [0x82F213AC]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateFile [0x82E66332]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateIoCompletion [0x82E71845]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateJobObject [0x82E08A8B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateJobSet [0x82EF6906]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateKey [0x82E17F29]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateKeyedEvent [0x82E26E02]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateKeyTransacted [0x82DE8AD2]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateMailslotFile [0x82E1C42E]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateMutant [0x82E2727A]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateNamedPipeFile [0x82E9766F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreatePagingFile [0x82DA348C]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreatePort [0x82E08873]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreatePrivateNamespace [0x82DEA61B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateProcess [0x82EF2FBD]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateProcessEx [0x82EF3008]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateProfile [0x82F21E3F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateProfileEx [0x82F21E05]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateResourceManager [0x82DBE3FB]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateSemaphore [0x82E1CA8C]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateSymbolicLinkObject [0x82E188F4]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateThread [0x82EF2DC6]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateThreadEx [0x82E872AB]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateTimer [0x82E1541F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateToken [0x82E1BBC7]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateTransaction [0x82DE6EFE]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateTransactionManager [0x82DBE207]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateUserProcess [0x82E851DD]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateWaitablePort [0x82DBB1D0]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateWorkerFactory [0x82E2701D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDebugActiveProcess [0x82EC4CBA]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDebugContinue [0x82EC5377]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDelayExecution [0x82E3FAC9]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDeleteAtom [0x82E0318F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDeleteBootEntry [0x82F1B6CF]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDeleteDriverEntry [0x82F1C927]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDeleteFile [0x82DAF74B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDeleteKey [0x82E02A25]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDeleteObjectAuditAlarm [0x82EA1B5D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDeletePrivateNamespace [0x82EAA874]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDeleteValueKey [0x82DF443D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDeviceIoControlFile [0x82E8A54A]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDisableLastKnownGood [0x82EDE6A6]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDisplayString [0x82F19917]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDrawText [0x82D2AFB5]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDuplicateObject [0x82E4864A]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDuplicateToken [0x82E82AFB]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwEnableLastKnownGood [0x82EDE787]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwEnumerateBootEntries [0x82F1B8D1]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwEnumerateDriverEntries [0x82F1CB27]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwEnumerateKey [0x82E7DBE0]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwEnumerateSystemEnvironmentValuesEx [0x82F1B4B1]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwEnumerateTransactionObject [0x82F0A25E]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwEnumerateValueKey [0x82E80046]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwExtendSection [0x82EE4BDD]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFilterToken [0x82DFBE95]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFindAtom [0x82E07A13]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFlushBuffersFile [0x82E1F216]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFlushInstallUILanguage [0x82DAB9B8]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFlushInstructionCache [0x82E165DD]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFlushKey [0x82DF5AE2]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFlushProcessWriteBuffers [0x82C3C1B1]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFlushVirtualMemory [0x82DF11FC]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFlushWriteBuffer [0x82EE7B87]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFreeUserPhysicalPages [0x82EE7209]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFreeVirtualMemory [0x82CCF7FC]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFreezeRegistry [0x82CEA3BC]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFreezeTransactions [0x82F0A6AE]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFsControlFile [0x82E6C880]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwGetContextThread [0x82EABF3F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwGetCurrentProcessorNumber [0x82EABED4]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwGetDevicePowerState [0x82EF0003]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwGetMUIRegistryInfo [0x82E27E93]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwGetNextProcess [0x82EF4D7C]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwGetNextThread [0x82EA3D88]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwGetNlsSectionPtr [0x82DF0692]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwGetNotificationResourceManager [0x82F0A80E]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwGetPlugPlayEvent [0x82DD5F03]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwGetWriteWatch [0x82D01377]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwImpersonateAnonymousToken [0x82E0C8DE]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwImpersonateClientOfPort [0x82EE096D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwImpersonateThread [0x82E90772]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwInitializeNlsFiles [0x82E730EB]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwInitializeRegistry [0x82DAF268]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwInitiatePowerAction [0x82EA6741]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwIsProcessInJob [0x82EA7E5B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwIsSystemResumeAutomatic [0x82EEFFEA]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwIsUILanguageComitted [0x82DA9E92]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwListenPort [0x82DA6D1E]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwLoadDriver [0x82DDCC14]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwLoadKey [0x82DA84CF]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwLoadKey2 [0x82D95A59]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwLoadKeyEx [0x82DB8F0E]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwLockFile [0x82E1A42A]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwLockProductActivationKeys [0x82D8F063]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwLockRegistryKey [0x82D8A6D5]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwLockVirtualMemory [0x82C3B191]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwMakePermanentObject [0x82DDD24D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwMakeTemporaryObject [0x82E22950]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwMapCMFModule [0x82E2743F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwMapUserPhysicalPages [0x82EE5D27]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwMapUserPhysicalPagesScatter [0x82EE62FD]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwMapViewOfSection [0x82E5D4D9]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwModifyBootEntry [0x82F1B8A0]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwModifyDriverEntry [0x82F1CAF8]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwNotifyChangeDirectoryFile [0x82E0CECA]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwNotifyChangeKey [0x82E10F2B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwNotifyChangeMultipleKeys [0x82E1004D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwNotifyChangeSession [0x82DD6E07]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenDirectoryObject [0x82E596BA]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenEnlistment [0x82F08CA5]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenEvent [0x82E26C76]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenEventPair [0x82F214AD]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenFile [0x82E48C6A]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenIoCompletion [0x82ECDE51]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenJobObject [0x82EF627F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenKey [0x82E62794]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenKeyEx [0x82E26BC1]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenKeyedEvent [0x82F217E3]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenKeyTransacted [0x82DE6205]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenKeyTransactedEx [0x82DE6195]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenMutant [0x82E78260]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenObjectAuditAlarm [0x82DEF57E]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenPrivateNamespace [0x82DF0FD3]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenProcess [0x82E28AC1]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenProcessToken [0x82E7B17F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenProcessTokenEx [0x82E68CBB]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenResourceManager [0x82D94104]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenSection [0x82E807FB]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenSemaphore [0x82DFC1DA]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenSession [0x82E9DAF5]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenSymbolicLinkObject [0x82E64CC1]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenThread [0x82E74F05]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenThreadToken [0x82E8F45B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenThreadTokenEx [0x82E68DD2]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenTimer [0x82F21153]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenTransaction [0x82F09A03]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenTransactionManager [0x82F0ACA3]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPlugPlayControl [0x82DFA61A]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPowerInformation [0x82E57AA5]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPrepareComplete [0x82F095AE]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPrepareEnlistment [0x82F092CC]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPrePrepareComplete [0x82F09666]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPrePrepareEnlistment [0x82F09386]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPrivilegeCheck [0x82E0DA53]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPrivilegedServiceAuditAlarm [0x82DDCFFC]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPrivilegeObjectAuditAlarm [0x82DF7B66]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPropagationComplete [0x82F0B3FE]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPropagationFailed [0x82F0B4C6]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwProtectVirtualMemory [0x82E59539]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPulseEvent [0x82EAA725]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryAttributesFile [0x82E6EB7F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryBootEntryOrder [0x82F1BD72]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryBootOptions [0x82F1C1B5]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryDebugFilterState [0x82CDB146]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryDefaultLocale [0x82E8DD03]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryDefaultUILanguage [0x82DB9FF8]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryDirectoryFile [0x82E4AE6B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryDirectoryObject [0x82E6FBCE]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryDriverEntryOrder [0x82F1C6B3]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryEaFile [0x82DA8BF3]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryEvent [0x82E11932]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryFullAttributesFile [0x82E9774B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationAtom [0x82E03360]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationEnlistment [0x82F08EB0]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationFile [0x82E6C8B3]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationJobObject [0x82EA327D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationPort [0x82EE09A0]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationProcess [0x82E4D79E]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationResourceManager [0x82F0A918]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationThread [0x82E73EEB]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationToken [0x82E691F2]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationTransaction [0x82F09BF6]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationTransactionManager [0x82D93C0C]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationWorkerFactory [0x82D2BBDD]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInstallUILanguage [0x82DF5D54]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryIntervalProfile [0x82F221AF]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryIoCompletion [0x82ECDF14]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryKey [0x82E62E00]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryLicenseValue [0x82E18F8C]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryMultipleValueKey [0x82DF7DD5]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryMutant [0x82F218C2]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryObject [0x82E17FD5]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryOpenSubKeys [0x82EB2C85]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryOpenSubKeysEx [0x82EA0F76]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryPerformanceCounter [0x82E2735B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryPortInformationProcess [0x82EF3488]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryQuotaInformationFile [0x82ECF4F9]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQuerySection [0x82E8DB5D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQuerySecurityAttributesToken [0x82E0D3E4]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQuerySecurityObject [0x82E10F60]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQuerySemaphore [0x82F1A72E]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQuerySymbolicLinkObject [0x82E64D67]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQuerySystemEnvironmentValue [0x82F1A907]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQuerySystemEnvironmentValueEx [0x82F1AEFD]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQuerySystemInformation [0x82E46E2E]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQuerySystemInformationEx [0x82E7FF64]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQuerySystemTime [0x82E8DC6E]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryTimer [0x82F21212]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryTimerResolution [0x82E0383D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryValueKey [0x82E61557]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryVirtualMemory [0x82E72885]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryVolumeInformationFile [0x82E6D4A6]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueueApcThread [0x82E12DBE]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueueApcThreadEx [0x82E0EF7B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRaiseException [0x82C57404]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRaiseHardError [0x82DEE13F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReadFile [0x82E78E0A]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReadFileScatter [0x82DAE750]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReadOnlyEnlistment [0x82F0988E]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReadRequestData [0x82EE0A85]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReadVirtualMemory [0x82E769AA]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRecoverEnlistment [0x82F08E56]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRecoverResourceManager [0x82DBE928]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRecoverTransactionManager [0x82DC01C4]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRegisterProtocolAddressInformation [0x82F0B252]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRegisterThreadTerminatePort [0x82EF41C8]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReleaseKeyedEvent [0x82E47247]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReleaseMutant [0x82E3F9CD]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReleaseSemaphore [0x82E29C4F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReleaseWorkerFactoryWorker [0x82C9A068]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRemoveIoCompletion [0x82E1CB8D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRemoveIoCompletionEx [0x82E17B8D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRemoveProcessDebug [0x82EC4E05]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRenameKey [0x82EB2ECB]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRenameTransactionManager [0x82F0AEEE]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReplaceKey [0x82EB2A18]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReplacePartitionUnit [0x82CF308F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReplyPort [0x82E07B51]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReplyWaitReceivePort [0x82E4F73C]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReplyWaitReceivePortEx [0x82E4F2BF]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReplyWaitReplyPort [0x82EE0C51]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRequestPort [0x82E975AB]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwResetEvent [0x82DF2F9A]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwResetWriteWatch [0x82D019C8]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRestoreKey [0x82EA8A82]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwResumeProcess [0x82EF4B25]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwResumeThread [0x82E874D2]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRollbackComplete [0x82F09946]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRollbackEnlistment [0x82F094F6]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRollbackTransaction [0x82DBCD18]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRollforwardTransactionManager [0x82F0B050]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSaveKey [0x82EAA2F4]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSaveKeyEx [0x82EA9A9A]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSaveMergedKeys [0x82EB1D3B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSecureConnectPort [0x82E74F3A]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSerializeBoot [0x82DA1F8D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetBootEntryOrder [0x82F1BFB1]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetBootOptions [0x82F1C49D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetDebugFilterState [0x82D879BD]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetDefaultHardErrorPort [0x82DA593E]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetDefaultLocale [0x82DB9D7D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetDefaultUILanguage [0x82DBA2EC]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetDriverEntryOrder [0x82F1CF2B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetEaFile [0x82ECEF8C]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetEvent [0x82E40838]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetEventBoostPriority [0x82F1A3EF]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetHighEventPair [0x82F21779]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetHighWaitLowEventPair [0x82F216AB]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationDebugObject [0x82EC553D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationEnlistment [0x82F090F6]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationFile [0x82E6D93A]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationJobObject [0x82E12DE2]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationKey [0x82EB252D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationObject [0x82E1F413]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationProcess [0x82E4F75D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationResourceManager [0x82F0AB26]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationThread [0x82E80C36]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationToken [0x82E1A87F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationTransaction [0x82F0A458]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationTransactionManager [0x82F0B115]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationWorkerFactory [0x82CC3671]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetIntervalProfile [0x82F2218C]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetIoCompletion [0x82DFAC96]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetIoCompletionEx [0x82ECE03A]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetLdtEntries [0x82EF5F3F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetLowEventPair [0x82F21716]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetLowWaitHighEventPair [0x82F21640]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetQuotaInformationFile [0x82ECFB0D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetSystemEnvironmentValue [0x82F1AC03]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetSystemEnvironmentValueEx [0x82F1B215]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetSystemInformation [0x82E6523C]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetSystemPowerState [0x82F38E4A]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetSystemTime [0x82EA6FEE]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetThreadExecutionState [0x82EADCCB]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetTimer [0x82C9A192]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetTimerEx [0x82CAC888]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetTimerResolution [0x82E07C52]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetUuidSeed [0x82DA9380]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetValueKey [0x82E21526]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetVolumeInformationFile [0x82ECFB27]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwShutdownSystem [0x82F198D3]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwShutdownWorkerFactory [0x82E29A9C]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSignalAndWaitForSingleObject [0x82CE43CE]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSinglePhaseReject [0x82F097D6]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwStartProfile [0x82F21EC8]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwStopProfile [0x82F220BF]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSuspendProcess [0x82EF4AC7]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSuspendThread [0x82EABFAB]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwTerminateJobObject [0x82E09483]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwTerminateThread [0x82E8F4AB]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwTestAlert [0x82E86C81]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwThawRegistry [0x82CEA41F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwThawTransactions [0x82F0A78E]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwTraceControl [0x82E66B09]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwTraceEvent [0x82CDDAB2]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwTranslateFilePath [0x82F1D12F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwUmsThreadYield [0x82EE0917]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwUnloadDriver [0x82ED037B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwUnloadKey [0x82E9F681]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwUnloadKey2 [0x82E9F69B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwUnloadKeyEx [0x82EB1ED3]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwUnlockFile [0x82E1CFAE]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwUnlockVirtualMemory [0x82C33B17]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwUnmapViewOfSection [0x82E7B7BA]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwVdmControl [0x82F0EA87]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWaitForDebugEvent [0x82EC505B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWaitForKeyedEvent [0x82E46F70]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWaitForMultipleObjects [0x82E3F58F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWaitForMultipleObjects32 [0x82EEAAD0]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWaitForSingleObject [0x82E3EC41]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWaitForWorkViaWorkerFactory [0x82C99BF1]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWaitHighEventPair [0x82F215D7]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWaitLowEventPair [0x82F2156E]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWorkerFactoryWorkerReady [0x82CD3EA7]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWriteFile [0x82E860B2]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWriteFileGather [0x82DB6393]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWriteRequestData [0x82EE0AF2]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWriteVirtualMemory [0x82E7689A]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwYieldExecution [0x82C41C45]

INT 0x00 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C54670
INT 0x01 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C54800
INT 0x03 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C54C70
INT 0x04 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C54DF8
INT 0x05 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C54F58
INT 0x06 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C550CC
INT 0x07 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C556C8
INT 0x09 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C55B28
INT 0x0A \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C55C4C
INT 0x0B \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C55D8C
INT 0x0C \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C55FEC
INT 0x0D \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C562DC
INT 0x0E \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C569AC
INT 0x0F \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C56D60
INT 0x10 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C56E84
INT 0x11 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C56FC4
INT 0x13 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C57130
INT 0x14 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C56D60
INT 0x15 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C56D60
INT 0x16 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C56D60
INT 0x17 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C56D60
INT 0x18 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C56D60
INT 0x19 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C56D60
INT 0x1A \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C56D60
INT 0x1B \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C56D60
INT 0x1C \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C56D60
INT 0x1D \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C56D60
INT 0x1E \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C56D60
INT 0x1F \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83042AF8
INT 0x2A \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53CEA
INT 0x2B \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53E70
INT 0x2C \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53FAC
INT 0x2D \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C54B48
INT 0x2E \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C5369E
INT 0x2F \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C56D60
INT 0x30 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52D60
INT 0x31 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52D6A
INT 0x32 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52D74
INT 0x33 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52D7E
INT 0x34 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52D88
INT 0x35 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52D92
INT 0x36 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52D9C
INT 0x37 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83042104
INT 0x38 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52DB0
INT 0x39 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52DBA
INT 0x3A \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52DC4
INT 0x3B \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52DCE
INT 0x3C \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52DD8
INT 0x3D \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52DE2
INT 0x3E \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52DEC
INT 0x3F \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52DF6
INT 0x40 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52E00
INT 0x41 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52E0A
INT 0x42 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52E14
INT 0x43 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52E1E
INT 0x44 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52E28
INT 0x45 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52E32
INT 0x46 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52E3C
INT 0x47 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52E46
INT 0x48 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52E50
INT 0x49 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52E5A
INT 0x4A \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52E64
INT 0x4B \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52E6E
INT 0x4C \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52E78
INT 0x4D \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52E82
INT 0x4E \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52E8C
INT 0x4F \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52E96
INT 0x50 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52EA0
INT 0x52 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52EB4
INT 0x53 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52EBE
INT 0x54 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52EC8
INT 0x55 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52ED2
INT 0x56 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52EDC
INT 0x57 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52EE6
INT 0x58 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52EF0
INT 0x59 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52EFA
INT 0x5A \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52F04
INT 0x5B \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52F0E
INT 0x5C \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52F18
INT 0x5D \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52F22
INT 0x5E \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52F2C
INT 0x5F \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52F36
INT 0x60 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52F40
INT 0x62 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52F54
INT 0x63 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52F5E
INT 0x64 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52F68
INT 0x65 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52F72
INT 0x66 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52F7C
INT 0x67 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52F86
INT 0x68 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52F90
INT 0x69 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52F9A
INT 0x6A \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52FA4
INT 0x6B \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52FAE
INT 0x6C \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52FB8
INT 0x6D \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52FC2
INT 0x6E \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52FCC
INT 0x6F \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52FD6
INT 0x70 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52FE0
INT 0x72 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52FF4
INT 0x73 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C52FFE
INT 0x74 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53008
INT 0x75 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53012
INT 0x76 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C5301C
INT 0x77 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53026
INT 0x78 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53030
INT 0x79 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C5303A
INT 0x7A \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53044
INT 0x7B \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C5304E
INT 0x7C \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53058
INT 0x7D \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53062
INT 0x7E \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C5306C
INT 0x7F \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53076
INT 0x80 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53080
INT 0x81 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C5308A
INT 0x82 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53094
INT 0x83 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C5309E
INT 0x84 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C530A8
INT 0x85 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C530B2
INT 0x86 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C530BC
INT 0x87 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C530C6
INT 0x88 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C530D0
INT 0x89 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C530DA
INT 0x8A \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C530E4
INT 0x8B \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C530EE
INT 0x8C \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C530F8
INT 0x8D \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53102
INT 0x8E \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C5310C
INT 0x8F \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53116
INT 0x91 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C5312A
INT 0x93 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C5313E
INT 0x94 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53148
INT 0x95 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53152
INT 0x96 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C5315C
INT 0x97 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53166
INT 0x98 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53170
INT 0x99 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C5317A
INT 0x9A \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53184
INT 0x9B \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C5318E
INT 0x9C \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53198
INT 0x9D \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C531A2
INT 0x9E \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C531AC
INT 0x9F \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C531B6
INT 0xA1 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C531CA
INT 0xA3 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C531DE
INT 0xA4 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C531E8
INT 0xA5 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C531F2
INT 0xA6 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C531FC
INT 0xA7 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53206
INT 0xA8 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53210
INT 0xA9 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C5321A
INT 0xAA \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53224
INT 0xAB \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C5322E
INT 0xAC \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53238
INT 0xAD \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53242
INT 0xAE \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C5324C
INT 0xAF \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53256
INT 0xB3 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C5327E
INT 0xB4 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53288
INT 0xB5 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53292
INT 0xB6 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C5329C
INT 0xB7 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C532A6
INT 0xB8 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C532B0
__________________

Alt 19.02.2013, 23:40   #4
trampeltier
 
Trojaner - es ist einfach nur langsam! - Standard

Trojaner - es ist einfach nur langsam!



GMER TEIL 2


INT 0xB9 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C532BA
INT 0xBA \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C532C4
INT 0xBB \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C532CE
INT 0xBC \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C532D8
INT 0xBD \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C532E2
INT 0xBE \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C532EC
INT 0xBF \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C532F6
INT 0xC0 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53300
INT 0xC1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 830423F4
INT 0xC2 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53314
INT 0xC3 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C5331E
INT 0xC4 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53328
INT 0xC5 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53332
INT 0xC6 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C5333C
INT 0xC7 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53346
INT 0xC8 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53350
INT 0xC9 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C5335A
INT 0xCA \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53364
INT 0xCB \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C5336E
INT 0xCC \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53378
INT 0xCD \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53382
INT 0xCE \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C5338C
INT 0xCF \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53396
INT 0xD0 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C533A0
INT 0xD1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8302A634
INT 0xD2 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8302A898
INT 0xD3 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C533BE
INT 0xD4 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C533C8
INT 0xD5 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C533D2
INT 0xD6 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C533DC
INT 0xD7 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C533E6
INT 0xD8 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C533F0
INT 0xD9 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C533FA
INT 0xDA \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53404
INT 0xDB \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C5340E
INT 0xDC \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53418
INT 0xDD \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53422
INT 0xDE \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C5342C
INT 0xDF \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 830421DC
INT 0xE0 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53440
INT 0xE1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83042958
INT 0xE2 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53454
INT 0xE3 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 830426F8
INT 0xE4 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53468
INT 0xE5 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53472
INT 0xE6 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C5347C
INT 0xE7 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53486
INT 0xE8 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53490
INT 0xE9 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C5349A
INT 0xEA \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C534A4
INT 0xEB \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C534AE
INT 0xEC \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C534B8
INT 0xED \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C534C2
INT 0xEE \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C534C9
INT 0xEF \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C534D0
INT 0xF0 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C534D7
INT 0xF1 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C534DE
INT 0xF2 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C534E5
INT 0xF3 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C534EC
INT 0xF4 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C534F3
INT 0xF5 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C534FA
INT 0xF6 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53501
INT 0xF7 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53508
INT 0xF8 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C5350F
INT 0xF9 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53516
INT 0xFA \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C5351D
INT 0xFB \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53524
INT 0xFC \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C5352B
INT 0xFD \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83042F2C
INT 0xFE \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 830431A8
INT 0xFF \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82C53540

SYSENTER \SystemRoot\system32\ntkrnlpa.exe 82C53770

---- Kernel code sections - GMER 2.1 ----

.text ntkrnlpa.exe!RtlPrefetchMemoryNonTemporal 82C50508 1 Byte [90]
.text ntkrnlpa.exe!ZwRollbackEnlistment + 140D 82C539E9 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82C8D1C2 1 Byte [E0]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82C8D1C2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KiDispatchInterrupt + 5B7 82C8D1D7 1 Byte [D9]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5BF 82C8D1DF 1 Byte [00]
.text ntkrnlpa.exe!KeRemoveQueueEx + 11F7 82C9430C 4 Bytes [C6, 82, C6, 91]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1553 82C94668 4 Bytes [D0, 82, C6, 91]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1597 82C946AC 4 Bytes [CB, 82, C6, 91] {RETF ; ADD DH, 0x91}
.text ntkrnlpa.exe!KeRemoveQueueEx + 1613 82C94728 4 Bytes [D5, 82, C6, 91]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1667 82C9477C 4 Bytes JMP C682DA82
.text ...
.text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x93626000, 0x38E905, 0xE8000020]
.text peauth.sys 9D80DC9D 28 Bytes [0F, AE, 6D, C4, C8, 85, AF, ...]
.text peauth.sys 9D80DCC1 28 Bytes [0F, AE, 6D, C4, C8, 85, AF, ...]
PAGE peauth.sys 9D813B9B 72 Bytes CALL 8D10E21D
PAGE peauth.sys 9D813BEC 20 Bytes [90, FF, B1, 92, D2, 83, F4, ...]
PAGE peauth.sys 9D813C01 90 Bytes [4D, 53, 5D, 5B, 73, C3, 0E, ...]
PAGE ...

---- User code sections - GMER 2.1 ----

UPX1 C:\Users\Mirko\Desktop\GMER_2.1.18952.exe[4420] C:\Users\Mirko\Desktop\GMER_2.1.18952.exe entry point in "UPX1" section [0x004D8CF0]

---- Devices - GMER 2.1 ----

Device \FileSystem\Ntfs \Ntfs Ntfs.sys (NT-Dateisystemtreiber/Microsoft Corporation)
Device \FileSystem\Ntfs \Ntfs ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Ntfs \Ntfs Ntfs.sys (NT-Dateisystemtreiber/Microsoft Corporation)
Device \FileSystem\Ntfs \Ntfs ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \
Device \Driver\KSecDD \Device\KsecDD ksecdd.sys (Kernel Security Support Provider Interface/Microsoft Corporation)
Device \Driver\KSecDD \Device\KsecDD ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\NDIS \Device\Ndis ndis.sys (NDIS 6.20-Treiber/Microsoft Corporation)
Device \FileSystem\srvnet \Device\SrvNet srvnet.sys (Server Network driver/Microsoft Corporation)
Device \Driver\Beep \Device\Beep Beep.SYS (BEEP Driver/Microsoft Corporation)
Device \Driver\Beep \Device\Beep ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\WudfPf \Device\WUDFLpcDevice WudfPf.sys (Windows Driver Foundation - User-mode Driver Framework Platform Driver/Microsoft Corporation)
Device \Device\00000032
Device \Device\00000025
Device \Device\00000019
Device \Driver\NdisWan \Device\NDMP10 ndis.sys (NDIS 6.20-Treiber/Microsoft Corporation)
Device \Driver\RasAgileVpn \Device\AgileVPN ndis.sys (NDIS 6.20-Treiber/Microsoft Corporation)
Device \FileSystem\NetBIOS \Device\Netbios netbios.sys (NetBIOS interface driver/Microsoft Corporation)
Device \FileSystem\NetBIOS \Device\Netbios ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\00000033
Device \Device\00000026
Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy1 volsnap.sys (Volumeschattenkopie-Treiber/Microsoft Corporation)
Device \Driver\NdisWan \Device\NDMP11 ndis.sys (NDIS 6.20-Treiber/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000040 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000040 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000040 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\00000034
Device \Device\00000027
Device \Driver\RasPppoe \Device\NDMP12 ndis.sys (NDIS 6.20-Treiber/Microsoft Corporation)
Device \Driver\kbdclass \Device\KeyboardClass0 kbdclass.sys (Tastaturklassentreiber/Microsoft Corporation)
Device \Driver\kbdclass \Device\KeyboardClass0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernelmodustreiber-Frameworklaufzeit/Microsoft Corporation)

Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy2 volsnap.sys (Volumeschattenkopie-Treiber/Microsoft Corporation)
Device \Driver\RDPCDD \Device\Video0 VIDEOPRT.SYS (Video Port Driver/Microsoft Corporation)
Device \Driver\RDPCDD \Device\Video0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000041 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000041 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000041 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\Wdf01000 \Device\KMDF0 Wdf01000.sys (Kernelmodustreiber-Frameworklaufzeit/Microsoft Corporation)
Device \Driver\Wdf01000 \Device\KMDF0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\WMIxWDM \Device\WMIAdminDevice ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\WMIxWDM \Device\WMIAdminDevice ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\WMIxWDM \Device\WMIAdminDevice ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\00000035
Device \Device\00000028
Device \Driver\PptpMiniport \Device\NDMP13 ndis.sys (NDIS 6.20-Treiber/Microsoft Corporation)
Device \Driver\kbdclass \Device\KeyboardClass1 kbdclass.sys (Tastaturklassentreiber/Microsoft Corporation)
Device \Driver\kbdclass \Device\KeyboardClass1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)

AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Kernelmodustreiber-Frameworklaufzeit/Microsoft Corporation)

Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy3 volsnap.sys (Volumeschattenkopie-Treiber/Microsoft Corporation)
Device \Driver\volmgr \Device\VolMgrControl volmgr.sys (Volume Manager Driver/Microsoft Corporation)
Device \Driver\volmgr \Device\VolMgrControl ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\RDPENCDD \Device\Video1 VIDEOPRT.SYS (Video Port Driver/Microsoft Corporation)
Device \Driver\RDPENCDD \Device\Video1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\WudfPf \Device\ProcessManagement WudfPf.sys (Windows Driver Foundation - User-mode Driver Framework Platform Driver/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000042 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000042 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000042 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\NDProxy \Device\NDProxy NDProxy.SYS (NDIS Proxy/Microsoft Corporation)
Device \Driver\NDProxy \Device\NDProxy ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\00000036
Device \Device\00000029
Device \Driver\RasSstp \Device\NDMP14 ndis.sys (NDIS 6.20-Treiber/Microsoft Corporation)
Device \Driver\RasSstp \Device\NDMP14 rassstp.sys (RAS SSTP Miniport Call Manager/Microsoft Corporation)
Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy4 volsnap.sys (Volumeschattenkopie-Treiber/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000043 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000043 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000043 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\srvnet \Device\SrvAdmin srvnet.sys (Server Network driver/Microsoft Corporation)
Device \Driver\RDPREFMP \Device\Video2 VIDEOPRT.SYS (Video Port Driver/Microsoft Corporation)
Device \Driver\RDPREFMP \Device\Video2 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\mouclass \Device\PointerClass0 mouclass.sys (Mausklassentreiber/Microsoft Corporation)
Device \Driver\mouclass \Device\PointerClass0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ACPI \Device\00000050 ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Device\00000037
Device \Device\0000000a
Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy5 volsnap.sys (Volumeschattenkopie-Treiber/Microsoft Corporation)
Device \Device\Video3
Device \Driver\usbohci \Device\USBPDO-0 USBPORT.SYS (USB 1.1 & 2.0-Porttreiber/Microsoft Corporation)
Device \Driver\usbohci \Device\USBPDO-0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\Compbatt \Device\CompositeBattery compbatt.sys (Composite Battery Driver/Microsoft Corporation)
Device \Driver\Compbatt \Device\CompositeBattery ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\mouclass \Device\PointerClass1 mouclass.sys (Mausklassentreiber/Microsoft Corporation)
Device \Driver\mouclass \Device\PointerClass1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\00000051
Device \Driver\PnpManager \Device\00000044 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000044 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000044 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\00000038
Device \Device\0000000b
Device \Driver\amdkmdap \Device\Video4 dxgkrnl.sys (DirectX Graphics Kernel/Microsoft Corporation)
Device \Driver\amdkmdap \Device\Video4 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\NetBT \Device\NetBT_Tcpip_{D3156275-8015-44D0-A85D-FA8B3ADB0E69} netbt.sys (MBT Transport driver/Microsoft Corporation)
Device \Driver\NetBT \Device\NetBT_Tcpip_{D3156275-8015-44D0-A85D-FA8B3ADB0E69} ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\tunnel \Device\TeredoTun ndis.sys (NDIS 6.20-Treiber/Microsoft Corporation)
Device \Driver\WMIxWDM \Device\WMIDataDevice ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\WMIxWDM \Device\WMIDataDevice ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\WMIxWDM \Device\WMIDataDevice ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy6 volsnap.sys (Volumeschattenkopie-Treiber/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000045 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000045 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000045 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\spldr \Device\SPDevice spldr.sys (loader for security processor/Microsoft Corporation)
Device \Driver\spldr \Device\SPDevice ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbehci \Device\USBPDO-1 USBPORT.SYS (USB 1.1 & 2.0-Porttreiber/Microsoft Corporation)
Device \Driver\usbehci \Device\USBPDO-1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\avkmgr
Device \Driver\ACPI \Device\00000052 ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \FileSystem\RAW \Device\RawTape ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\RAW \Device\RawTape ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\RAW \Device\RawTape ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000039 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000039 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000039 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\0000000c
Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy7 volsnap.sys (Volumeschattenkopie-Treiber/Microsoft Corporation)
Device \Driver\PEAUTH \Device\PEAuth Wdf01000.sys (Kernelmodustreiber-Frameworklaufzeit/Microsoft Corporation)
Device \Driver\amdkmdap \Device\Video5 dxgkrnl.sys (DirectX Graphics Kernel/Microsoft Corporation)
Device \Driver\amdkmdap \Device\Video5 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbohci \Device\USBPDO-2 USBPORT.SYS (USB 1.1 & 2.0-Porttreiber/Microsoft Corporation)
Device \Driver\usbohci \Device\USBPDO-2 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\amdkmdag \Device\amdkmdag atikmdag.sys (ATI Radeon Kernel Mode Driver/ATI Technologies Inc.)
Device \Driver\amdkmdag \Device\amdkmdag ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\amdkmdag \Device\amdkmdag atikmdag.sys (ATI Radeon Kernel Mode Driver/ATI Technologies Inc.)
Device \Device\00000053
Device \Device\NTPNP_PCI0000
Device \Driver\PnpManager \Device\00000046 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000046 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000046 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\0000001a
Device \Device\0000000d
Device \Driver\ugtyipoc \Device\ugtyipoc ugtyipoc.sys
Device \Driver\ugtyipoc \Device\ugtyipoc ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\pci \Device\NTPNP_PCI0001 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\pci \Device\NTPNP_PCI0001 pci.sys (NT-Plug & Play PCI-Enumerator/Microsoft Corporation)
Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy8 volsnap.sys (Volumeschattenkopie-Treiber/Microsoft Corporation)
Device \Driver\ACPI \Device\00000060 ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Device\MPS
Device \Driver\vwififlt \Device\vwififlt ndis.sys (NDIS 6.20-Treiber/Microsoft Corporation)
Device \Driver\usbehci \Device\USBPDO-3 USBPORT.SYS (USB 1.1 & 2.0-Porttreiber/Microsoft Corporation)
Device \Driver\usbehci \Device\USBPDO-3 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000047 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000047 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000047 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\00000054
Device \Device\0000001b
Device \Device\0000000e
Device \Driver\ACPI \Device\00000061 ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy9 volsnap.sys (Volumeschattenkopie-Treiber/Microsoft Corporation)
Device \Driver\usbhub \Device\USBPDO-4 usbhub.sys (Default Hub Driver for USB/Microsoft Corporation)
Device \Driver\usbhub \Device\USBPDO-4 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\Psched \Device\Psched ndis.sys (NDIS 6.20-Treiber/Microsoft Corporation)
Device \Device\00000055
Device \Driver\pci \Device\NTPNP_PCI0002 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\pci \Device\NTPNP_PCI0002 pci.sys (NT-Plug & Play PCI-Enumerator/Microsoft Corporation)
Device \Driver\ACPI_HAL \Device\00000048 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ACPI_HAL \Device\00000048 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
Device \Device\0000001c
Device \Device\0000000f
Device \Driver\tdx \Device\Tcp tdx.sys (TDI Translation Driver/Microsoft Corporation)
Device \Driver\tdx \Device\Tcp ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\DfsC \Device\DfsClient dfsc.sys (DFS Namespace Client Driver/Microsoft Corporation)
Device \FileSystem\DfsC \Device\DfsClient ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ACPI \Device\00000062 ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Device\00000056
Device \Device\NTPNP_PCI0010
Device \Device\NTPNP_PCI0003
Device \Device\00000049
Device \Device\0000001d
Device \Driver\amd_sata \Device\00000063 storport.sys (Microsoft Storage Port Driver/Microsoft Corporation)
Device \Driver\amd_sata \Device\00000063 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\00000070
Device \Driver\usbhub \Device\USBPDO-6 usbhub.sys (Default Hub Driver for USB/Microsoft Corporation)
Device \Driver\usbhub \Device\USBPDO-6 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\Tcpip \Device\eQoS tcpip.sys (TCP/IP-Treiber/Microsoft Corporation)
Device \Driver\Tcpip \Device\eQoS ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\00000057
Device \Driver\pci \Device\NTPNP_PCI0011 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\pci \Device\NTPNP_PCI0011 pci.sys (NT-Plug & Play PCI-Enumerator/Microsoft Corporation)
Device \Device\NTPNP_PCI0004
Device \Device\0000002a
Device \Device\0000001e
Device \Driver\volmgr \Device\HarddiskVolume1 volmgr.sys (Volume Manager Driver/Microsoft Corporation)
Device \Driver\volmgr \Device\HarddiskVolume1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)

Device \Device\Http\ReqQueue
Device \Device\Http\Communication
Device \Driver\amdkmdap \Device\00000071 dxgkrnl.sys (DirectX Graphics Kernel/Microsoft Corporation)
Device \Driver\amdkmdap \Device\00000071 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\tunnel \Device\NDMP1 ndis.sys (NDIS 6.20-Treiber/Microsoft Corporation)
Device \Driver\ACPI \Device\00000058 ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Driver\pci \Device\NTPNP_PCI0012 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\pci \Device\NTPNP_PCI0012 pci.sys (NT-Plug & Play PCI-Enumerator/Microsoft Corporation)
Device \Driver\pci \Device\NTPNP_PCI0005 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\pci \Device\NTPNP_PCI0005 pci.sys (NT-Plug & Play PCI-Enumerator/Microsoft Corporation)
Device \Device\i Device \Device\i Device \Device\i Device \Device\i Device \Device\i Device \Device\i Device \Device\i Device \Device\i
Device \Driver\volmgr \Device\HarddiskVolume2 volmgr.sys (Volume Manager Driver/Microsoft Corporation)
Device \Driver\volmgr \Device\HarddiskVolume2 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)

Device \Driver\tunnel \Device\NDMP2 ndis.sys (NDIS 6.20-Treiber/Microsoft Corporation)
Device \Driver\RSUSBSTOR \Device\00000072 RtsUStor.sys (Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7/Realtek Semiconductor Corp.)
Device \Driver\RSUSBSTOR \Device\00000072 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\amdiox86 \Device\00000065 amdiox86.sys (AMD IO Driver/Advanced Micro Devices)
Device \Driver\amdiox86 \Device\00000065 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\blbdrive \Device\BlbControl blbdrive.sys (BLB Drive Driver/Microsoft Corporation)
Device \FileSystem\rdbss \Device\FsWrap rdbss.sys (Subsystemtreiber für Pufferung des umgeleiteten Laufwerks/Microsoft Corporation)
Device \FileSystem\rdbss \Device\FsWrap ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\TermDD \Device\Termdd termdd.sys (Remote Desktop Server Driver/Microsoft Corporation)
Device \Driver\pci \Device\NTPNP_PCI0006 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\pci \Device\NTPNP_PCI0006 pci.sys (NT-Plug & Play PCI-Enumerator/Microsoft Corporation)
Device \Driver\volmgr \Device\HarddiskVolume3 volmgr.sys (Volume Manager Driver/Microsoft Corporation)
Device \Driver\volmgr \Device\HarddiskVolume3 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)

AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)

Device \Driver\NetBT \Device\NetBT_Tcpip_{73E1F7B2-6AE0-4179-8B6B-6E74821D4D3D} netbt.sys (MBT Transport driver/Microsoft Corporation)
Device \Driver\NetBT \Device\NetBT_Tcpip_{73E1F7B2-6AE0-4179-8B6B-6E74821D4D3D} ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\tunnel \Device\NDMP3 ndis.sys (NDIS 6.20-Treiber/Microsoft Corporation)
Device \Driver\RSUSBSTOR \Device\00000073 RtsUStor.sys (Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7/Realtek Semiconductor Corp.)
Device \Driver\RSUSBSTOR \Device\00000073 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbhub \Device\00000066 usbhub.sys (Default Hub Driver for USB/Microsoft Corporation)
Device \Driver\usbhub \Device\00000066 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\tdx \Device\RawIp6 tdx.sys (TDI Translation Driver/Microsoft Corporation)
Device \Driver\tdx \Device\RawIp6 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\pci \Device\NTPNP_PCI0007 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\pci \Device\NTPNP_PCI0007 pci.sys (NT-Plug & Play PCI-Enumerator/Microsoft Corporation)
Device \Driver\NetBT \Device\NetBT_Tcpip_{62D10511-3169-4EF7-B43A-C72FE57F320E} netbt.sys (MBT Transport driver/Microsoft Corporation)
Device \Driver\NetBT \Device\NetBT_Tcpip_{62D10511-3169-4EF7-B43A-C72FE57F320E} ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\tunnel \Device\NDMP4 ndis.sys (NDIS 6.20-Treiber/Microsoft Corporation)
Device \Driver\RSUSBSTOR \Device\00000074 RtsUStor.sys (Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7/Realtek Semiconductor Corp.)
Device \Driver\RSUSBSTOR \Device\00000074 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbhub \Device\00000067 usbhub.sys (Default Hub Driver for USB/Microsoft Corporation)
Device \Driver\usbhub \Device\00000067 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\CNG \Device\CNG cng.sys (Kernel Cryptography, Next Generation/Microsoft Corporation)
Device \Driver\CNG \Device\CNG ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\pci \Device\NTPNP_PCI0008 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\pci \Device\NTPNP_PCI0008 pci.sys (NT-Plug & Play PCI-Enumerator/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000003b ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000003b ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000003b ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\L1C \Device\NDMP5 ndis.sys (NDIS 6.20-Treiber/Microsoft Corporation)
Device \Driver\usbhub \Device\00000068 usbhub.sys (Default Hub Driver for USB/Microsoft Corporation)
Device \Driver\usbhub \Device\00000068 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\TermDD \Device\RemoteVideo0 termdd.sys (Remote Desktop Server Driver/Microsoft Corporation)
Device \Driver\pci \Device\NTPNP_PCI0022 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\pci \Device\NTPNP_PCI0022 pci.sys (NT-Plug & Play PCI-Enumerator/Microsoft Corporation)
Device \Driver\pci \Device\NTPNP_PCI0009 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\pci \Device\NTPNP_PCI0009 pci.sys (NT-Plug & Play PCI-Enumerator/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000003c ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000003c ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000003c ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\athr \Device\NDMP6 ndis.sys (NDIS 6.20-Treiber/Microsoft Corporation)
Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy10 volsnap.sys (Volumeschattenkopie-Treiber/Microsoft Corporation)
Device \Driver\secdrv \Device\Secdrv secdrv.SYS (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
Device \Driver\secdrv \Device\Secdrv ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\pci \Device\NTPNP_PCI0023 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\pci \Device\NTPNP_PCI0023 pci.sys (NT-Plug & Play PCI-Enumerator/Microsoft Corporation)
Device \Driver\usbhub \Device\00000069 usbhub.sys (Default Hub Driver for USB/Microsoft Corporation)
Device \Driver\usbhub \Device\00000069 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\tdx \Device\Tcp6 tdx.sys (TDI Translation Driver/Microsoft Corporation)
Device \Driver\tdx \Device\Tcp6 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\TermDD \Device\RemoteVideo10 termdd.sys (Remote Desktop Server Driver/Microsoft Corporation)
Device \Driver\TermDD \Device\RemoteVideo1 termdd.sys (Remote Desktop Server Driver/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000003d ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000003d ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000003d ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\RasAgileVpn \Device\NDMP7 ndis.sys (NDIS 6.20-Treiber/Microsoft Corporation)
Device \Driver\NetBT \Device\NetBt_Wins_Export netbt.sys (MBT Transport driver/Microsoft Corporation)
Device \Driver\NetBT \Device\NetBt_Wins_Export ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy11 volsnap.sys (Volumeschattenkopie-Treiber/Microsoft Corporation)
Device \Driver\TermDD \Device\RemoteVideo11 termdd.sys (Remote Desktop Server Driver/Microsoft Corporation)
Device \Driver\TermDD \Device\RemoteVideo2 termdd.sys (Remote Desktop Server Driver/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000003e ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000003e ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000003e ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy12 volsnap.sys (Volumeschattenkopie-Treiber/Microsoft Corporation)
Device \Driver\Tcpip \Device\WFP tcpip.sys (TCP/IP-Treiber/Microsoft Corporation)
Device \Driver\Tcpip \Device\WFP ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\TermDD \Device\RemoteVideo12 termdd.sys (Remote Desktop Server Driver/Microsoft Corporation)
Device \Driver\TermDD \Device\RemoteVideo3 termdd.sys (Remote Desktop Server Driver/Microsoft Corporation)
Device \Driver\ACPI \Device\0000004b ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000003f ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000003f ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000003f ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy13 volsnap.sys (Volumeschattenkopie-Treiber/Microsoft Corporation)
Device \Driver\NdisWan \Device\NDMP9 ndis.sys (NDIS 6.20-Treiber/Microsoft Corporation)
Device \Driver\NativeWifiP \Device\nativewifip ndis.sys (NDIS 6.20-Treiber/Microsoft Corporation)
Device \Driver\TermDD \Device\RemoteVideo13 termdd.sys (Remote Desktop Server Driver/Microsoft Corporation)
Device \Driver\TermDD \Device\RemoteVideo4 termdd.sys (Remote Desktop Server Driver/Microsoft Corporation)
Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy14 volsnap.sys (Volumeschattenkopie-Treiber/Microsoft Corporation)
Device \Driver\TermDD \Device\RemoteVideo14 termdd.sys (Remote Desktop Server Driver/Microsoft Corporation)
Device \Driver\TermDD \Device\RemoteVideo5 termdd.sys (Remote Desktop Server Driver/Microsoft Corporation)
Device \Driver\ACPI \Device\0000004d ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Driver\mountmgr \Device\MountPointManager mountmgr.sys (Bereitstellungspunkt-Manager/Microsoft Corporation)
Device \Driver\mountmgr \Device\MountPointManager ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\tdx \Device\Tdx tdx.sys (TDI Translation Driver/Microsoft Corporation)
Device \Driver\tdx \Device\Tdx ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy15 volsnap.sys (Volumeschattenkopie-Treiber/Microsoft Corporation)
Device \Driver\ssmdrv \Device\ssmctl ssmdrv.sys (AVIRA SnapShot Driver/Avira GmbH)
Device \Driver\ssmdrv \Device\ssmctl ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\TermDD \Device\RemoteVideo15 termdd.sys (Remote Desktop Server Driver/Microsoft Corporation)
Device \Driver\TermDD \Device\RemoteVideo6 termdd.sys (Remote Desktop Server Driver/Microsoft Corporation)
Device \Driver\ACPI \Device\0000004e ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \FileSystem\Mup \Device\Mup mup.sys (Multiple UNC Provider Driver/Microsoft Corporation)
Device \Driver\nsiproxy \Device\Nsi nsiproxy.sys (NSI Proxy/Microsoft Corporation)
Device \Driver\amd_sata \Device\RaidPort0 storport.sys (Microsoft Storage Port Driver/Microsoft Corporation)
Device \Driver\amd_sata \Device\RaidPort0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy16 volsnap.sys (Volumeschattenkopie-Treiber/Microsoft Corporation)
Device \FileSystem\srv \Device\LanmanServer srv.sys (Server driver/Microsoft Corporation)
Device \FileSystem\srv2 \Device\Srv2 srv2.sys (Smb 2.0 Server driver/Microsoft Corporation)
Device \Driver\TermDD \Device\RemoteVideo7 termdd.sys (Remote Desktop Server Driver/Microsoft Corporation)
Device \Driver\Wanarpv6 \Device\WANARP wanarp.sys (MS Remote Access and Routing ARP Driver/Microsoft Corporation)
Device \Driver\partmgr \Device\PartmgrControl partmgr.sys (Partition Management Driver/Microsoft Corporation)
Device \Driver\ACPI \Device\0000004f ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Driver\tdx \Device\Udp tdx.sys (TDI Translation Driver/Microsoft Corporation)
Device \Driver\tdx \Device\Udp ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy17 volsnap.sys (Volumeschattenkopie-Treiber/Microsoft Corporation)
Device \Driver\TermDD \Device\RemoteVideo8 termdd.sys (Remote Desktop Server Driver/Microsoft Corporation)
Device \Driver\Disk \Device\Harddisk0\DR0 CLASSPNP.SYS (SCSI Class System Dll/Microsoft Corporation)
Device \Driver\Disk \Device\Harddisk0\DR0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\tdx \Device\RawIp tdx.sys (TDI Translation Driver/Microsoft Corporation)
Device \Driver\tdx \Device\RawIp ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\Ndisuio \Device\WwanProt ndisuio.sys (E/A-Treiber für NDIS-Benutzermodus/Microsoft Corporation)
Device \Driver\Ndisuio \Device\WwanProt ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ACPI \Device\0000005e ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Driver\TermDD \Device\RemoteVideo9 termdd.sys (Remote Desktop Server Driver/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000001 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000001 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000001 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ACPI \Device\0000005f ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Driver\Wanarpv6 \Device\WANARPV6 wanarp.sys (MS Remote Access and Routing ARP Driver/Microsoft Corporation)
Device \FileSystem\RAW \Device\RawDisk ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\RAW \Device\RawDisk ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\RAW \Device\RawDisk ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000002 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000002 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000002 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\Null \Device\Null Null.SYS (NULL Driver/Microsoft Corporation)
Device \Driver\Null \Device\Null ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbohci \Device\USBFDO-0 USBPORT.SYS (USB 1.1 & 2.0-Porttreiber/Microsoft Corporation)
Device \Driver\usbohci \Device\USBFDO-0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\SynTP \Device\0000006c Wdf01000.sys (Kernelmodustreiber-Frameworklaufzeit/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000003 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000003 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000003 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\Tcpip \Device\NXTIPSEC tcpip.sys (TCP/IP-Treiber/Microsoft Corporation)
Device \Driver\Tcpip \Device\NXTIPSEC ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbehci \Device\USBFDO-1 USBPORT.SYS (USB 1.1 & 2.0-Porttreiber/Microsoft Corporation)
Device \Driver\usbehci \Device\USBFDO-1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000004 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000004 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000004 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\bowser \Device\LanmanDatagramReceiver bowser.sys (NT Lan Manager Datagram Receiver Driver/Microsoft Corporation)
Device \Driver\secdrv \Device\AscKmd secdrv.SYS (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
Device \Driver\secdrv \Device\AscKmd ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\NdisWan \Device\NdisWan ndis.sys (NDIS 6.20-Treiber/Microsoft Corporation)
Device \Driver\NdisTapi \Device\NdisTapi ndistapi.sys (NDIS 3.0 connection wrapper driver/Microsoft Corporation)
Device \Driver\NdisTapi \Device\NdisTapi ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\tdx \Device\Udp6 tdx.sys (TDI Translation Driver/Microsoft Corporation)
Device \Driver\tdx \Device\Udp6 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbohci \Device\USBFDO-2 USBPORT.SYS (USB 1.1 & 2.0-Porttreiber/Microsoft Corporation)
Device \Driver\usbohci \Device\USBFDO-2 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\DXGKrnl \Device\DxgKrnl dxgkrnl.sys (DirectX Graphics Kernel/Microsoft Corporation)
Device \Driver\DXGKrnl \Device\DxgKrnl ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbccgp \Device\0000006f usbccgp.sys (USB Common Class Generic Parent Driver/Microsoft Corporation)
Device \Driver\usbccgp \Device\0000006f ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbehci \Device\USBFDO-3 USBPORT.SYS (USB 1.1 & 2.0-Porttreiber/Microsoft Corporation)
Device \Driver\usbehci \Device\USBFDO-3 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000006 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000006 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000006 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Npfs \Device\NamedPipe Npfs.SYS (NPFS Driver/Microsoft Corporation)
Device \FileSystem\Npfs \Device\NamedPipe ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\umbus \Device\0000007d Wdf01000.sys (Kernelmodustreiber-Frameworklaufzeit/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000007 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000007 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000007 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Msfs \Device\Mailslot Msfs.SYS (Mailslot driver/Microsoft Corporation)
Device \FileSystem\Msfs \Device\Mailslot ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\umbus \Device\0000007e Wdf01000.sys (Kernelmodustreiber-Frameworklaufzeit/Microsoft Corporation)
Device \Driver\L1C \Device\Oceanus.00 ndis.sys (NDIS 6.20-Treiber/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000008 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000008 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000008 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\FileInfo \Device\FileInfo fileinfo.sys (FileInfo Filter Driver/Microsoft Corporation)
Device \FileSystem\FileInfo \Device\FileInfo ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\AFD \Device\Afd afd.sys (Ancillary Function Driver for WinSock/Microsoft Corporation)
Device \Driver\Ndisuio \Device\Ndisuio ndisuio.sys (E/A-Treiber für NDIS-Benutzermodus/Microsoft Corporation)
Device \Driver\Ndisuio \Device\Ndisuio ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\RasSstp \Device\SstpDrv ndis.sys (NDIS 6.20-Treiber/Microsoft Corporation)
Device \Driver\RasSstp \Device\SstpDrv rassstp.sys (RAS SSTP Miniport Call Manager/Microsoft Corporation)
Device \FileSystem\RAW \Device\RawCdRom ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\RAW \Device\RawCdRom ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\RAW \Device\RawCdRom ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\pcw \Device\PcwDrv pcw.sys (Performance Counters for Windows Driver/Microsoft Corporation)
Device \Driver\pcw \Device\PcwDrv ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\Tcpip \Device\WfpAle tcpip.sys (TCP/IP-Treiber/Microsoft Corporation)
Device \Driver\Tcpip \Device\WfpAle ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\avipbb \Device\avipbb avipbb.sys (Avira Driver for Security Enhancement/Avira Operations GmbH & Co. KG)
Device \Driver\avipbb \Device\avipbb ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\rdyboost \Device\RdyBoost rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
Device \Driver\Tcpip \Device\IPSECDOSP tcpip.sys (TCP/IP-Treiber/Microsoft Corporation)
Device \Driver\Tcpip \Device\IPSECDOSP ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\ExFatRecognizer Fs_Rec.sys (File System Recognizer Driver/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\ExFatRecognizer ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer Fs_Rec.sys (File System Recognizer Driver/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\avgntflt \FileSystem\Filters\avgntflt avgntflt.sys (Avira Minifilter Driver/Avira Operations GmbH & Co. KG)
Device \FileSystem\Filters\FltMgrMsg
Device \FileSystem\FltMgr \FileSystem\Filters\FltMgr fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer Fs_Rec.sys (File System Recognizer Driver/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer Fs_Rec.sys (File System Recognizer Driver/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer Fs_Rec.sys (File System Recognizer Driver/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer Fs_Rec.sys (File System Recognizer Driver/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)

---- Modules - GMER 2.1 ----

Module \SystemRoot\system32\ntkrnlpa.exe(2013-02-14 10:06:46) 82C16000-83028000 (4268032 bytes)
Module \SystemRoot\system32\halmacpi.dll(2010-11-20 21:29:19) 83028000-8305F000 (225280 bytes)
Module \SystemRoot\system32\kdcom.dll(2009-07-13 23:11:06) 80BCB000-80BD3000 (32768 bytes)
Module \SystemRoot\system32\mcupdate_AuthenticAMD.dll(2009-07-13 23:13:13) 8322C000-83237000 (45056 bytes)
Module \SystemRoot\system32\PSHED.dll(2009-07-13 23:11:00) 83237000-83248000 (69632 bytes)
Module \SystemRoot\system32\BOOTVID.dll(2009-07-13 23:11:04) 83248000-83250000 (32768 bytes)
Module \SystemRoot\system32\CLFS.SYS(2009-07-13 23:11:11) 83250000-83292000 (270336 bytes)
Module \SystemRoot\system32\CI.dll(2010-11-20 21:29:11) 83292000-8333D000 (700416 bytes)
Module \SystemRoot\system32\drivers\Wdf01000.sys(2009-07-13 23:11:47) 8333D000-833AE000 (462848 bytes)
Module \SystemRoot\system32\drivers\WDFLDR.SYS(2009-07-13 23:11:25) 833AE000-833BC000 (57344 bytes)
Module \SystemRoot\system32\drivers\ACPI.sys(2010-11-20 21:29:03) 8C22C000-8C274000 (294912 bytes)
Module \SystemRoot\system32\drivers\WMILIB.SYS(2009-07-13 23:11:22) 8C274000-8C27D000 (36864 bytes)
Module \SystemRoot\system32\drivers\msisadrv.sys(2009-07-13 23:11:09) 8C27D000-8C285000 (32768 bytes)
Module \SystemRoot\system32\drivers\pci.sys(2010-11-20 21:29:03) 8C285000-8C2AF000 (172032 bytes)
Module \SystemRoot\system32\drivers\vdrvroot.sys(2009-07-13 23:46:20) 8C2AF000-8C2BA000 (45056 bytes)
Module \SystemRoot\System32\drivers\partmgr.sys(2013-02-14 10:06:07) 8C2BA000-8C2CB000 (69632 bytes)
Module \SystemRoot\system32\DRIVERS\compbatt.sys(2009-07-13 23:19:18) 8C2CB000-8C2D3000 (32768 bytes)
Module \SystemRoot\system32\DRIVERS\BATTC.SYS(2009-07-13 23:19:15) 8C2D3000-8C2DE000 (45056 bytes)
Module \SystemRoot\system32\drivers\volmgr.sys(2010-11-20 21:29:03) 8C2DE000-8C2EE000 (65536 bytes)
Module \SystemRoot\System32\drivers\volmgrx.sys(2009-07-13 23:11:42) 8C2EE000-8C339000 (307200 bytes)
Module \SystemRoot\System32\drivers\mountmgr.sys(2010-11-20 21:29:11) 8C339000-8C34F000 (90112 bytes)
Module \SystemRoot\system32\drivers\amd_sata.sys(2011-08-30 11:51:55) 8C34F000-8C362000 (77824 bytes)
Module \SystemRoot\system32\drivers\storport.sys(2013-02-13 02:05:33) 8C362000-8C3AA000 (294912 bytes)
Module \SystemRoot\system32\drivers\amd_xata.sys(2011-08-30 11:51:55) 8C3AA000-8C3B5000 (45056 bytes)
Module \SystemRoot\system32\drivers\amdsata.sys(2013-02-13 02:05:35) 8C3B5000-8C3CC000 (94208 bytes)
Module \SystemRoot\system32\drivers\amdxata.sys(2013-02-13 02:05:35) 8C3CC000-8C3D5000 (36864 bytes)
Module \SystemRoot\system32\drivers\fltmgr.sys(2009-07-13 23:11:14) 833BC000-833F0000 (212992 bytes)
Module \SystemRoot\system32\drivers\fileinfo.sys(2009-07-13 23:21:52) 8C3D5000-8C3E6000 (69632 bytes)
Module \SystemRoot\System32\Drivers\Ntfs.sys(2013-02-13 02:05:33) 8C426000-8C555000 (1241088 bytes)
Module \SystemRoot\System32\Drivers\msrpc.sys(2009-07-13 23:12:02) 8C555000-8C580000 (176128 bytes)
Module \SystemRoot\System32\Drivers\ksecdd.sys(2013-02-14 10:06:52) 8C580000-8C593000 (77824 bytes)
Module \SystemRoot\System32\Drivers\cng.sys(2013-02-14 10:06:52) 8C593000-8C5F0000 (380928 bytes)
Module \SystemRoot\System32\drivers\pcw.sys(2009-07-13 23:11:11) 8C5F0000-8C5FE000 (57344 bytes)
Module \SystemRoot\System32\Drivers\Fs_Rec.sys(2013-02-14 14:38:45) 8C400000-8C409000 (36864 bytes)
Module \SystemRoot\system32\drivers\ndis.sys(2010-11-20 21:29:12) 8C633000-8C6EA000 (749568 bytes)
Module \SystemRoot\system32\drivers\NETIO.SYS(2013-02-14 10:06:50) 8C6EA000-8C728000 (253952 bytes)
Module \SystemRoot\System32\Drivers\ksecpkg.sys(2013-02-14 10:06:52) 8C728000-8C74D000 (151552 bytes)
Module \SystemRoot\System32\drivers\tcpip.sys(2013-02-14 10:06:50) 8C808000-8C954000 (1359872 bytes)
Module \SystemRoot\System32\drivers\fwpkclnt.sys(2013-02-14 10:06:49) 8C954000-8C985000 (200704 bytes)
Module \SystemRoot\system32\drivers\volsnap.sys(2010-11-20 21:29:03) 8C985000-8C9C4000 (258048 bytes)
Module \SystemRoot\System32\Drivers\spldr.sys(2009-07-13 20:34:43) 8C9C4000-8C9CC000 (32768 bytes)
Module \SystemRoot\System32\drivers\rdyboost.sys(2010-11-20 21:29:24) 8C9CC000-8C9F9000 (184320 bytes)
Module \SystemRoot\System32\Drivers\mup.sys(2009-07-13 23:14:15) 8C74D000-8C75D000 (65536 bytes)
Module \SystemRoot\System32\drivers\hwpolicy.sys(2010-11-20 21:29:04) 8C800000-8C808000 (32768 bytes)
Module \SystemRoot\System32\DRIVERS\fvevol.sys(2010-11-20 21:29:26) 8C75D000-8C78F000 (204800 bytes)
Module \SystemRoot\system32\drivers\disk.sys(2009-07-13 23:11:28) 8C78F000-8C7A0000 (69632 bytes)
Module \SystemRoot\system32\drivers\CLASSPNP.SYS(2009-07-13 23:11:21) 8C7A0000-8C7C5000 (151552 bytes)
Module \SystemRoot\System32\Drivers\Null.SYS(2009-07-13 23:11:12) 8C9F9000-8CA00000 (28672 bytes)
Module \SystemRoot\System32\Drivers\Beep.SYS(2009-07-13 23:45:01) 8C600000-8C607000 (28672 bytes)
Module \SystemRoot\System32\drivers\vga.sys(2009-07-13 23:25:51) 8C607000-8C613000 (49152 bytes)
Module \SystemRoot\System32\drivers\VIDEOPRT.SYS(2009-07-13 23:25:51) 8C200000-8C221000 (135168 bytes)
Module \SystemRoot\System32\drivers\watchdog.sys(2009-07-13 23:24:11) 8C613000-8C620000 (53248 bytes)
Module \SystemRoot\System32\DRIVERS\RDPCDD.sys(2010-11-20 21:29:12) 8C620000-8C628000 (32768 bytes)
Module \SystemRoot\system32\drivers\rdpencdd.sys(2009-07-14 00:01:39) 8C628000-8C630000 (32768 bytes)
Module \SystemRoot\system32\drivers\rdprefmp.sys(2009-07-14 00:01:41) 8C409000-8C411000 (32768 bytes)
Module \SystemRoot\System32\Drivers\Msfs.SYS(2009-07-13 23:11:26) 8C411000-8C41C000 (45056 bytes)
Module \SystemRoot\System32\Drivers\Npfs.SYS(2009-07-13 23:11:32) 8C3E6000-8C3F4000 (57344 bytes)
Module \SystemRoot\system32\DRIVERS\tdx.sys(2010-11-20 21:29:07) 83200000-83217000 (94208 bytes)
Module \SystemRoot\system32\DRIVERS\TDI.SYS(2010-11-20 21:29:12) 8C3F4000-8C400000 (49152 bytes)

Alt 19.02.2013, 23:41   #5
trampeltier
 
Trojaner - es ist einfach nur langsam! - Standard

Trojaner - es ist einfach nur langsam!



GMER TEIL 3



Module \SystemRoot\System32\DRIVERS\netbt.sys(2010-11-20 21:29:08) 92214000-92246000 (204800 bytes)
Module \SystemRoot\system32\drivers\afd.sys(2013-02-14 09:57:16) 92246000-922A0000 (368640 bytes)
Module \SystemRoot\system32\DRIVERS\wfplwf.sys(2009-07-13 23:53:51) 922A0000-922A7000 (28672 bytes)
Module \SystemRoot\system32\DRIVERS\pacer.sys(2009-07-13 23:53:58) 922A7000-922C6000 (126976 bytes)
Module \SystemRoot\system32\DRIVERS\vwififlt.sys(2009-07-13 23:52:04) 922C6000-922D7000 (69632 bytes)
Module \SystemRoot\system32\DRIVERS\netbios.sys(2009-07-13 23:53:54) 922D7000-922E5000 (57344 bytes)
Module \SystemRoot\system32\DRIVERS\wanarp.sys(2010-11-20 21:29:20) 922E5000-922F8000 (77824 bytes)
Module \SystemRoot\system32\DRIVERS\termdd.sys(2010-11-20 21:29:03) 922F8000-92309000 (69632 bytes)
Module \SystemRoot\system32\DRIVERS\ssmdrv.sys(2013-02-13 08:50:45) 92309000-9230F000 (24576 bytes)
Module \SystemRoot\system32\DRIVERS\rdbss.sys(2010-11-20 21:29:19) 9230F000-92350000 (266240 bytes)
Module \SystemRoot\system32\drivers\nsiproxy.sys(2009-07-13 23:12:08) 92350000-9235A000 (40960 bytes)
Module \SystemRoot\system32\DRIVERS\mssmbios.sys(2009-07-13 23:19:26) 9235A000-92364000 (40960 bytes)
Module \SystemRoot\System32\drivers\discache.sys(2009-07-13 23:24:05) 92364000-92370000 (49152 bytes)
Module \SystemRoot\System32\Drivers\dfsc.sys(2010-11-20 21:29:07) 92370000-92388000 (98304 bytes)
Module \SystemRoot\system32\DRIVERS\blbdrive.sys(2009-07-13 23:23:04) 92388000-92396000 (57344 bytes)
Module \SystemRoot\system32\DRIVERS\avkmgr.sys(2013-02-13 08:50:34) 92396000-923A2000 (49152 bytes)
Module \SystemRoot\system32\DRIVERS\avipbb.sys(2013-02-13 08:50:33) 923A2000-923C5000 (143360 bytes)
Module \SystemRoot\system32\DRIVERS\tunnel.sys(2010-11-20 21:29:20) 923C5000-923E6000 (135168 bytes)
Module \SystemRoot\system32\DRIVERS\amdppm.sys(2009-07-13 23:11:04) 923E6000-923F7000 (69632 bytes)
Module \SystemRoot\system32\DRIVERS\atikmpag.sys(2011-07-04 07:44:44) 9242B000-9246B000 (262144 bytes)
Module \SystemRoot\system32\DRIVERS\atikmdag.sys(2011-07-04 07:44:44) 93625000-93DE3000 (8118272 bytes)
Module \SystemRoot\System32\drivers\dxgkrnl.sys(2010-11-20 21:29:07) 9246B000-92522000 (749568 bytes)
Module \SystemRoot\System32\drivers\dxgmms1.sys(2010-11-20 21:29:07) 92522000-9255B000 (233472 bytes)
Module \SystemRoot\system32\DRIVERS\HDAudBus.sys(2010-11-20 21:29:03) 93600000-9361F000 (126976 bytes)
Module \SystemRoot\system32\DRIVERS\L1C62x86.sys(2010-11-01 13:04:29) 93DE3000-93DF5000 (73728 bytes)
Module \SystemRoot\system32\DRIVERS\athr.sys(2010-11-02 05:53:54) 92A29000-92BE5000 (1818624 bytes)
Module \SystemRoot\system32\DRIVERS\vwifibus.sys(2009-07-13 23:52:02) 92BE5000-92BEF000 (40960 bytes)
Module \SystemRoot\system32\DRIVERS\usbohci.sys(2011-05-27 18:48:17) 92BEF000-92BF9000 (40960 bytes)
Module \SystemRoot\system32\DRIVERS\USBPORT.SYS(2011-05-27 18:48:17) 9255B000-925A6000 (307200 bytes)
Module \SystemRoot\system32\DRIVERS\usbfilter.sys(2013-02-13 02:08:10) 92A00000-92A0C000 (49152 bytes)
Module \SystemRoot\system32\DRIVERS\usbehci.sys(2011-05-27 18:48:17) 92A0C000-92A1B000 (61440 bytes)
Module \SystemRoot\system32\DRIVERS\CmBatt.sys(2009-07-13 23:19:18) 92A1B000-92A1F000 (16384 bytes)
Module \SystemRoot\system32\DRIVERS\i8042prt.sys(2009-07-13 23:11:24) 925A6000-925BE000 (98304 bytes)
Module \SystemRoot\system32\DRIVERS\kbdclass.sys(2009-07-13 23:11:15) 925BE000-925CB000 (53248 bytes)
Module \SystemRoot\system32\DRIVERS\SynTP.sys(2010-11-01 13:21:30) 92E21000-92F60000 (1306624 bytes)
Module \SystemRoot\system32\DRIVERS\USBD.SYS(2011-05-27 18:48:17) 92F60000-92F62000 (8192 bytes)
Module \SystemRoot\system32\DRIVERS\mouclass.sys(2009-07-13 23:11:15) 92F62000-92F6F000 (53248 bytes)

Module \SystemRoot\system32\DRIVERS\SFEP.sys(2010-06-02 02:59:37) 92F6F000-92F72000 (12288 bytes)
Module \SystemRoot\system32\DRIVERS\wmiacpi.sys(2009-07-13 23:19:17) 92F72000-92F7B000 (36864 bytes)
Module \SystemRoot\system32\DRIVERS\CompositeBus.sys(2010-11-20 21:29:03) 92F7B000-92F88000 (53248 bytes)
Module \SystemRoot\system32\DRIVERS\AgileVpn.sys(2009-07-13 23:55:00) 92F88000-92F9A000 (73728 bytes)
Module \SystemRoot\system32\DRIVERS\rasl2tp.sys(2009-07-13 23:54:34) 92F9A000-92FB2000 (98304 bytes)
Module \SystemRoot\system32\DRIVERS\ndistapi.sys(2009-07-13 23:54:24) 92FB2000-92FBD000 (45056 bytes)
Module \SystemRoot\system32\DRIVERS\ndiswan.sys(2010-11-20 21:29:19) 92FBD000-92FDF000 (139264 bytes)
Module \SystemRoot\system32\DRIVERS\raspppoe.sys(2009-07-13 23:54:53) 92FDF000-92FF7000 (98304 bytes)
Module \SystemRoot\system32\DRIVERS\raspptp.sys(2009-07-13 23:54:48) 92E00000-92E17000 (94208 bytes)
Module \SystemRoot\system32\DRIVERS\rassstp.sys(2009-07-13 23:54:58) 925CB000-925E2000 (94208 bytes)
Module \SystemRoot\system32\DRIVERS\swenum.sys(2009-07-13 23:45:08) 92E17000-92E19000 (8192 bytes)
Module \SystemRoot\system32\DRIVERS\ks.sys(2010-11-20 21:29:21) 94038000-9406C000 (212992 bytes)
Module \SystemRoot\system32\DRIVERS\amdiox86.sys(2013-02-13 02:14:19) 9406C000-9407C000 (65536 bytes)
Module \SystemRoot\system32\DRIVERS\umbus.sys(2010-11-20 21:29:03) 9407C000-9408A000 (57344 bytes)
Module \SystemRoot\system32\DRIVERS\usbhub.sys(2011-05-27 18:48:17) 9408A000-940CE000 (278528 bytes)
Module \SystemRoot\System32\Drivers\NDProxy.SYS(2010-11-20 21:29:20) 940CE000-940DF000 (69632 bytes)
Module \SystemRoot\system32\drivers\AtihdW73.sys(2011-07-04 07:44:43) 940DF000-940FB000 (114688 bytes)
Module \SystemRoot\system32\drivers\portcls.sys(2009-07-13 23:51:02) 940FB000-9412A000 (192512 bytes)
Module \SystemRoot\system32\drivers\drmk.sys(2009-07-13 23:51:06) 9412A000-94143000 (102400 bytes)
Module \SystemRoot\system32\drivers\RTKVHDA.sys(2013-02-13 02:11:29) 9462B000-9492C000 (3149824 bytes)
Module \SystemRoot\system32\DRIVERS\usbccgp.sys(2011-05-27 18:48:17) 9492C000-94943000 (94208 bytes)
Module \SystemRoot\System32\Drivers\usbvideo.sys(2010-11-20 21:29:03) 94943000-94967000 (147456 bytes)
Module \SystemRoot\system32\DRIVERS\ArcSoftKsUFilter.sys(2013-02-13 03:06:03) 94967000-94970000 (36864 bytes)
Module \SystemRoot\System32\Drivers\crashdmp.sys(2009-07-13 23:45:50) 94970000-9497D000 (53248 bytes)
Module \SystemRoot\System32\Drivers\dump_diskdump.sys 9497D000-94987000 (40960 bytes)
Module \SystemRoot\System32\Drivers\dump_amd_sata.sys 94987000-9499A000 (77824 bytes)
Module \SystemRoot\System32\Drivers\dump_dumpfve.sys 9499A000-949AB000 (69632 bytes)
Module \SystemRoot\System32\win32k.sys(2013-02-14 10:07:56) 99FA0000-9A1F1000 (2428928 bytes)
Module \SystemRoot\System32\drivers\Dxapi.sys(2009-07-13 23:25:26) 97661000-9766B000 (40960 bytes)
Module \SystemRoot\system32\DRIVERS\monitor.sys(2009-07-13 23:25:59) 976E1000-976EC000 (45056 bytes)
Module \SystemRoot\System32\Drivers\RtsUStor.sys(2013-02-13 02:15:42) 976EC000-9771E000 (204800 bytes)
Module \SystemRoot\system32\DRIVERS\HIDPARSE.SYS(2009-07-13 23:51:00) 97413000-9741A000 (28672 bytes)
Module \SystemRoot\System32\TSDDD.dll(2009-07-14 00:01:40) 99E10000-99E19000 (36864 bytes)
Module \SystemRoot\System32\cdd.dll(2010-11-20 21:29:07) 99E40000-99E5E000 (122880 bytes)
Module \SystemRoot\system32\drivers\luafv.sys(2009-07-13 23:15:45) 9741A000-97435000 (110592 bytes)
Module \SystemRoot\system32\DRIVERS\avgntflt.sys(2013-02-13 08:50:33) 949AB000-949C6000 (110592 bytes)
Module \SystemRoot\system32\drivers\WudfPf.sys(2010-11-20 21:29:08) 949C6000-949E0000 (106496 bytes)
Module \SystemRoot\system32\DRIVERS\lltdio.sys(2009-07-13 23:53:18) 977EE000-977FE000 (65536 bytes)
Module \SystemRoot\system32\DRIVERS\nwifi.sys(2009-07-13 23:52:03) 9B634000-9B67A000 (286720 bytes)
Module \SystemRoot\system32\DRIVERS\ndisuio.sys(2010-11-20 21:29:07) 9B67A000-9B68A000 (65536 bytes)
Module \SystemRoot\system32\DRIVERS\rspndr.sys(2009-07-13 23:53:20) 9B68A000-9B69D000 (77824 bytes)
Module \SystemRoot\system32\drivers\HTTP.sys(2010-11-20 21:29:12) 9B69D000-9B722000 (544768 bytes)
Module \SystemRoot\system32\DRIVERS\bowser.sys(2011-05-27 18:47:50) 9B722000-9B73B000 (102400 bytes)
Module \SystemRoot\System32\drivers\mpsdrv.sys(2009-07-13 23:52:53) 9B73B000-9B74D000 (73728 bytes)
Module \SystemRoot\system32\DRIVERS\mrxsmb.sys(2013-02-14 09:56:25) 9B74D000-9B770000 (143360 bytes)
Module \SystemRoot\system32\DRIVERS\mrxsmb10.sys(2013-02-14 09:56:25) 9B770000-9B7AB000 (241664 bytes)
Module \SystemRoot\system32\DRIVERS\mrxsmb20.sys(2013-02-14 09:56:25) 9B7AB000-9B7C6000 (110592 bytes)
Module \SystemRoot\system32\drivers\peauth.sys(2009-07-13 23:35:01) 9D808000-9D89F000 (618496 bytes)
Module \SystemRoot\System32\Drivers\secdrv.SYS(2009-07-14 02:05:20) 9D89F000-9D8A9000 (40960 bytes)
Module \SystemRoot\System32\DRIVERS\srvnet.sys(2013-02-14 09:57:17) 9D8A9000-9D8CA000 (135168 bytes)
Module \SystemRoot\System32\drivers\tcpipreg.sys(2010-11-20 21:29:11) 9D8CA000-9D8D7000 (53248 bytes)
Module \SystemRoot\System32\DRIVERS\srv2.sys(2013-02-14 09:57:17) 9D8D7000-9D927000 (327680 bytes)
Module \SystemRoot\System32\DRIVERS\srv.sys(2013-02-14 09:57:17) 9D927000-9D979000 (335872 bytes)
Module \SystemRoot\System32\ATMFD.DLL(2013-02-14 15:23:02) 99E60000-99EAD000 (315392 bytes)
Module \??\C:\Users\Mirko\AppData\Local\Temp\ugtyipoc.sys (FILE NOT FOUND) (GMER) 9D99D000-9D9B6000 (102400 bytes)
Module \Windows\System32\ntdll.dll(2013-02-14 09:57:15) 77310000-7744C000 (1294336 bytes)
Module \Windows\System32\smss.exe(2009-07-13 23:11:12) 48190000-481A3000 (77824 bytes)
Module \Windows\System32\apisetschema.dll(2009-07-13 23:10:57) 77550000-775A0000 (327680 bytes)
Module \Windows\System32\autochk.exe(2010-11-20 21:29:06) 00E10000-00EB6000 (679936 bytes)

---- Processes - GMER 2.1 ----

Process System Idle 0
Process System 4
Process C:\Windows\System32\smss.exe(2009-07-13 23:11:12) 264
Library C:\Windows\System32\smss.exe 0x48190000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000

Process C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe(2010-07-29 17:45:48) 360
Library C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe 0x00400000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\WS2_32.dll 0x75830000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\NSI.dll 0x77480000
Library C:\Windows\system32\SETUPAPI.dll 0x75870000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\DEVOBJ.dll 0x75690000
Library C:\Windows\system32\WTSAPI32.dll 0x74960000
Library C:\Windows\system32\USERENV.dll 0x74AC0000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Windows\system32\bthprops.cpl 0x73BE0000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll 0x744C0000
Library C:\Windows\system32\hid.dll 0x73F60000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\WINTRUST.dll 0x75770000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000
Library C:\Windows\system32\devrtl.DLL 0x74CD0000
Library C:\Windows\system32\PROPSYS.dll 0x74270000
Library C:\Windows\system32\apphelp.dll 0x753D0000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\System32\ieframe.dll 0x6D660000
Library C:\Windows\system32\PSAPI.DLL 0x77470000
Library C:\Windows\System32\OLEACC.dll 0x73A60000
Library C:\Windows\system32\iertutil.dll 0x76BE0000
Library C:\Windows\system32\urlmon.dll 0x76F70000
Library C:\Windows\system32\WININET.dll 0x76E50000
Library C:\Windows\system32\Normaliz.dll 0x75BC0000
Library C:\Windows\system32\Secur32.dll 0x75390000
Library C:\Windows\system32\SSPICLI.DLL 0x753B0000
Library C:\Windows\system32\ntmarta.dll 0x73910000
Library C:\Windows\system32\WLDAP32.dll 0x75D30000

Process C:\Windows\system32\csrss.exe(2009-07-13 23:11:09) 396
Library C:\Windows\system32\csrss.exe 0x49FD0000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\CSRSRV.dll 0x75500000
Library C:\Windows\system32\basesrv.DLL 0x754F0000
Library C:\Windows\system32\winsrv.DLL 0x754C0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\SYSTEM32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\sxssrv.DLL 0x754B0000
Library C:\Windows\system32\sxs.dll 0x75430000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000

Process C:\Windows\system32\svchost.exe(2009-07-13 23:19:28) 404
Library C:\Windows\system32\svchost.exe 0x00AF0000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library c:\windows\system32\fdrespub.dll 0x70250000
Library c:\windows\system32\wsdapi.dll 0x6FE30000
Library C:\Windows\system32\WS2_32.dll 0x75830000
Library C:\Windows\system32\NSI.dll 0x77480000
Library c:\windows\system32\IPHLPAPI.DLL 0x73600000
Library c:\windows\system32\WINNSI.DLL 0x735F0000
Library c:\windows\system32\webservices.dll 0x6FD20000
Library c:\windows\system32\FirewallAPI.dll 0x74970000
Library c:\windows\system32\VERSION.dll 0x74950000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\FunDisc.dll 0x6FE00000
Library C:\Windows\system32\ATL.DLL 0x73800000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\dhcpcsvc.DLL 0x73220000
Library C:\Windows\system32\dhcpcsvc6.DLL 0x73160000
Library C:\Windows\system32\mswsock.dll 0x74F10000
Library C:\Windows\System32\wship6.dll 0x74F00000
Library C:\Windows\System32\wshqos.dll 0x6FEF0000
Library C:\Windows\system32\wshtcpip.DLL 0x749F0000
Library C:\Windows\system32\WINHTTP.dll 0x6FB40000
Library C:\Windows\system32\webio.dll 0x6FAF0000
Library C:\Windows\system32\HTTPAPI.dll 0x6F7F0000
Library C:\Windows\system32\pcwum.dll 0x74A70000
Library C:\Windows\system32\wkscli.dll 0x73AE0000
Library C:\Windows\system32\netutils.dll 0x73AF0000
Library C:\Windows\System32\msxml6.dll 0x719A0000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\system32\XmlLite.dll 0x73ED0000
Library c:\windows\system32\fntcache.dll 0x72890000
Library c:\windows\system32\ktmw32.dll 0x715B0000
Library C:\Windows\system32\ntmarta.dll 0x73910000
Library C:\Windows\system32\WLDAP32.dll 0x75D30000
Library c:\windows\system32\ssdpsrv.dll 0x63D40000
Library C:\Windows\system32\secur32.dll 0x75390000
Library C:\Windows\system32\SSPICLI.DLL 0x753B0000
Library C:\Windows\system32\credssp.dll 0x74BB0000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library c:\windows\system32\upnphost.dll 0x618A0000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library c:\windows\system32\SSDPAPI.dll 0x6FEE0000
Library C:\Windows\system32\USERENV.dll 0x74AC0000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Windows\System32\msxml3.dll 0x6F150000
Library C:\Windows\system32\DNSAPI.dll 0x74DD0000
Library C:\Windows\system32\udhisapi.dll 0x72B80000

Process C:\Windows\system32\wininit.exe(2009-07-13 23:36:49) 508
Library C:\Windows\system32\wininit.exe 0x00F80000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Windows\system32\apphelp.dll 0x753D0000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\WS2_32.dll 0x75830000
Library C:\Windows\system32\NSI.dll 0x77480000
Library C:\Windows\system32\mswsock.dll 0x74F10000
Library C:\Windows\System32\wshtcpip.dll 0x749F0000
Library C:\Windows\System32\wship6.dll 0x74F00000
Library C:\Windows\system32\secur32.dll 0x75390000
Library C:\Windows\system32\SSPICLI.DLL 0x753B0000
Library C:\Windows\system32\credssp.dll 0x74BB0000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000

Process C:\Windows\system32\csrss.exe(2009-07-13 23:11:09) 520
Library C:\Windows\system32\csrss.exe 0x49FD0000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\CSRSRV.dll 0x75500000
Library C:\Windows\system32\basesrv.DLL 0x754F0000
Library C:\Windows\system32\winsrv.DLL 0x754C0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\SYSTEM32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\sxssrv.DLL 0x754B0000
Library C:\Windows\system32\sxs.dll 0x75430000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000

Process C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE(2013-02-13 15:54:57) 524
Library C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE 0x00400000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\PSAPI.DLL 0x77470000
Library C:\Windows\system32\WINSPOOL.DRV 0x73C90000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\profapi.dll 0x754A0000

Process C:\Windows\system32\services.exe(2009-07-13 23:11:26) 564
Library C:\Windows\system32\services.exe 0x00AB0000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\SspiCli.dll 0x753B0000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\scext.dll 0x753A0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\Secur32.dll 0x75390000
Library C:\Windows\system32\SCESRV.dll 0x75340000
Library C:\Windows\system32\srvcli.dll 0x75320000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Windows\system32\credssp.dll 0x74BB0000
Library C:\Windows\system32\AUTHZ.dll 0x750C0000
Library C:\Windows\system32\UBPM.dll 0x74B80000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\system32\apphelp.dll 0x753D0000
Library C:\Windows\system32\WTSAPI32.dll 0x74960000
Library C:\Windows\system32\WINSTA.dll 0x74B50000
Library C:\Windows\system32\WS2_32.dll 0x75830000
Library C:\Windows\system32\NSI.dll 0x77480000
Library C:\Windows\system32\mswsock.dll 0x74F10000
Library C:\Windows\System32\wshtcpip.dll 0x749F0000
Library C:\Windows\System32\wship6.dll 0x74F00000

Process C:\Windows\system32\lsass.exe(2013-02-14 09:54:51) 580
Library C:\Windows\system32\lsass.exe 0x00050000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\SspiSrv.dll 0x752F0000
Library C:\Windows\system32\lsasrv.dll 0x751F0000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\SspiCli.dll 0x753B0000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\SAMSRV.dll 0x75160000
Library C:\Windows\system32\cryptdll.dll 0x75140000
Library C:\Windows\system32\MSASN1.dll 0x75510000
Library C:\Windows\system32\wevtapi.dll 0x750F0000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\cngaudit.dll 0x750E0000
Library C:\Windows\system32\AUTHZ.dll 0x750C0000
Library C:\Windows\system32\ncrypt.dll 0x75080000
Library C:\Windows\system32\bcrypt.dll 0x75060000
Library C:\Windows\system32\msprivs.DLL 0x75050000
Library C:\Windows\system32\netjoin.dll 0x75020000
Library C:\Windows\system32\negoexts.DLL 0x75000000
Library C:\Windows\system32\Secur32.dll 0x75390000
Library C:\Windows\system32\cryptbase.dll 0x75420000
Library C:\Windows\system32\kerberos.DLL 0x74F70000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\WS2_32.dll 0x75830000
Library C:\Windows\system32\NSI.dll 0x77480000
Library C:\Windows\system32\mswsock.dll 0x74F10000
Library C:\Windows\System32\wship6.dll 0x74F00000
Library C:\Windows\system32\msv1_0.DLL 0x74EB0000
Library C:\Windows\system32\netlogon.DLL 0x74E20000
Library C:\Windows\system32\DNSAPI.dll 0x74DD0000
Library C:\Windows\system32\logoncli.dll 0x74DA0000
Library C:\Windows\system32\schannel.DLL 0x74D60000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\wdigest.DLL 0x74D30000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\system32\tspkg.DLL 0x74CB0000
Library C:\Windows\system32\pku2u.DLL 0x74C70000
Library C:\Windows\system32\livessp.DLL 0x74C30000
Library C:\Windows\system32\PSAPI.DLL 0x77470000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\bcryptprimitives.dll 0x74BF0000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Windows\system32\efslsaext.dll 0x74CE0000
Library C:\Windows\system32\scecli.DLL 0x74BC0000
Library C:\Windows\system32\credssp.dll 0x74BB0000
Library C:\Windows\system32\WINSTA.dll 0x74B50000
Library C:\Windows\system32\keyiso.dll 0x735D0000
Library C:\Windows\system32\IPHLPAPI.DLL 0x73600000
Library C:\Windows\system32\WINNSI.DLL 0x735F0000
Library C:\Windows\system32\netutils.dll 0x73AF0000
Library C:\Windows\system32\USERENV.dll 0x74AC0000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Windows\System32\wshtcpip.dll 0x749F0000
Library C:\Windows\system32\dssenh.dll 0x71D90000
Library C:\Windows\system32\GPAPI.dll 0x74AA0000
Library C:\Windows\system32\WLDAP32.dll 0x75D30000
Library C:\Windows\system32\cryptnet.dll 0x70260000

Process C:\Windows\system32\lsm.exe(2010-11-20 21:29:11) 588
Library C:\Windows\system32\lsm.exe 0x00EF0000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\SYSNTFY.dll 0x75310000
Library C:\Windows\system32\WMsgAPI.dll 0x75300000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\pcwum.dll 0x74A70000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Windows\system32\secur32.dll 0x75390000
Library C:\Windows\system32\SSPICLI.DLL 0x753B0000
Library C:\Windows\system32\credssp.dll 0x74BB0000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000

Process C:\Windows\system32\svchost.exe(2009-07-13 23:19:28) 688
Library C:\Windows\system32\svchost.exe 0x00AF0000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library c:\windows\system32\umpnpmgr.dll 0x74B00000
Library c:\windows\system32\SPINF.dll 0x74AE0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library c:\windows\system32\DEVRTL.dll 0x74CD0000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Windows\system32\USERENV.dll 0x74AC0000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Windows\system32\GPAPI.dll 0x74AA0000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library c:\windows\system32\umpo.dll 0x74A80000
Library c:\windows\system32\WINSTA.dll 0x74B50000
Library C:\Windows\system32\SETUPAPI.dll 0x75870000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\DEVOBJ.dll 0x75690000
Library c:\windows\system32\pcwum.DLL 0x74A70000
Library c:\windows\system32\rpcss.dll 0x74A10000
Library c:\windows\system32\SspiCli.dll 0x753B0000
Library C:\Windows\system32\credssp.dll 0x74BB0000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\apphelp.dll 0x753D0000
Library C:\Windows\system32\WTSAPI32.dll 0x74960000
Library C:\Windows\system32\ntmarta.dll 0x73910000
Library C:\Windows\system32\WLDAP32.dll 0x75D30000
Library C:\Windows\system32\wbem\wmidcprv.dll 0x6F5C0000
Library C:\Windows\system32\wbem\FastProx.dll 0x6F520000
Library C:\Windows\system32\wbemcomn.dll 0x6FCC0000
Library C:\Windows\system32\WS2_32.dll 0x75830000
Library C:\Windows\system32\NSI.dll 0x77480000
Library C:\Windows\system32\NTDSAPI.dll 0x6F500000
Library C:\Windows\system32\wbem\wbemprox.dll 0x70230000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\system32\wbem\wbemsvc.dll 0x6F3D0000
Library C:\Windows\system32\wbem\wmiutils.dll 0x6F390000
Library C:\Windows\system32\WINTRUST.dll 0x75770000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000

Process C:\Windows\system32\winlogon.exe(2010-11-20 21:29:06) 740
Library C:\Windows\system32\winlogon.exe 0x00590000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\WINSTA.dll 0x74B50000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Windows\system32\apphelp.dll 0x753D0000
Library C:\Windows\system32\UXINIT.dll 0x73680000
Library C:\Windows\system32\UxTheme.dll 0x74230000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\WindowsCodecs.dll 0x73D40000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\wkscli.dll 0x73AE0000
Library C:\Windows\system32\netjoin.dll 0x75020000
Library C:\Windows\system32\netutils.dll 0x73AF0000
Library C:\Windows\system32\SspiCli.dll 0x753B0000
Library C:\Windows\system32\slc.dll 0x737E0000
Library C:\Windows\system32\MPR.dll 0x71D40000
Library C:\Windows\system32\AUTHZ.dll 0x750C0000

Process C:\Windows\system32\svchost.exe(2009-07-13 23:19:28) 820
Library C:\Windows\system32\svchost.exe 0x00AF0000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library c:\windows\system32\rpcepmap.dll 0x74A00000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Windows\system32\secur32.dll 0x75390000
Library C:\Windows\system32\SSPICLI.DLL 0x753B0000
Library C:\Windows\system32\credssp.dll 0x74BB0000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library c:\windows\system32\rpcss.dll 0x74A10000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\system32\WS2_32.dll 0x75830000
Library C:\Windows\system32\NSI.dll 0x77480000
Library C:\Windows\system32\mswsock.dll 0x74F10000
Library C:\Windows\system32\user32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\System32\wshtcpip.dll 0x749F0000
Library C:\Windows\System32\wship6.dll 0x74F00000
Library C:\Windows\system32\FirewallAPI.dll 0x74970000
Library C:\Windows\system32\VERSION.dll 0x74950000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\fwpuclnt.dll 0x73460000
Library C:\Windows\system32\WTSAPI32.dll 0x74960000
Library C:\Windows\system32\WINSTA.dll 0x74B50000


Alt 19.02.2013, 23:43   #6
trampeltier
 
Trojaner - es ist einfach nur langsam! - Standard

Trojaner - es ist einfach nur langsam!



GMER TEIL 4


Process C:\Windows\system32\atiesrxx.exe(2011-07-04 07:44:44) 860
Library C:\Windows\system32\atiesrxx.exe 0x00400000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\WTSAPI32.dll 0x74960000
Library C:\Windows\system32\PSAPI.DLL 0x77470000
Library C:\Windows\system32\USERENV.dll 0x74AC0000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Windows\system32\POWRPROF.dll 0x74920000
Library C:\Windows\system32\SETUPAPI.dll 0x75870000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\DEVOBJ.dll 0x75690000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\WINSTA.dll 0x74B50000
Library C:\Windows\system32\apphelp.dll 0x753D0000

Process C:\Windows\System32\svchost.exe(2009-07-13 23:19:28) 940
Library C:\Windows\System32\svchost.exe 0x00AF0000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\System32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library c:\windows\system32\wevtsvc.dll 0x74370000
Library C:\Windows\System32\RpcRtRemote.dll 0x75490000
Library C:\Windows\System32\secur32.dll 0x75390000
Library C:\Windows\System32\SSPICLI.DLL 0x753B0000
Library C:\Windows\System32\credssp.dll 0x74BB0000
Library C:\Windows\system32\WS2_32.dll 0x75830000
Library C:\Windows\system32\NSI.dll 0x77480000
Library C:\Windows\system32\mswsock.dll 0x74F10000
Library C:\Windows\System32\wshtcpip.dll 0x749F0000
Library C:\Windows\System32\wship6.dll 0x74F00000
Library C:\Windows\System32\GPAPI.dll 0x74AA0000
Library c:\windows\system32\audiosrv.dll 0x73E50000
Library c:\windows\system32\POWRPROF.dll 0x74920000
Library C:\Windows\system32\SETUPAPI.dll 0x75870000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\DEVOBJ.dll 0x75690000
Library c:\windows\system32\MMDevAPI.DLL 0x73F20000
Library c:\windows\system32\PROPSYS.dll 0x74270000
Library c:\windows\system32\AVRT.dll 0x73E40000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library c:\windows\system32\lmhsvc.dll 0x73620000
Library c:\windows\system32\IPHLPAPI.DLL 0x73600000
Library c:\windows\system32\WINNSI.DLL 0x735F0000
Library c:\windows\system32\nrpsrv.DLL 0x735E0000
Library c:\windows\system32\dhcpcore.dll 0x73520000
Library c:\windows\system32\DNSAPI.dll 0x74DD0000
Library C:\Windows\System32\firewallapi.dll 0x74970000
Library C:\Windows\System32\VERSION.dll 0x74950000
Library C:\Windows\System32\dhcpcore6.dll 0x734E0000
Library C:\Windows\System32\WINSTA.dll 0x74B50000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\System32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\System32\audioses.dll 0x6EAD0000
Library c:\windows\system32\wscsvc.dll 0x63A70000
Library c:\windows\system32\dbghelp.dll 0x63650000
Library C:\Windows\system32\wbem\wbemprox.dll 0x70230000
Library C:\Windows\system32\wbemcomn.dll 0x6FCC0000
Library C:\Windows\system32\wbem\wbemsvc.dll 0x6F3D0000
Library C:\Windows\system32\wbem\fastprox.dll 0x6F520000
Library C:\Windows\system32\NTDSAPI.dll 0x6F500000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000
Library C:\Windows\system32\WINTRUST.DLL 0x75770000
Library C:\Windows\system32\imagehlp.dll 0x75BD0000
Library C:\Windows\System32\ncrypt.dll 0x75080000
Library C:\Windows\System32\bcrypt.dll 0x75060000
Library C:\Windows\system32\bcryptprimitives.dll 0x74BF0000
Library C:\Windows\system32\wuapi.dll 0x633E0000
Library C:\Windows\system32\Cabinet.dll 0x63A50000
Library C:\Windows\System32\profapi.dll 0x754A0000
Library C:\Windows\System32\USERENV.dll 0x74AC0000
Library C:\Windows\System32\wkscli.dll 0x73AE0000
Library C:\Windows\System32\netutils.dll 0x73AF0000
Library C:\Windows\System32\dhcpcsvc.DLL 0x73220000
Library C:\Windows\System32\dhcpcsvc6.DLL 0x73160000
Library C:\Windows\system32\RtkAPO.dll 0x72370000
Library C:\Windows\system32\WMALFXGFXDSP.dll 0x6CC20000
Library C:\Windows\System32\mfplat.DLL 0x6ECF0000
Library c:\windows\system32\provsvc.dll 0x6D630000
Library C:\Windows\system32\actxprxy.dll 0x71680000
Library C:\Windows\System32\npmproxy.dll 0x726F0000
Library C:\Windows\system32\FunDisc.dll 0x6FE00000
Library C:\Windows\system32\ATL.DLL 0x73800000
Library C:\Windows\System32\msxml6.dll 0x719A0000
Library C:\Windows\system32\fdproxy.dll 0x63C90000
Library C:\Windows\System32\P2P.dll 0x5F7C0000
Library C:\Windows\System32\P2PCOLLAB.dll 0x5F750000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library C:\Program Files\Internet Explorer\ieproxy.dll 0x63E70000
Library C:\Windows\system32\pnrpnsp.dll 0x61050000
Library C:\Windows\System32\rasadhlp.dll 0x6EFE0000
Library C:\Windows\System32\XmlLite.dll 0x73ED0000

Process C:\Windows\System32\svchost.exe(2009-07-13 23:19:28) 996
Library C:\Windows\System32\svchost.exe 0x00AF0000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\System32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library c:\windows\system32\audiosrv.dll 0x73E50000
Library c:\windows\system32\POWRPROF.dll 0x74920000
Library C:\Windows\system32\SETUPAPI.dll 0x75870000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\DEVOBJ.dll 0x75690000
Library c:\windows\system32\MMDevAPI.DLL 0x73F20000
Library c:\windows\system32\PROPSYS.dll 0x74270000
Library c:\windows\system32\AVRT.dll 0x73E40000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library c:\windows\system32\uxsms.dll 0x73690000
Library C:\Windows\System32\WTSAPI32.dll 0x74960000
Library C:\Windows\System32\WINSTA.dll 0x74B50000
Library c:\windows\system32\wudfsvc.dll 0x73660000
Library c:\windows\system32\WUDFPlatform.dll 0x73630000
Library C:\Windows\system32\PSAPI.DLL 0x77470000
Library c:\windows\system32\VERSION.dll 0x74950000
Library c:\windows\system32\wevtapi.dll 0x750F0000
Library C:\Windows\system32\WINTRUST.dll 0x75770000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000
Library c:\windows\system32\wlansvc.dll 0x73380000
Library c:\windows\system32\bcrypt.dll 0x75060000
Library c:\windows\system32\dsrole.dll 0x737F0000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library c:\windows\system32\WLANMSM.DLL 0x73310000
Library c:\windows\system32\WLANSEC.dll 0x732A0000
Library C:\Windows\system32\WS2_32.dll 0x75830000
Library C:\Windows\system32\NSI.dll 0x77480000
Library c:\windows\system32\OneX.DLL 0x73260000
Library c:\windows\system32\eappprxy.dll 0x73240000
Library c:\windows\system32\AUTHZ.dll 0x750C0000
Library c:\windows\system32\dhcpcsvc.DLL 0x73220000
Library c:\windows\system32\IPHLPAPI.DLL 0x73600000
Library c:\windows\system32\WINNSI.DLL 0x735F0000
Library c:\windows\system32\eappcfg.dll 0x731F0000
Library c:\windows\system32\wlgpclnt.dll 0x731D0000
Library c:\windows\system32\l2gpstore.dll 0x731B0000
Library c:\windows\system32\wlanutil.dll 0x731A0000
Library c:\windows\system32\SYSNTFY.dll 0x75310000
Library c:\windows\system32\WinSCard.dll 0x73170000
Library C:\Windows\System32\msxml6.dll 0x719A0000
Library C:\Windows\System32\USERENV.dll 0x74AC0000
Library C:\Windows\System32\profapi.dll 0x754A0000
Library C:\Windows\System32\SspiCli.dll 0x753B0000
Library C:\Windows\system32\apphelp.dll 0x753D0000
Library C:\Windows\System32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\System32\RpcRtRemote.dll 0x75490000
Library C:\Windows\System32\secur32.dll 0x75390000
Library C:\Windows\System32\credssp.dll 0x74BB0000
Library C:\Windows\system32\kerberos.DLL 0x74F70000
Library C:\Windows\System32\cryptdll.dll 0x75140000
Library C:\Windows\system32\netcfgx.dll 0x71400000
Library C:\Windows\system32\slc.dll 0x737E0000
Library C:\Windows\System32\devrtl.DLL 0x74CD0000
Library c:\windows\system32\sysmain.dll 0x6F890000
Library c:\windows\system32\trkwks.dll 0x6F870000
Library C:\Windows\System32\ntmarta.dll 0x73910000
Library C:\Windows\system32\WLDAP32.dll 0x75D30000
Library c:\windows\system32\netman.dll 0x72960000
Library C:\Windows\System32\netshell.dll 0x72100000
Library C:\Windows\System32\nlaapi.dll 0x73860000
Library C:\Windows\System32\GPAPI.dll 0x74AA0000
Library C:\Windows\system32\PortableDeviceApi.dll 0x71FE0000
Library C:\Windows\System32\portabledeviceconnectapi.dll 0x6DFD0000
Library C:\Windows\System32\RASDLG.dll 0x72CC0000
Library C:\Windows\System32\MPRAPI.dll 0x6F010000
Library C:\Windows\System32\RASAPI32.dll 0x73970000
Library C:\Windows\System32\rasman.dll 0x73950000
Library C:\Windows\System32\rtutils.dll 0x73940000
Library C:\Windows\system32\hnetcfg.dll 0x6F2E0000
Library C:\Windows\system32\ATL.DLL 0x73800000
Library C:\Windows\system32\wbem\wbemprox.dll 0x70230000
Library C:\Windows\system32\wbemcomn.dll 0x6FCC0000
Library C:\Windows\system32\wbem\wbemsvc.dll 0x6F3D0000
Library C:\Windows\system32\wbem\fastprox.dll 0x6F520000
Library C:\Windows\system32\NTDSAPI.dll 0x6F500000
Library c:\windows\system32\pcasvc.dll 0x67D30000
Library c:\windows\system32\AEPIC.dll 0x72DF0000
Library c:\windows\system32\sfc.dll 0x72DE0000
Library c:\windows\system32\sfc_os.DLL 0x72DD0000
Library c:\windows\system32\ipbusenum.dll 0x63CA0000
Library C:\Windows\system32\FunDisc.dll 0x6FE00000
Library C:\Windows\system32\umb.dll 0x734D0000
Library C:\Windows\system32\fdproxy.dll 0x63C90000
Library C:\Windows\system32\IPBusEnumProxy.dll 0x70650000
Library c:\windows\system32\listsvc.dll 0x5F800000
Library C:\Windows\system32\FirewallAPI.dll 0x74970000
Library C:\Windows\system32\actxprxy.dll 0x71680000
Library C:\Windows\System32\IdListen.dll 0x5F720000
Library C:\Windows\System32\XmlLite.dll 0x73ED0000
Library C:\Windows\System32\NETAPI32.dll 0x73B00000
Library C:\Windows\System32\netutils.dll 0x73AF0000
Library C:\Windows\System32\srvcli.dll 0x75320000
Library C:\Windows\System32\wkscli.dll 0x73AE0000
Library C:\Windows\System32\SAMCLI.DLL 0x73AD0000
Library C:\Windows\System32\ncrypt.dll 0x75080000
Library C:\Windows\system32\hgprint.dll 0x5F6F0000
Library C:\Windows\system32\WINSPOOL.DRV 0x73C90000
Library C:\Windows\System32\shacct.dll 0x744A0000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\COMCTL32.dll 0x72070000
Library C:\Windows\System32\SAMLIB.dll 0x74480000
Library C:\Windows\System32\cscapi.dll 0x71B10000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll 0x744C0000

Process C:\Windows\system32\svchost.exe(2009-07-13 23:19:28) 1024
Library C:\Windows\system32\svchost.exe 0x00AF0000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library c:\windows\system32\gpsvc.dll 0x73870000
Library c:\windows\system32\GPAPI.dll 0x74AA0000
Library C:\Windows\system32\WLDAP32.dll 0x75D30000
Library c:\windows\system32\Secur32.dll 0x75390000
Library C:\Windows\system32\SSPICLI.DLL 0x753B0000
Library C:\Windows\system32\NSI.dll 0x77480000
Library c:\windows\system32\SYSNTFY.dll 0x75310000
Library c:\windows\system32\nlaapi.dll 0x73860000
Library c:\windows\system32\themeservice.dll 0x73850000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library c:\windows\system32\profsvc.dll 0x73820000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library c:\windows\system32\USERENV.dll 0x74AC0000
Library c:\windows\system32\profapi.dll 0x754A0000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library c:\windows\system32\ATL.DLL 0x73800000
Library C:\Windows\system32\WINSTA.dll 0x74B50000
Library C:\Windows\system32\dsrole.dll 0x737F0000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\system32\slc.dll 0x737E0000
Library c:\windows\system32\sens.dll 0x736A0000
Library C:\Windows\system32\WS2_32.dll 0x75830000
Library C:\Windows\system32\SAMLIB.dll 0x74480000
Library c:\windows\system32\eapsvc.dll 0x735A0000
Library C:\Windows\system32\eapphost.dll 0x73560000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000
Library C:\Windows\system32\umb.dll 0x734D0000
Library C:\Windows\system32\UxTheme.dll 0x74230000
Library C:\Windows\system32\ntmarta.dll 0x73910000
Library C:\Windows\system32\WTSAPI32.dll 0x74960000
Library C:\Windows\system32\SXS.DLL 0x75430000
Library c:\windows\system32\shsvcs.dll 0x71710000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000
Library c:\windows\system32\schedsvc.dll 0x715C0000
Library c:\windows\system32\pcwum.dll 0x74A70000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library c:\windows\system32\NETAPI32.dll 0x73B00000
Library c:\windows\system32\netutils.dll 0x73AF0000
Library c:\windows\system32\srvcli.dll 0x75320000
Library c:\windows\system32\wkscli.dll 0x73AE0000
Library c:\windows\system32\wevtapi.dll 0x750F0000
Library c:\windows\system32\AUTHZ.dll 0x750C0000
Library c:\windows\system32\UBPM.dll 0x74B80000
Library c:\windows\system32\ktmw32.dll 0x715B0000
Library c:\windows\system32\XmlLite.dll 0x73ED0000
Library C:\Windows\system32\SETUPAPI.dll 0x75870000
Library C:\Windows\system32\DEVOBJ.dll 0x75690000
Library C:\Windows\system32\credssp.dll 0x74BB0000
Library C:\Windows\system32\WINTRUST.dll 0x75770000
Library C:\Windows\system32\FVEAPI.dll 0x714D0000
Library C:\Windows\system32\tbs.dll 0x71480000
Library C:\Windows\system32\FVECERTS.dll 0x71470000
Library C:\Windows\system32\LOGONCLI.DLL 0x74DA0000
Library C:\Windows\system32\taskcomp.dll 0x70EA0000
Library C:\Windows\system32\VERSION.dll 0x74950000
Library C:\Windows\system32\wiarpc.dll 0x70E90000
Library C:\Windows\system32\mswsock.dll 0x74F10000
Library C:\Windows\System32\wshtcpip.dll 0x749F0000
Library C:\Windows\System32\wship6.dll 0x74F00000
Library C:\Windows\system32\netjoin.dll 0x75020000
Library C:\Windows\system32\apphelp.dll 0x753D0000
Library C:\Windows\system32\tschannel.dll 0x70C80000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll 0x744C0000
Library C:\Windows\system32\PROPSYS.dll 0x74270000
Library c:\windows\system32\ikeext.dll 0x6FC10000
Library c:\windows\system32\fwpuclnt.dll 0x73460000
Library C:\Windows\system32\ncrypt.dll 0x75080000
Library C:\Windows\system32\bcrypt.dll 0x75060000
Library C:\Windows\system32\bcryptprimitives.dll 0x74BF0000
Library C:\Windows\system32\IPHLPAPI.DLL 0x73600000
Library C:\Windows\system32\WINNSI.DLL 0x735F0000
Library C:\Windows\system32\dhcpcsvc.DLL 0x73220000
Library C:\Windows\system32\dhcpcsvc6.DLL 0x73160000
Library c:\windows\system32\wbem\wmisvc.dll 0x6F810000
Library C:\Windows\system32\wbemcomn.dll 0x6FCC0000
Library C:\Windows\system32\VSSAPI.DLL 0x70080000
Library C:\Windows\system32\VssTrace.DLL 0x6FF00000
Library C:\Windows\system32\samcli.dll 0x73AD0000
Library c:\windows\system32\iphlpsvc.dll 0x6F690000
Library c:\windows\system32\FirewallAPI.dll 0x74970000
Library c:\windows\system32\rtutils.dll 0x73940000
Library c:\windows\system32\sqmapi.dll 0x6F650000
Library c:\windows\system32\WDSCORE.dll 0x6F610000
Library C:\Windows\system32\wbem\wbemcore.dll 0x6F430000
Library C:\Windows\system32\wbem\esscli.dll 0x6F3E0000
Library C:\Windows\system32\wbem\FastProx.dll 0x6F520000
Library C:\Windows\system32\NTDSAPI.dll 0x6F500000
Library C:\Windows\system32\wbem\wbemsvc.dll 0x6F3D0000
Library C:\Windows\system32\devrtl.DLL 0x74CD0000
Library C:\Windows\system32\NCI.dll 0x6F3B0000
Library C:\Windows\system32\wbem\wmiutils.dll 0x6F390000
Library C:\Windows\System32\netprofm.dll 0x6F330000
Library C:\Windows\system32\SPINF.dll 0x74AE0000
Library C:\Windows\system32\wbem\repdrvfs.dll 0x6F290000
Library c:\windows\system32\srvsvc.dll 0x6F120000
Library c:\windows\system32\browser.dll 0x6F100000
Library C:\Windows\system32\SSCORE.DLL 0x6F0F0000
Library C:\Windows\system32\CLUSAPI.DLL 0x6F0B0000
Library C:\Windows\system32\cryptdll.dll 0x75140000
Library C:\Windows\system32\RESUTILS.DLL 0x6F090000
Library C:\Windows\system32\DNSAPI.dll 0x74DD0000
Library C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL 0x6EF20000
Library C:\Windows\system32\PSAPI.DLL 0x77470000
Library C:\Windows\system32\rasadhlp.dll 0x6EFE0000
Library C:\Windows\system32\wbem\wmiprvsd.dll 0x6BD50000
Library C:\Windows\system32\NCObjAPI.DLL 0x73710000
Library C:\Windows\system32\wbem\wbemess.dll 0x6BCF0000
Library c:\windows\system32\appinfo.dll 0x72A40000
Library C:\Windows\System32\npmproxy.dll 0x726F0000
Library C:\Windows\system32\wbem\ncprov.dll 0x67D60000
Library c:\windows\system32\qmgr.dll 0x63DD0000
Library c:\windows\system32\bitsperf.dll 0x63DC0000
Library C:\Windows\system32\bitsigd.dll 0x63DB0000
Library C:\Windows\system32\upnp.dll 0x63D70000
Library C:\Windows\system32\WINHTTP.dll 0x6FB40000
Library C:\Windows\system32\webio.dll 0x6FAF0000
Library C:\Windows\system32\SSDPAPI.dll 0x6FEE0000
Library c:\windows\system32\wuaueng.dll 0x63470000
Library c:\windows\system32\ESENT.dll 0x6E220000
Library c:\windows\system32\WINSPOOL.DRV 0x73C90000
Library c:\windows\system32\Cabinet.dll 0x63A50000
Library c:\windows\system32\mspatcha.dll 0x63990000
Library C:\Windows\system32\WMsgAPI.dll 0x75300000
Library C:\Windows\system32\RasApi32.dll 0x73970000
Library C:\Windows\system32\rasman.dll 0x73950000
Library C:\Windows\system32\wer.dll 0x6F730000
Library C:\Windows\system32\dssenh.dll 0x71D90000
Library C:\Windows\system32\schannel.DLL 0x74D60000
Library C:\Windows\System32\msxml3.dll 0x6F150000
Library C:\Windows\system32\msi.dll 0x703B0000
Library C:\Windows\system32\cryptnet.dll 0x70260000
Library C:\Windows\system32\advpack.dll 0x67370000
Library C:\Windows\system32\hnetcfg.dll 0x6F2E0000
Library C:\Windows\system32\wups.dll 0x6F040000
Library C:\Windows\system32\wbem\wbemprox.dll 0x70230000
Library c:\windows\system32\aelupsvc.dll 0x6DFB0000
Library c:\windows\system32\mmcss.dll 0x6A100000
Library c:\windows\system32\AVRT.dll 0x73E40000
Library C:\Windows\system32\ES.DLL 0x736C0000
Library C:\Windows\system32\netcfgx.dll 0x71400000
Library C:\Windows\system32\ndiscapCfg.dll 0x72C80000
Library C:\Windows\system32\rascfg.dll 0x6A070000
Library C:\Windows\system32\MPRAPI.dll 0x6F010000
Library C:\Windows\system32\tcpipcfg.dll 0x6A040000

Process C:\Program Files\Sony\VAIO Care\VCPerfService.exe(2013-02-13 03:28:44) 1044
Library C:\Program Files\Sony\VAIO Care\VCPerfService.exe 0x00400000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\pdh.dll 0x63C10000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\VERSION.dll 0x74950000
Library C:\Windows\system32\PSAPI.DLL 0x77470000
Library C:\Windows\system32\WTSAPI32.dll 0x74960000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.5570_none_509463cabcb6ef2a\MSVCP90.dll 0x6FA30000
Library C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.5570_none_509463cabcb6ef2a\MSVCR90.dll 0x70820000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\ntmarta.dll 0x73910000
Library C:\Windows\system32\WLDAP32.dll 0x75D30000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\rasman.dll 0x73950000
Library C:\Windows\system32\WS2_32.dll 0x75830000
Library C:\Windows\system32\NSI.dll 0x77480000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\pcwum.dll 0x74A70000
Library C:\Windows\System32\perfos.dll 0x674E0000
Library C:\Windows\System32\Perfctrs.dll 0x63B20000
Library C:\Windows\System32\IPHLPAPI.DLL 0x73600000
Library C:\Windows\System32\WINNSI.DLL 0x735F0000
Library C:\Windows\system32\WINSTA.dll 0x74B50000
Library C:\Windows\system32\apphelp.dll 0x753D0000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000

Process C:\Program Files\Synaptics\SynTP\SynTPHelper.exe(2010-11-01 13:21:30) 1104
Library C:\Program Files\Synaptics\SynTP\SynTPHelper.exe 0x00400000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\PSAPI.DLL 0x77470000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\uxtheme.dll 0x74230000
Library C:\Windows\system32\cryptbase.dll 0x75420000

Process C:\Windows\system32\svchost.exe(2009-07-13 23:19:28) 1168
Library C:\Windows\system32\svchost.exe 0x00AF0000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library c:\windows\system32\es.dll 0x736C0000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library c:\windows\system32\nsisvc.dll 0x735C0000
Library C:\Windows\system32\NSI.dll 0x77480000
Library C:\Windows\system32\SXS.DLL 0x75430000
Library c:\windows\system32\netprofm.dll 0x6F330000
Library c:\windows\system32\nlaapi.dll 0x73860000
Library c:\windows\system32\wdi.dll 0x6E200000
Library C:\Windows\System32\npmproxy.dll 0x726F0000
Library C:\Windows\system32\perftrack.dll 0x6E030000
Library C:\Windows\system32\wer.dll 0x6F730000
Library C:\Windows\system32\dwmapi.dll 0x73F00000
Library C:\Windows\system32\Secur32.dll 0x75390000
Library C:\Windows\system32\SSPICLI.DLL 0x753B0000
Library C:\Windows\system32\AEPIC.dll 0x72DF0000
Library C:\Windows\system32\sfc.dll 0x72DE0000
Library C:\Windows\system32\sfc_os.DLL 0x72DD0000
Library C:\Windows\system32\VERSION.dll 0x74950000
Library C:\Windows\system32\apphelp.dll 0x753D0000
Library C:\Windows\system32\WS2_32.dll 0x75830000
Library C:\Windows\system32\IPHLPAPI.DLL 0x73600000
Library C:\Windows\system32\WINNSI.DLL 0x735F0000
Library C:\Windows\system32\GPAPI.dll 0x74AA0000
Library c:\windows\system32\fdphost.dll 0x63D30000
Library C:\Windows\system32\fdwsd.dll 0x63D10000
Library C:\Windows\system32\ATL.DLL 0x73800000
Library C:\Windows\system32\bcrypt.dll 0x75060000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\MLANG.dll 0x63CE0000
Library C:\Windows\system32\wsdapi.dll 0x6FE30000
Library C:\Windows\system32\webservices.dll 0x6FD20000
Library C:\Windows\system32\FirewallAPI.dll 0x74970000
Library C:\Windows\system32\WINHTTP.dll 0x6FB40000
Library C:\Windows\system32\webio.dll 0x6FAF0000
Library C:\Windows\system32\fdssdp.dll 0x63CC0000
Library C:\Windows\system32\SSDPAPI.dll 0x6FEE0000
Library C:\Windows\system32\fdproxy.dll 0x63C90000
Library C:\Windows\system32\bcryptprimitives.dll 0x74BF0000
Library C:\Windows\system32\dhcpcsvc.DLL 0x73220000
Library C:\Windows\system32\dhcpcsvc6.DLL 0x73160000
Library C:\Windows\system32\mswsock.dll 0x74F10000
Library C:\Windows\System32\wship6.dll 0x74F00000
Library C:\Windows\System32\wshqos.dll 0x6FEF0000
Library C:\Windows\system32\wshtcpip.DLL 0x749F0000
Library C:\Windows\system32\XmlLite.dll 0x73ED0000
Library C:\Windows\system32\credssp.dll 0x74BB0000
Library C:\Windows\system32\DNSAPI.dll 0x74DD0000
Library C:\Windows\system32\napinsp.dll 0x632B0000
Library C:\Windows\system32\pnrpnsp.dll 0x61050000
Library C:\Windows\System32\winrnr.dll 0x61040000
Library C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL 0x6EF20000
Library C:\Windows\system32\PSAPI.DLL 0x77470000
Library C:\Windows\system32\wshbth.dll 0x6B160000
Library C:\Windows\system32\rasadhlp.dll 0x6EFE0000
Library C:\Windows\System32\fwpuclnt.dll 0x73460000
Library C:\Windows\system32\USERENV.dll 0x74AC0000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Windows\system32\dsrole.dll 0x737F0000
Library C:\Windows\system32\FunDisc.dll 0x6FE00000
Library c:\windows\system32\cryptdll.dll 0x75140000
Library C:\Windows\system32\msv1_0.DLL 0x74EB0000
Library C:\Windows\System32\msxml6.dll 0x719A0000
Library C:\Windows\system32\propsys.dll 0x74270000
Library C:\Program Files\Internet Explorer\ieproxy.dll 0x63E70000

Process c:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe(2010-11-26 23:55:42) 1212
Library c:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe 0x00F40000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\SETUPAPI.dll 0x75870000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000
Library C:\Windows\system32\DEVOBJ.dll 0x75690000
Library C:\Windows\WinSxS\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.5570_none_51ce1f16bbe3e56e\ATL90.DLL 0x6FAC0000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.5570_none_509463cabcb6ef2a\MSVCP90.dll 0x6FA30000
Library C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.5570_none_509463cabcb6ef2a\MSVCR90.dll 0x70820000
Library C:\Windows\system32\IPHLPAPI.DLL 0x73600000
Library C:\Windows\system32\NSI.dll 0x77480000
Library C:\Windows\system32\WINNSI.DLL 0x735F0000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000

Process C:\Windows\system32\svchost.exe(2009-07-13 23:19:28) 1268
Library C:\Windows\system32\svchost.exe 0x00AF0000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\system32\WS2_32.dll 0x75830000
Library C:\Windows\system32\NSI.dll 0x77480000
Library c:\windows\system32\DNSAPI.dll 0x74DD0000
Library c:\windows\system32\WINNSI.DLL 0x735F0000
Library C:\Windows\system32\Fwpuclnt.dll 0x73460000
Library C:\Windows\system32\USERENV.dll 0x74AC0000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Windows\system32\GPAPI.dll 0x74AA0000
Library C:\Windows\system32\mswsock.dll 0x74F10000
Library C:\Windows\System32\wship6.dll 0x74F00000
Library C:\Windows\system32\iphlpapi.dll 0x73600000
Library C:\Windows\system32\dhcpcsvc.DLL 0x73220000
Library C:\Windows\system32\dhcpcsvc6.DLL 0x73160000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library c:\windows\system32\wkssvc.dll 0x70A80000
Library c:\windows\system32\netutils.dll 0x73AF0000
Library c:\windows\system32\netjoin.dll 0x75020000
Library C:\Windows\system32\SspiCli.dll 0x753B0000
Library c:\windows\system32\cryptsvc.dll 0x70200000
Library c:\windows\system32\CRYPTNET.dll 0x70260000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000
Library C:\Windows\system32\WLDAP32.dll 0x75D30000
Library C:\Windows\system32\VSSAPI.DLL 0x70080000
Library C:\Windows\system32\ATL.DLL 0x73800000
Library C:\Windows\system32\VssTrace.DLL 0x6FF00000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\samcli.dll 0x73AD0000
Library C:\Windows\system32\SAMLIB.dll 0x74480000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\es.dll 0x736C0000
Library C:\Windows\system32\PROPSYS.dll 0x74270000
Library c:\windows\system32\nlasvc.dll 0x6FBD0000
Library c:\windows\system32\wevtapi.dll 0x750F0000
Library c:\windows\system32\ncsi.dll 0x6FBA0000
Library c:\windows\system32\WINHTTP.dll 0x6FB40000
Library c:\windows\system32\webio.dll 0x6FAF0000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000

Alt 19.02.2013, 23:44   #7
trampeltier
 
Trojaner - es ist einfach nur langsam! - Standard

Trojaner - es ist einfach nur langsam!



GMER Teil 5



Library C:\Windows\system32\secur32.dll 0x75390000
Library C:\Windows\system32\credssp.dll 0x74BB0000
Library C:\Windows\system32\ssdpapi.dll 0x6FEE0000
Library C:\Windows\system32\wkscli.dll 0x73AE0000
Library C:\Windows\system32\WTSAPI32.dll 0x74960000
Library C:\Windows\system32\WINSTA.dll 0x74B50000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\ESENT.dll 0x6E220000
Library C:\Windows\system32\psapi.dll 0x77470000
Library C:\Windows\System32\wshtcpip.dll 0x749F0000
Library C:\Windows\system32\bcrypt.dll 0x75060000
Library C:\Windows\system32\bcryptprimitives.dll 0x74BF0000
Library C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL 0x6EF20000
Library C:\Windows\system32\rasadhlp.dll 0x6EFE0000
Library C:\Windows\system32\Cabinet.dll 0x63A50000
Library C:\Windows\system32\DEVRTL.dll 0x74CD0000
Library C:\Windows\system32\ncrypt.dll 0x75080000
Library C:\Windows\system32\SensApi.dll 0x6F7E0000
Library C:\Windows\system32\logoncli.dll 0x74DA0000
Library c:\windows\system32\dnsrslvr.dll 0x5FA40000
Library C:\Windows\System32\dnsext.dll 0x72C90000

Process C:\Windows\Explorer.EXE(2011-05-27 18:47:58) 1416
Library C:\Windows\Explorer.EXE 0x00300000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\EXPLORERFRAME.dll 0x71BD0000
Library C:\Windows\system32\DUser.dll 0x73FB0000
Library C:\Windows\system32\DUI70.dll 0x73FE0000
Library C:\Windows\system32\IMM32.dll 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\UxTheme.dll 0x74230000
Library C:\Windows\system32\POWRPROF.dll 0x74920000
Library C:\Windows\system32\SETUPAPI.dll 0x75870000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000
Library C:\Windows\system32\DEVOBJ.dll 0x75690000
Library C:\Windows\system32\dwmapi.dll 0x73F00000
Library C:\Windows\system32\slc.dll 0x737E0000
Library C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll 0x740A0000
Library C:\Windows\system32\Secur32.dll 0x75390000
Library C:\Windows\system32\SSPICLI.DLL 0x753B0000
Library C:\Windows\system32\PROPSYS.dll 0x74270000
Library C:\Windows\system32\WINSTA.dll 0x74B50000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll 0x744C0000
Library C:\Windows\system32\WindowsCodecs.dll 0x73D40000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Windows\system32\apphelp.dll 0x753D0000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\EhStorShell.dll 0x71B90000
Library C:\Windows\system32\ntshrui.dll 0x71B20000
Library C:\Windows\system32\srvcli.dll 0x75320000
Library C:\Windows\system32\cscapi.dll 0x71B10000
Library C:\Windows\system32\IconCodecService.dll 0x71B00000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Windows\system32\SndVolSSO.DLL 0x73F70000
Library C:\Windows\system32\HID.DLL 0x73F60000
Library C:\Windows\System32\MMDevApi.dll 0x73F20000
Library C:\Windows\system32\timedate.cpl 0x71920000
Library C:\Windows\system32\ATL.DLL 0x73800000
Library C:\Windows\system32\actxprxy.dll 0x71680000
Library C:\Windows\system32\ntmarta.dll 0x73910000
Library C:\Windows\system32\WLDAP32.dll 0x75D30000
Library C:\Windows\System32\shdocvw.dll 0x714A0000
Library C:\Windows\system32\LINKINFO.dll 0x71490000
Library C:\Windows\system32\msutb.dll 0x70E60000
Library C:\Windows\system32\USERENV.dll 0x74AC0000
Library C:\Windows\system32\SAMLIB.dll 0x74480000
Library C:\Windows\system32\samcli.dll 0x73AD0000
Library C:\Windows\system32\netutils.dll 0x73AF0000
Library C:\Windows\system32\msls31.dll 0x708E0000
Library C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll 0x70700000
Library C:\Windows\system32\authui.dll 0x74760000
Library C:\Windows\system32\CRYPTUI.dll 0x74660000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000
Library C:\Windows\system32\urlmon.dll 0x76F70000
Library C:\Windows\system32\iertutil.dll 0x76BE0000
Library C:\Windows\system32\WININET.dll 0x76E50000
Library C:\Windows\system32\Normaliz.dll 0x75BC0000
Library C:\Windows\system32\stobject.dll 0x71DC0000
Library C:\Windows\system32\BatMeter.dll 0x6EA10000
Library C:\Windows\system32\WINMM.dll 0x70910000
Library C:\Windows\system32\WTSAPI32.dll 0x74960000
Library C:\Windows\system32\wdmaud.drv 0x71D60000
Library C:\Windows\system32\ksuser.dll 0x709E0000
Library C:\Windows\system32\AVRT.dll 0x73E40000
Library C:\Windows\system32\WINTRUST.dll 0x75770000
Library C:\Windows\system32\AUDIOSES.DLL 0x6EAD0000
Library C:\Windows\system32\MsftEdit.dll 0x73B40000
Library C:\Windows\system32\msacm32.drv 0x73D10000
Library C:\Windows\system32\MSACM32.dll 0x73CF0000
Library C:\Windows\system32\midimap.dll 0x73B30000
Library C:\Windows\system32\VERSION.dll 0x74950000
Library C:\Windows\system32\es.dll 0x736C0000
Library C:\Windows\system32\prnfldr.dll 0x72FF0000
Library C:\Windows\system32\WINSPOOL.DRV 0x73C90000
Library C:\Windows\system32\dxp.dll 0x72F80000
Library C:\Windows\system32\Syncreg.dll 0x73B20000
Library C:\Windows\ehome\ehSSO.dll 0x73AC0000
Library C:\Windows\System32\netshell.dll 0x72100000
Library C:\Windows\System32\IPHLPAPI.DLL 0x73600000
Library C:\Windows\system32\NSI.dll 0x77480000
Library C:\Windows\System32\WINNSI.DLL 0x735F0000
Library C:\Windows\System32\nlaapi.dll 0x73860000
Library C:\Windows\System32\AltTab.dll 0x73A50000
Library C:\Windows\system32\wpdshserviceobj.dll 0x73720000
Library C:\Windows\system32\PortableDeviceTypes.dll 0x73130000
Library C:\Windows\system32\PortableDeviceApi.dll 0x71FE0000
Library C:\Program Files\WIDCOMM\Bluetooth Software\btncopy.dll 0x10000000
Library C:\Windows\System32\pnidui.dll 0x71E30000
Library C:\Windows\System32\QUtil.dll 0x73110000
Library C:\Windows\System32\wevtapi.dll 0x750F0000
Library C:\Windows\system32\dhcpcsvc.DLL 0x73220000
Library C:\Windows\system32\WS2_32.dll 0x75830000
Library C:\Windows\system32\dhcpcsvc6.DLL 0x73160000
Library C:\Windows\System32\srchadmin.dll 0x70990000
Library C:\Windows\system32\credssp.dll 0x74BB0000
Library C:\Windows\System32\Actioncenter.dll 0x6CD80000
Library C:\Windows\system32\XmlLite.dll 0x73ED0000
Library C:\Windows\system32\fxsst.dll 0x6CB40000
Library C:\Windows\system32\FXSAPI.dll 0x730D0000
Library C:\Windows\system32\FXSRESM.DLL 0x6CA50000
Library C:\Windows\System32\gameux.dll 0x6C7D0000
Library C:\Windows\System32\wer.dll 0x6F730000
Library C:\Windows\system32\msiltcfg.dll 0x739D0000
Library C:\Windows\system32\msi.dll 0x703B0000
Library C:\Windows\System32\SyncCenter.dll 0x6B510000
Library C:\Windows\system32\mssprxy.dll 0x6E1B0000
Library C:\Windows\System32\npmproxy.dll 0x726F0000
Library C:\Windows\system32\Wlanapi.dll 0x70340000
Library C:\Windows\system32\wlanutil.dll 0x731A0000
Library C:\Windows\system32\wwanapi.dll 0x6E7D0000
Library C:\Windows\system32\wwapi.dll 0x72DA0000
Library C:\Windows\system32\imapi2.dll 0x6E680000
Library C:\Windows\System32\hgcpl.dll 0x6E630000
Library C:\Windows\System32\QAgent.dll 0x6E590000
Library C:\Windows\System32\provsvc.dll 0x6D630000
Library C:\Windows\system32\wkscli.dll 0x73AE0000
Library C:\Windows\System32\bthprops.cpl 0x73BE0000
Library C:\Windows\system32\SXS.DLL 0x75430000
Library C:\Windows\System32\wscinterop.dll 0x649C0000
Library C:\Windows\System32\WSCAPI.dll 0x649B0000
Library C:\Windows\System32\wscui.cpl 0x63FD0000
Library C:\Windows\System32\werconcpl.dll 0x63EC0000
Library C:\Windows\System32\framedynos.dll 0x67590000
Library C:\Windows\System32\wercplsupport.dll 0x64990000
Library C:\Windows\System32\msxml6.dll 0x719A0000
Library C:\Windows\System32\hcproviders.dll 0x63EB0000
Library C:\Program Files\Internet Explorer\ieproxy.dll 0x63E70000
Library C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll 0x03430000
Library C:\Windows\system32\PSAPI.DLL 0x77470000
Library C:\Windows\system32\van.dll 0x632D0000
Library C:\Windows\system32\RasMM.dll 0x60F30000
Library C:\Windows\system32\RASAPI32.dll 0x73970000
Library C:\Windows\system32\rasman.dll 0x73950000
Library C:\Windows\system32\WWanMM.dll 0x60E80000
Library C:\Windows\system32\WlanMM.dll 0x60DC0000
Library C:\Windows\system32\wlanhlp.dll 0x610D0000
Library C:\Windows\system32\OneX.DLL 0x73260000
Library C:\Windows\system32\eappprxy.dll 0x73240000
Library C:\Windows\system32\eappcfg.dll 0x731F0000
Library C:\Windows\system32\bcrypt.dll 0x75060000
Library C:\Windows\system32\bcryptprimitives.dll 0x74BF0000
Library C:\Windows\system32\xwizards.dll 0x61070000
Library C:\Windows\system32\WLanConn.dll 0x60D10000
Library C:\Windows\system32\DEVRTL.dll 0x74CD0000
Library C:\Windows\system32\MPR.dll 0x71D40000
Library C:\Windows\System32\ieframe.dll 0x6D660000
Library C:\Windows\System32\OLEACC.dll 0x73A60000
Library C:\Windows\system32\SearchFolder.dll 0x70660000
Library C:\Windows\System32\StructuredQuery.dll 0x70760000
Library C:\Windows\System32\NaturalLanguage6.dll 0x60B80000
Library C:\Windows\System32\NLSData0007.dll 0x60950000
Library C:\Windows\System32\NLSLexicons0007.dll 0x5FDD0000
Library C:\Windows\system32\thumbcache.dll 0x72CA0000
Library C:\Windows\system32\SFC.DLL 0x72DE0000
Library C:\Windows\system32\sfc_os.DLL 0x72DD0000
Library C:\Windows\System32\UIAnimation.dll 0x72B90000
Library C:\Program Files\Sony\VAIO Gate\VAIOGateDesktopShellExt.dll 0x734C0000
Library C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.5570_none_509463cabcb6ef2a\MSVCR90.dll 0x70820000
Library C:\Program Files\Windows Sidebar\sbdrop.dll 0x70800000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll 0x5F990000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiamdeu.dll 0x73450000
Library C:\Windows\system32\zipfldr.dll 0x63B60000
Library C:\Program Files\WinRAR\rarext.dll 0x63C50000
Library C:\Windows\system32\MLANG.dll 0x63CE0000
Library C:\Windows\system32\NetworkExplorer.dll 0x6EB10000
Library C:\Windows\system32\twext.dll 0x6D3D0000
Library C:\Program Files\Sony\VAIO Gate\VAIOGateShellExt.dll 0x739E0000
Library C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.5570_none_509463cabcb6ef2a\MSVCP90.dll 0x6FA30000
Library C:\Program Files\Avira\AntiVir Desktop\shlext.dll 0x6A0C0000
Library C:\Windows\system32\mfc100u.dll 0x6BDE0000
Library C:\Windows\system32\MSVCR100.dll 0x70D30000
Library C:\Windows\system32\MSIMG32.dll 0x736B0000
Library C:\Windows\system32\MSVCP100.dll 0x70DF0000
Library C:\Windows\system32\MFC100DEU.DLL 0x71E20000
Library C:\Windows\system32\syncui.dll 0x6A090000
Library C:\Windows\system32\SYNCENG.dll 0x707E0000
Library C:\Windows\system32\acppage.dll 0x734A0000
Library C:\Windows\system32\EhStorAPI.dll 0x638C0000
Library C:\Windows\System32\netprofm.dll 0x6F330000
Library C:\Windows\System32\msxml3.dll 0x6F150000
Library C:\Windows\system32\tquery.dll 0x72710000

Process C:\Windows\system32\atieclxx.exe(2011-07-04 07:44:44) 1464
Library C:\Windows\system32\atieclxx.exe 0x00400000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\USERENV.dll 0x74AC0000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Windows\system32\WTSAPI32.dll 0x74960000
Library C:\Windows\system32\POWRPROF.dll 0x74920000
Library C:\Windows\system32\SETUPAPI.dll 0x75870000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\DEVOBJ.dll 0x75690000
Library C:\Windows\system32\dwmapi.dll 0x73F00000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\atiadlxx.dll 0x10000000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\PSAPI.DLL 0x77470000
Library C:\Windows\system32\WINTRUST.dll 0x75770000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000
Library C:\Windows\system32\WINSTA.dll 0x74B50000
Library C:\Windows\system32\uxtheme.dll 0x74230000
Library C:\Windows\system32\SspiCli.dll 0x753B0000

Process C:\Program Files\Sony\VAIO Update\VUAgent.exe(2013-02-13 23:12:37) 1496
Library C:\Program Files\Sony\VAIO Update\VUAgent.exe 0x00EC0000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\ATL100.DLL 0x6F840000
Library C:\Windows\system32\MSVCP100.dll 0x70DF0000
Library C:\Windows\system32\MSVCR100.dll 0x70D30000
Library C:\Windows\system32\WINHTTP.dll 0x6FB40000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\webio.dll 0x6FAF0000
Library C:\Windows\system32\XmlLite.dll 0x73ED0000
Library C:\Windows\system32\WS2_32.dll 0x75830000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\NSI.dll 0x77480000
Library C:\Windows\system32\WINTRUST.dll 0x75770000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Program Files\Sony\VAIO Update\VUAgentPS.dll 0x67480000
Library C:\Windows\system32\SXS.DLL 0x75430000
Library C:\Windows\system32\WTSAPI32.dll 0x74960000
Library C:\Windows\system32\WINSTA.dll 0x74B50000
Library C:\Windows\system32\wbem\wbemprox.dll 0x70230000
Library C:\Windows\system32\wbemcomn.dll 0x6FCC0000
Library C:\Windows\system32\wbem\wbemsvc.dll 0x6F3D0000
Library C:\Windows\system32\wbem\fastprox.dll 0x6F520000
Library C:\Windows\system32\NTDSAPI.dll 0x6F500000

Process C:\Windows\system32\Dwm.exe(2009-07-13 23:24:23) 1540
Library C:\Windows\system32\Dwm.exe 0x004C0000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\UxTheme.dll 0x74230000
Library C:\Windows\system32\IMM32.dll 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\dwmredir.dll 0x71900000
Library C:\Windows\system32\dwmcore.dll 0x717A0000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\WindowsCodecs.dll 0x73D40000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\d3d10_1.dll 0x71770000
Library C:\Windows\system32\d3d10_1core.dll 0x716D0000
Library C:\Windows\system32\dxgi.dll 0x71520000
Library C:\Windows\system32\VERSION.dll 0x74950000
Library C:\Windows\system32\dwmapi.dll 0x73F00000
Library C:\Windows\system32\PSAPI.DLL 0x77470000
Library C:\Windows\system32\WINTRUST.dll 0x75770000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000
Library C:\Windows\system32\atiuxpag.dll 0x713B0000
Library C:\Windows\system32\aticfx32.dll 0x71300000
Library C:\Windows\system32\atidxx32.dll 0x70EF0000
Library C:\Windows\system32\uDWM.dll 0x713C0000
Library C:\Windows\system32\slc.dll 0x737E0000
Library C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll 0x10000000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000

Process C:\Windows\system32\svchost.exe(2009-07-13 23:19:28) 1584
Library C:\Windows\system32\svchost.exe 0x00AF0000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library c:\windows\system32\wiaservc.dll 0x6F9B0000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library c:\windows\system32\VERSION.dll 0x74950000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\wiatrace.dll 0x6FDF0000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Windows\system32\secur32.dll 0x75390000
Library C:\Windows\system32\SSPICLI.DLL 0x753B0000
Library C:\Windows\system32\credssp.dll 0x74BB0000
Library C:\Windows\system32\msv1_0.DLL 0x74EB0000
Library C:\Windows\system32\cryptdll.dll 0x75140000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\system32\SETUPAPI.dll 0x75870000
Library C:\Windows\system32\DEVOBJ.dll 0x75690000
Library C:\Windows\system32\WINTRUST.dll 0x75770000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000

Process C:\Windows\System32\spoolsv.exe(2010-11-20 21:29:06) 1656
Library C:\Windows\System32\spoolsv.exe 0x00FB0000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\System32\POWRPROF.dll 0x74920000
Library C:\Windows\system32\SETUPAPI.dll 0x75870000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\DEVOBJ.dll 0x75690000
Library C:\Windows\System32\DNSAPI.dll 0x74DD0000
Library C:\Windows\system32\WS2_32.dll 0x75830000
Library C:\Windows\system32\NSI.dll 0x77480000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\System32\CRYPTBASE.dll 0x75420000
Library C:\Windows\System32\slc.dll 0x737E0000
Library C:\Windows\System32\RpcRtRemote.dll 0x75490000
Library C:\Windows\System32\secur32.dll 0x75390000
Library C:\Windows\System32\SSPICLI.DLL 0x753B0000
Library C:\Windows\System32\credssp.dll 0x74BB0000
Library C:\Windows\System32\IPHLPAPI.DLL 0x73600000
Library C:\Windows\System32\WINNSI.DLL 0x735F0000
Library C:\Windows\system32\mswsock.dll 0x74F10000
Library C:\Windows\System32\wshtcpip.dll 0x749F0000
Library C:\Windows\System32\wship6.dll 0x74F00000
Library C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL 0x6EF20000
Library C:\Windows\system32\PSAPI.DLL 0x77470000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\System32\rasadhlp.dll 0x6EFE0000
Library C:\Windows\System32\fwpuclnt.dll 0x73460000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\umb.dll 0x734D0000
Library C:\Windows\system32\ATL.DLL 0x73800000
Library C:\Windows\system32\WINTRUST.dll 0x75770000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000
Library C:\Windows\System32\localspl.dll 0x6BA20000
Library C:\Windows\System32\SPOOLSS.DLL 0x70980000
Library C:\Windows\System32\srvcli.dll 0x75320000
Library C:\Windows\system32\winspool.drv 0x73C90000
Library C:\Windows\System32\PrintIsolationProxy.dll 0x70970000
Library C:\Windows\System32\CNMLMAG.DLL 0x6BAE0000
Library C:\Windows\System32\VERSION.dll 0x74950000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library C:\Windows\System32\CNMXLMAG.DLL 0x6B7F0000
Library C:\Windows\System32\CNMNPPM.DLL 0x01CD0000
Library C:\Windows\System32\dhcpcsvc.DLL 0x73220000
Library C:\Windows\System32\dhcpcsvc6.DLL 0x73160000
Library C:\Windows\System32\mdimon.dll 0x00380000
Library C:\Windows\System32\msi.dll 0x703B0000
Library C:\Windows\System32\FXSMON.DLL 0x6B460000
Library C:\Windows\System32\tcpmon.dll 0x6B430000
Library C:\Windows\System32\snmpapi.dll 0x6B420000
Library C:\Windows\System32\wsnmp32.dll 0x6B410000
Library C:\Windows\System32\msxml6.dll 0x719A0000
Library C:\Windows\System32\usbmon.dll 0x6BA10000
Library C:\Windows\system32\wls0wndh.dll 0x6EE00000
Library C:\Windows\System32\WSDMon.dll 0x6B9E0000
Library C:\Windows\System32\wsdapi.dll 0x6FE30000
Library C:\Windows\System32\webservices.dll 0x6FD20000
Library C:\Windows\System32\FirewallAPI.dll 0x74970000
Library C:\Windows\system32\FunDisc.dll 0x6FE00000
Library C:\Windows\system32\fdPnp.dll 0x6B1F0000
Library C:\Windows\system32\WSDCHNGR.DLL 0x6A640000
Library C:\Windows\system32\spool\PRTPROCS\W32X86\winprint.dll 0x6A630000
Library C:\Windows\System32\USERENV.dll 0x74AC0000
Library C:\Windows\System32\profapi.dll 0x754A0000
Library C:\Windows\System32\GPAPI.dll 0x74AA0000
Library C:\Windows\system32\spool\PRTPROCS\W32X86\CNMPDAG.DLL 0x6A620000
Library C:\Windows\system32\spool\PRTPROCS\W32X86\mdippr.dll 0x00950000
Library C:\Windows\System32\dsrole.dll 0x737F0000
Library C:\Windows\System32\win32spl.dll 0x69FC0000
Library C:\Windows\System32\DEVRTL.dll 0x74CD0000
Library C:\Windows\System32\SPINF.dll 0x74AE0000
Library C:\Windows\System32\inetpp.dll 0x69F30000
Library C:\Windows\System32\CRYPTSP.dll 0x74F50000
Library C:\Windows\System32\WINSTA.dll 0x74B50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\System32\cscapi.dll 0x71B10000
Library C:\Windows\System32\netutils.dll 0x73AF0000
Library c:\windows\system32\spool\drivers\w32x86\3\cnmlhag.dll 0x69F10000
Library C:\Windows\system32\IPBusEnumProxy.dll 0x70650000

Process C:\Program Files\Avira\AntiVir Desktop\sched.exe(2013-02-13 08:50:44) 1712
Library C:\Program Files\Avira\AntiVir Desktop\sched.exe 0x00C70000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\MSVCP100.dll 0x70DF0000
Library C:\Windows\system32\MSVCR100.dll 0x70D30000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Program Files\Avira\AntiVir Desktop\grdcore.dll 0x70CC0000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library c:\program files\avira\antivir desktop\cfglib.dll 0x70D20000
Library c:\program files\avira\antivir desktop\gpipc.dll 0x70B90000
Library C:\Windows\system32\MPR.dll 0x71D40000
Library c:\program files\avira\antivir desktop\gpgen.dll 0x70B50000
Library c:\program files\avira\antivir desktop\gpschd.dll 0x70B20000
Library C:\Windows\system32\IPHLPAPI.DLL 0x73600000
Library C:\Windows\system32\NSI.dll 0x77480000
Library C:\Windows\system32\WINNSI.DLL 0x735F0000
Library C:\Windows\system32\VERSION.dll 0x74950000
Library C:\Windows\system32\WTSAPI32.DLL 0x74960000
Library C:\Windows\system32\rasapi32.dll 0x73970000
Library C:\Windows\system32\rasman.dll 0x73950000
Library C:\Windows\system32\WS2_32.dll 0x75830000
Library C:\Program Files\Avira\AntiVir Desktop\avevtlog.dll 0x70C90000
Library C:\Program Files\Avira\AntiVir Desktop\schedr.dll 0x70B10000
Library C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll 0x70AA0000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000
Library C:\Windows\system32\rtutils.dll 0x73940000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Program Files\Avira\AntiVir Desktop\avipc.dll 0x6F800000
Library C:\Windows\system32\apphelp.dll 0x753D0000
Library C:\Windows\system32\ntmarta.dll 0x73910000
Library C:\Windows\system32\WLDAP32.dll 0x75D30000
Library C:\Windows\system32\SspiCli.dll 0x753B0000

Process C:\Program Files\Sony\VAIO Event Service\VESMgr.exe(2013-02-13 02:27:15) 1736
Library C:\Program Files\Sony\VAIO Event Service\VESMgr.exe 0x00FB0000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\ATL100.DLL 0x6F840000
Library C:\Windows\system32\MSVCR100.dll 0x70D30000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\WINTRUST.dll 0x75770000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000
Library C:\Windows\system32\imagehlp.dll 0x75BD0000
Library C:\Windows\system32\ncrypt.dll 0x75080000
Library C:\Windows\system32\bcrypt.dll 0x75060000
Library C:\Windows\system32\bcryptprimitives.dll 0x74BF0000
Library C:\Windows\system32\USERENV.dll 0x74AC0000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Windows\system32\GPAPI.dll 0x74AA0000
Library C:\Windows\system32\apphelp.dll 0x753D0000
Library C:\Windows\system32\SXS.DLL 0x75430000

Process C:\Windows\system32\taskhost.exe(2013-02-14 10:06:05) 1768
Library C:\Windows\system32\taskhost.exe 0x00F70000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\system32\uxtheme.dll 0x74230000
Library C:\Windows\system32\dwmapi.dll 0x73F00000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\System32\PlaySndSrv.dll 0x70C60000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Windows\system32\MsCtfMonitor.dll 0x70C50000
Library C:\Windows\system32\MSUTB.dll 0x70E60000
Library C:\Windows\system32\WINSTA.dll 0x74B50000
Library C:\Windows\system32\WTSAPI32.dll 0x74960000
Library C:\Windows\system32\WINMM.dll 0x70910000
Library C:\Windows\system32\dimsjob.dll 0x67D20000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\taskschd.dll 0x6FF40000
Library C:\Windows\system32\SspiCli.dll 0x753B0000
Library C:\Windows\System32\netprofm.dll 0x6F330000
Library C:\Windows\system32\NSI.dll 0x77480000
Library C:\Windows\System32\nlaapi.dll 0x73860000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\System32\npmproxy.dll 0x726F0000
Library C:\Windows\system32\dsrole.dll 0x737F0000
Library C:\Windows\system32\MMDevAPI.DLL 0x73F20000
Library C:\Windows\system32\PROPSYS.dll 0x74270000
Library C:\Windows\system32\wdmaud.drv 0x71D60000
Library C:\Windows\system32\ksuser.dll 0x709E0000
Library C:\Windows\system32\AVRT.dll 0x73E40000
Library C:\Windows\system32\SETUPAPI.dll 0x75870000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000
Library C:\Windows\system32\DEVOBJ.dll 0x75690000
Library C:\Windows\system32\AUDIOSES.DLL 0x6EAD0000
Library C:\Windows\system32\msacm32.drv 0x73D10000
Library C:\Windows\system32\MSACM32.dll 0x73CF0000
Library C:\Windows\system32\midimap.dll 0x73B30000

Process C:\Windows\system32\svchost.exe(2009-07-13 23:19:28) 1820
Library C:\Windows\system32\svchost.exe 0x00AF0000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library c:\windows\system32\bfe.dll 0x70BD0000
Library c:\windows\system32\AUTHZ.dll 0x750C0000
Library c:\windows\system32\slc.dll 0x737E0000
Library C:\Windows\system32\SspiCli.dll 0x753B0000
Library C:\Windows\system32\pcwum.dll 0x74A70000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library c:\windows\system32\mpssvc.dll 0x709F0000
Library c:\windows\system32\FirewallAPI.dll 0x74970000
Library c:\windows\system32\VERSION.dll 0x74950000
Library c:\windows\system32\fwpuclnt.dll 0x73460000
Library C:\Windows\system32\NSI.dll 0x77480000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\secur32.dll 0x75390000
Library C:\Windows\system32\credssp.dll 0x74BB0000
Library C:\Windows\system32\USERENV.dll 0x74AC0000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Windows\system32\GPAPI.dll 0x74AA0000
Library C:\Windows\system32\WS2_32.dll 0x75830000
Library C:\Windows\system32\IPHLPAPI.DLL 0x73600000
Library C:\Windows\system32\WINNSI.DLL 0x735F0000
Library C:\Windows\system32\dhcpcsvc.DLL 0x73220000
Library C:\Windows\system32\dhcpcsvc6.DLL 0x73160000
Library C:\Windows\system32\wfapigp.dll 0x708D0000
Library C:\Windows\system32\ntmarta.dll 0x73910000
Library C:\Windows\system32\WLDAP32.dll 0x75D30000
Library c:\windows\system32\dps.dll 0x6FFC0000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\taskschd.dll 0x6FF40000
Library C:\Windows\system32\bcrypt.dll 0x75060000
Library C:\Windows\system32\wdi.dll 0x6E200000
Library C:\Windows\System32\netprofm.dll 0x6F330000
Library C:\Windows\System32\nlaapi.dll 0x73860000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\system32\radardt.dll 0x72DB0000
Library C:\Windows\system32\WTSAPI32.dll 0x74960000
Library C:\Windows\System32\npmproxy.dll 0x726F0000
Library C:\Windows\system32\wdiasqmmodule.dll 0x72D90000
Library C:\Windows\system32\mswsock.dll 0x74F10000
Library C:\Windows\System32\wshqos.dll 0x6FEF0000
Library C:\Windows\system32\wshtcpip.DLL 0x749F0000
Library C:\Windows\system32\wship6.dll 0x74F00000
Library C:\Windows\system32\WINSTA.dll 0x74B50000
Library C:\Windows\system32\SETUPAPI.dll 0x75870000
Library C:\Windows\system32\DEVOBJ.dll 0x75690000
Library C:\Windows\system32\WINTRUST.dll 0x75770000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000

Process C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(2010-09-21 13:03:14) 1900
Library C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 0x00B60000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000
Library C:\Windows\system32\SensApi.dll 0x6F7E0000
Library C:\Windows\system32\PSAPI.DLL 0x77470000
Library C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll 0x6F7A0000
Library C:\Windows\system32\NETAPI32.dll 0x73B00000
Library C:\Windows\system32\netutils.dll 0x73AF0000
Library C:\Windows\system32\srvcli.dll 0x75320000

Alt 19.02.2013, 23:47   #8
trampeltier
 
Trojaner - es ist einfach nur langsam! - Standard

Trojaner - es ist einfach nur langsam!



GMER Teil 6


Library C:\Windows\system32\wkscli.dll 0x73AE0000
Library C:\Windows\system32\SAMCLI.DLL 0x73AD0000
Library C:\Windows\system32\WINHTTP.dll 0x6FB40000
Library C:\Windows\system32\webio.dll 0x6FAF0000
Library C:\Windows\system32\IPHLPAPI.DLL 0x73600000
Library C:\Windows\system32\NSI.dll 0x77480000
Library C:\Windows\system32\WINNSI.DLL 0x735F0000
Library C:\Windows\system32\wer.dll 0x6F730000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library C:\Windows\system32\WS2_32.dll 0x75830000
Library C:\Windows\system32\WTSAPI32.dll 0x74960000
Library C:\Windows\system32\USERENV.dll 0x74AC0000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Windows\system32\WINTRUST.dll 0x75770000
Library C:\Windows\system32\VERSION.dll 0x74950000
Library C:\Windows\system32\WinSCard.dll 0x73170000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Windows\System32\msxml3.dll 0x6F150000
Library C:\Windows\system32\WINSTA.dll 0x74B50000
Library C:\Windows\system32\apphelp.dll 0x753D0000
Library C:\Windows\system32\wbem\wbemprox.dll 0x70230000
Library C:\Windows\system32\wbemcomn.dll 0x6FCC0000
Library C:\Windows\system32\wbem\wbemsvc.dll 0x6F3D0000
Library C:\Windows\system32\dssenh.dll 0x71D90000
Library C:\Windows\system32\wbem\fastprox.dll 0x6F520000
Library C:\Windows\system32\NTDSAPI.dll 0x6F500000

Process C:\Windows\system32\taskeng.exe(2010-11-20 21:29:06) 1920
Library C:\Windows\system32\taskeng.exe 0x00BF0000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\SspiCli.dll 0x753B0000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\tschannel.dll 0x70C80000
Library C:\Windows\system32\uxtheme.dll 0x74230000
Library C:\Windows\system32\dwmapi.dll 0x73F00000
Library C:\Windows\system32\XmlLite.dll 0x73ED0000
Library C:\Windows\system32\apphelp.dll 0x753D0000
Library C:\Windows\system32\TaskSchdPS.dll 0x6E020000

Process C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe(2012-12-18 19:08:28) 1964
Library C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe 0x01260000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000
Library C:\Windows\system32\WINTRUST.dll 0x75770000
Library C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.5570_none_509463cabcb6ef2a\MSVCR90.dll 0x70820000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000

Process C:\Program Files\Windows Media Player\wmpnetwk.exe(2010-11-20 21:29:49) 1988
Library C:\Program Files\Windows Media Player\wmpnetwk.exe 0x00DF0000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\WSOCK32.dll 0x6B8C0000
Library C:\Windows\system32\WS2_32.dll 0x75830000
Library C:\Windows\system32\NSI.dll 0x77480000
Library C:\Windows\system32\IPHLPAPI.DLL 0x73600000
Library C:\Windows\system32\WINNSI.DLL 0x735F0000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\USERENV.dll 0x74AC0000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Windows\system32\WTSAPI32.dll 0x74960000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\WINSTA.dll 0x74B50000
Library C:\Windows\system32\ntmarta.dll 0x73910000
Library C:\Windows\system32\WLDAP32.dll 0x75D30000
Library C:\Windows\system32\wmdrmdev.dll 0x63840000
Library C:\Windows\system32\drmv2clt.dll 0x63740000
Library C:\Windows\system32\VERSION.dll 0x74950000
Library C:\Windows\system32\MFPlat.DLL 0x6ECF0000
Library C:\Windows\system32\AVRT.dll 0x73E40000
Library C:\Windows\system32\SETUPAPI.dll 0x75870000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000
Library C:\Windows\system32\DEVOBJ.dll 0x75690000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library C:\Windows\system32\WINTRUST.dll 0x75770000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Windows\system32\upnp.dll 0x63D70000
Library C:\Windows\system32\WINHTTP.dll 0x6FB40000
Library C:\Windows\system32\webio.dll 0x6FAF0000
Library C:\Windows\system32\SSDPAPI.dll 0x6FEE0000
Library C:\Windows\system32\SXS.DLL 0x75430000
Library C:\Windows\system32\dhcpcsvc.DLL 0x73220000
Library C:\Windows\system32\dhcpcsvc6.DLL 0x73160000
Library C:\Windows\system32\wmp.dll 0x627B0000
Library C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll 0x740A0000
Library C:\Windows\system32\dwmapi.dll 0x73F00000
Library C:\Windows\system32\wmploc.dll 0x61BA0000
Library C:\Program Files\Internet Explorer\ieproxy.dll 0x63E70000
Library C:\Windows\system32\windowscodecs.dll 0x73D40000
Library C:\Windows\System32\provsvc.dll 0x6D630000
Library C:\Windows\system32\slc.dll 0x737E0000
Library C:\Windows\system32\SspiCli.dll 0x753B0000
Library C:\Windows\system32\NETAPI32.dll 0x73B00000
Library C:\Windows\system32\netutils.dll 0x73AF0000
Library C:\Windows\system32\srvcli.dll 0x75320000
Library C:\Windows\system32\wkscli.dll 0x73AE0000
Library C:\Windows\System32\wmpps.dll 0x63950000
Library C:\Windows\system32\wmpmde.dll 0x61AE0000
Library C:\Windows\system32\HTTPAPI.dll 0x6F7F0000
Library C:\Windows\system32\pcwum.dll 0x74A70000
Library C:\Windows\system32\mswsock.dll 0x74F10000
Library C:\Windows\System32\wshtcpip.dll 0x749F0000
Library C:\Windows\System32\wship6.dll 0x74F00000
Library C:\Windows\system32\BlackBox.dll 0x61A20000
Library C:\Windows\system32\WinSATAPI.dll 0x619C0000
Library C:\Windows\system32\dxgi.dll 0x71520000
Library C:\Windows\System32\msxml6.dll 0x719A0000
Library C:\Windows\system32\urlmon.dll 0x76F70000
Library C:\Windows\system32\iertutil.dll 0x76BE0000
Library C:\Windows\system32\WININET.dll 0x76E50000
Library C:\Windows\system32\Normaliz.dll 0x75BC0000
Library C:\Windows\system32\PROPSYS.dll 0x74270000
Library C:\Windows\System32\msmpeg2enc.dll 0x618F0000
Library C:\Windows\system32\devenum.dll 0x6B1D0000
Library C:\Windows\system32\WINMM.dll 0x70910000
Library C:\Windows\system32\msdmo.dll 0x6A650000
Library C:\Windows\System32\netprofm.dll 0x6F330000
Library C:\Windows\System32\nlaapi.dll 0x73860000
Library C:\Windows\System32\npmproxy.dll 0x726F0000
Library C:\Windows\system32\upnphost.dll 0x618A0000
Library C:\Windows\system32\wbem\wbemprox.dll 0x70230000
Library C:\Windows\system32\wbemcomn.dll 0x6FCC0000
Library C:\Windows\system32\wbem\wbemsvc.dll 0x6F3D0000
Library C:\Windows\system32\wbem\fastprox.dll 0x6F520000
Library C:\Windows\system32\NTDSAPI.dll 0x6F500000
Library C:\Windows\system32\GPAPI.dll 0x74AA0000
Library C:\Windows\system32\credssp.dll 0x74BB0000
Library C:\Windows\System32\msxml3.dll 0x6F150000
Library C:\Windows\system32\DNSAPI.dll 0x74DD0000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll 0x744C0000
Library C:\Windows\system32\XmlLite.dll 0x73ED0000
Library C:\Windows\system32\LINKINFO.dll 0x71490000
Library C:\Windows\system32\apphelp.dll 0x753D0000
Library C:\Windows\system32\NetworkExplorer.dll 0x6EB10000
Library C:\Windows\system32\MPR.dll 0x71D40000
Library C:\Windows\System32\drprov.dll 0x63940000
Library C:\Windows\System32\ntlanman.dll 0x63390000
Library C:\Windows\System32\davclnt.dll 0x63370000
Library C:\Windows\System32\DAVHLPR.dll 0x63930000
Library C:\Windows\system32\AUTHZ.dll 0x750C0000
Library C:\Windows\system32\dsrole.dll 0x737F0000
Library C:\Windows\system32\SAMLIB.dll 0x74480000
Library C:\Windows\system32\FirewallAPI.dll 0x74970000

Process C:\Windows\System32\svchost.exe(2009-07-13 23:19:28) 1992
Library C:\Windows\System32\svchost.exe 0x00AF0000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library c:\windows\system32\pnrpsvc.dll 0x5F650000
Library C:\Windows\System32\USERENV.dll 0x74AC0000
Library C:\Windows\System32\profapi.dll 0x754A0000
Library C:\Windows\System32\GPAPI.dll 0x74AA0000
Library C:\Windows\System32\CRYPTBASE.dll 0x75420000
Library C:\Windows\System32\secur32.dll 0x75390000
Library C:\Windows\System32\SSPICLI.DLL 0x753B0000
Library C:\Windows\System32\credssp.dll 0x74BB0000
Library C:\Windows\System32\RpcRtRemote.dll 0x75490000
Library C:\Windows\system32\WS2_32.dll 0x75830000
Library C:\Windows\system32\NSI.dll 0x77480000
Library C:\Windows\system32\mswsock.dll 0x74F10000
Library C:\Windows\system32\user32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\System32\wship6.dll 0x74F00000
Library C:\Windows\System32\IPHLPAPI.DLL 0x73600000
Library C:\Windows\System32\WINNSI.DLL 0x735F0000
Library C:\Windows\System32\dhcpcsvc.DLL 0x73220000
Library C:\Windows\System32\dhcpcsvc6.DLL 0x73160000
Library C:\Windows\System32\sqmapi.dll 0x6F650000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\System32\SSDPAPI.DLL 0x6FEE0000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000
Library C:\Windows\System32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\System32\ncrypt.dll 0x75080000
Library C:\Windows\System32\bcrypt.dll 0x75060000
Library c:\windows\system32\p2psvc.dll 0x5F2B0000
Library c:\windows\system32\P2PGRAPH.dll 0x5F250000
Library c:\windows\system32\ESENT.dll 0x6E220000
Library c:\windows\system32\slc.dll 0x737E0000
Library c:\windows\system32\XmlLite.dll 0x73ED0000
Library C:\Windows\system32\psapi.dll 0x77470000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\System32\AUTHZ.dll 0x750C0000
Library C:\Windows\system32\pnrpnsp.dll 0x61050000
Library C:\Windows\System32\rasadhlp.dll 0x6EFE0000
Library C:\Windows\system32\ntmarta.dll 0x73910000
Library C:\Windows\system32\WLDAP32.dll 0x75D30000
Library C:\Windows\system32\schannel.DLL 0x74D60000
Library C:\Windows\System32\drttransport.dll 0x734B0000
Library C:\Windows\System32\drt.dll 0x673B0000
Library C:\Windows\System32\pcwum.dll 0x74A70000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000

Process C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe(2011-05-24 22:17:32) 2008
Library C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe 0x002D0000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\POWRPROF.dll 0x74920000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\SETUPAPI.dll 0x75870000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\DEVOBJ.dll 0x75690000
Library C:\Windows\system32\VERSION.dll 0x74950000
Library C:\Windows\system32\WTSAPI32.dll 0x74960000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\MSVCP100.dll 0x70DF0000
Library C:\Windows\system32\MSVCR100.dll 0x70D30000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll 0x70390000
Library C:\Windows\system32\Wlanapi.dll 0x70340000
Library C:\Windows\system32\wlanutil.dll 0x731A0000
Library C:\Windows\SYSTEM32\MSCOREE.DLL 0x702F0000
Library C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll 0x70280000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\System32\msxml6.dll 0x719A0000
Library C:\Windows\system32\wbem\wbemprox.dll 0x70230000
Library C:\Windows\system32\wbemcomn.dll 0x6FCC0000
Library C:\Windows\system32\WS2_32.dll 0x75830000
Library C:\Windows\system32\NSI.dll 0x77480000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Windows\system32\wbem\wbemsvc.dll 0x6F3D0000
Library C:\Windows\system32\wbem\fastprox.dll 0x6F520000
Library C:\Windows\system32\NTDSAPI.dll 0x6F500000
Library C:\Windows\system32\secur32.dll 0x75390000
Library C:\Windows\system32\SSPICLI.DLL 0x753B0000
Library C:\Windows\system32\credssp.dll 0x74BB0000
Library C:\Windows\system32\WINSTA.dll 0x74B50000

Process C:\Program Files\Avira\AntiVir Desktop\avguard.exe(2013-02-13 08:50:33) 2044
Library C:\Program Files\Avira\AntiVir Desktop\avguard.exe 0x00140000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\MSVCP100.dll 0x70DF0000
Library C:\Windows\system32\MSVCR100.dll 0x70D30000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Program Files\Avira\AntiVir Desktop\grdcore.dll 0x70CC0000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library c:\program files\avira\antivir desktop\cfglib.dll 0x70D20000
Library c:\program files\avira\antivir desktop\gpgen.dll 0x70B50000
Library c:\program files\avira\antivir desktop\gpgrd.dll 0x70380000
Library C:\Windows\system32\VERSION.dll 0x74950000
Library c:\program files\avira\antivir desktop\gpipc.dll 0x70B90000
Library C:\Windows\system32\MPR.dll 0x71D40000
Library c:\program files\avira\antivir desktop\gpavgio.dll 0x701A0000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\NETAPI32.dll 0x73B00000
Library C:\Windows\system32\netutils.dll 0x73AF0000
Library C:\Windows\system32\srvcli.dll 0x75320000
Library C:\Windows\system32\wkscli.dll 0x73AE0000
Library C:\Windows\system32\LOGONCLI.DLL 0x74DA0000
Library C:\Windows\system32\BROWCLI.DLL 0x70070000
Library C:\Windows\system32\ACTIVEDS.dll 0x70030000
Library C:\Windows\system32\adsldpc.dll 0x6FFF0000
Library C:\Windows\system32\WLDAP32.dll 0x75D30000
Library C:\Windows\system32\ATL.DLL 0x73800000
Library c:\program files\avira\antivir desktop\gpgui.dll 0x6FF20000
Library c:\program files\avira\antivir desktop\gplegacy.dll 0x6FF10000
Library c:\program files\avira\antivir desktop\gpgenrep.dll 0x6FEC0000
Library c:\program files\avira\antivir desktop\onlcfg.dll 0x6FEB0000
Library C:\Program Files\Avira\AntiVir Desktop\avevtlog.dll 0x70C90000
Library C:\Program Files\Avira\AntiVir Desktop\guardmsg.dll 0x70240000
Library C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll 0x70AA0000
Library C:\Program Files\Avira\AntiVir Desktop\avipc.dll 0x6F800000
Library C:\Program Files\Avira\AntiVir Desktop\AVGIO.DLL 0x6F710000
Library C:\Windows\system32\FLTLIB.DLL 0x6F600000
Library c:\program files\avira\antivir desktop\avpref.dll 0x6F5F0000
Library c:\program files\avira\antivir desktop\avesvc.dll 0x72A70000
Library c:\program files\avira\antivir desktop\avesvcr.dll 0x72A60000
Library C:\Windows\system32\apphelp.dll 0x753D0000
Library c:\program files\avira\antivir desktop\avreg.dll 0x729B0000
Library C:\Windows\system32\WS2_32.dll 0x75830000
Library C:\Windows\system32\NSI.dll 0x77480000
Library C:\Windows\system32\USERENV.dll 0x74AC0000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Program Files\Avira\AntiVir Desktop\aecore.dll 0x67330000
Library C:\Program Files\Avira\AntiVir Desktop\aevdf.dll 0x10000000
Library C:\Program Files\Avira\AntiVir Desktop\aescript.dll 0x00810000
Library C:\Program Files\Avira\AntiVir Desktop\aescn.dll 0x008C0000
Library C:\Program Files\Avira\AntiVir Desktop\aesbx.dll 0x008F0000
Library C:\Program Files\Avira\AntiVir Desktop\aerdl.dll 0x00E80000
Library C:\Program Files\Avira\AntiVir Desktop\aepack.dll 0x5F020000
Library C:\Program Files\Avira\AntiVir Desktop\aeoffice.dll 0x00CF0000
Library C:\Program Files\Avira\AntiVir Desktop\aeheur.dll 0x07140000
Library C:\Program Files\Avira\AntiVir Desktop\aehelp.dll 0x00F80000
Library C:\Program Files\Avira\AntiVir Desktop\aegen.dll 0x014E0000
Library C:\Program Files\Avira\AntiVir Desktop\aeexp.dll 0x00990000
Library C:\Program Files\Avira\AntiVir Desktop\aeemu.dll 0x015A0000
Library C:\Program Files\Avira\AntiVir Desktop\aebb.dll 0x00890000

Process C:\Program Files\Sony\VAIO Care\listener.exe(2013-02-13 03:28:44) 2056
Library C:\Program Files\Sony\VAIO Care\listener.exe 0x00400000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\WTSAPI32.dll 0x74960000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.5570_none_509463cabcb6ef2a\MSVCP90.dll 0x6FA30000
Library C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.5570_none_509463cabcb6ef2a\MSVCR90.dll 0x70820000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\uxtheme.dll 0x74230000
Library C:\Windows\system32\dwmapi.dll 0x73F00000

Process C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe(2009-07-14 00:35:50) 2060
Library C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 0x00C10000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\SYSTEM32\MSCOREE.DLL 0x702F0000
Library C:\Windows\system32\KERNEL32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll 0x70280000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll 0x6C220000
Library C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.5592_none_d09196c24426e2d4\MSVCR80.dll 0x6BB30000
Library C:\Windows\system32\shell32.dll 0x75EC0000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll 0x6A660000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll 0x69760000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\4887489f50210be650432a982d01800f\PresentationFontCache.ni.exe 0x73060000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll 0x66950000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll 0x66D00000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll 0x65D50000
Library C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll 0x67820000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\shfolder.dll 0x6E000000
Library C:\Windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll 0x6ECB0000

Process C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe(2013-02-13 02:27:15) 2172
Library C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe 0x00A10000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\ATL100.DLL 0x6F840000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\MSVCP100.dll 0x70DF0000
Library C:\Windows\system32\MSVCR100.dll 0x70D30000
Library C:\Windows\system32\WTSAPI32.dll 0x74960000
Library C:\Windows\system32\IMM32.dll 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Windows\System32\msxml6.dll 0x719A0000
Library C:\Program Files\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll 0x6F070000
Library C:\Windows\system32\SETUPAPI.dll 0x75870000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000
Library C:\Windows\system32\DEVOBJ.dll 0x75690000
Library C:\Windows\system32\WINTRUST.dll 0x75770000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000
Library C:\Program Files\Sony\VAIO Event Service\VESStorageProtect.dll 0x6EFF0000
Library C:\Program Files\Sony\VAIO Event Service\VESBasePS.dll 0x6EFD0000
Library C:\Program Files\Sony\VAIO Event Service\VESUSBKeyboard.dll 0x6EF70000
Library C:\Windows\system32\HID.DLL 0x73F60000
Library C:\Program Files\Sony\VAIO Event Service\VESSuEvent.dll 0x6EF50000
Library C:\Windows\system32\SXS.DLL 0x75430000
Library C:\Program Files\Sony\VAIO Event Service\VESTransform.dll 0x73AA0000
Library C:\Program Files\Common Files\Sony Shared\Sony Utilities\SonyInfo.dll 0x6EE90000
Library C:\Program Files\Sony\VAIO Improvement\viaggregator.dll 0x6EFC0000
Library C:\Program Files\Sony\VAIO Event Service\VESPerform.dll 0x6EEC0000
Library C:\Windows\system32\POWRPROF.dll 0x74920000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library C:\Windows\system32\WINMM.dll 0x70910000
Library C:\Windows\system32\USERENV.dll 0x74AC0000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Program Files\Sony\VAIO Event Service\VESRemoteKey.dll 0x6EEA0000
Library C:\Windows\system32\WINSTA.dll 0x74B50000

Process C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe(2013-02-13 02:27:15) 2184
Library C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe 0x00A10000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\ATL100.DLL 0x6F840000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\MSVCP100.dll 0x70DF0000
Library C:\Windows\system32\MSVCR100.dll 0x70D30000
Library C:\Windows\system32\WTSAPI32.dll 0x74960000
Library C:\Windows\system32\IMM32.dll 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Windows\System32\msxml6.dll 0x719A0000
Library C:\Program Files\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll 0x6F070000
Library C:\Windows\system32\SETUPAPI.dll 0x75870000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000
Library C:\Windows\system32\DEVOBJ.dll 0x75690000
Library C:\Windows\system32\WINTRUST.dll 0x75770000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000
Library C:\Program Files\Sony\VAIO Event Service\VESWndMsg.dll 0x6EF00000
Library C:\Program Files\Sony\VAIO Event Service\VESBasePS.dll 0x6EFD0000
Library C:\Program Files\Sony\VAIO Event Service\VESPerform.dll 0x6EEC0000
Library C:\Windows\system32\POWRPROF.dll 0x74920000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library C:\Windows\system32\WINMM.dll 0x70910000
Library C:\Windows\system32\USERENV.dll 0x74AC0000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Program Files\Sony\VAIO Event Service\VESRemoteKey.dll 0x6EEA0000
Library C:\Windows\system32\HID.DLL 0x73F60000
Library C:\Program Files\Common Files\Sony Shared\Sony Utilities\SonyInfo.dll 0x6EE90000
Library C:\Program Files\Sony\VAIO Improvement\viaggregator.dll 0x6EFC0000
Library C:\Windows\system32\uxtheme.dll 0x74230000
Library C:\Program Files\Sony\VAIO Event Service\VESCommonUI.dll 0x6EE40000
Library C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll 0x740A0000
Library C:\Program Files\Sony\VAIO Event Service\VESAppMon.dll 0x6EE20000
Library C:\Windows\system32\PSAPI.DLL 0x77470000
Library C:\Windows\system32\WINSTA.dll 0x74B50000
Library C:\Program Files\Sony\VAIO Event Service\VESWndMsgHook.dll 0x6EE10000
Library C:\Windows\System32\MMDevApi.dll 0x73F20000
Library C:\Windows\System32\PROPSYS.dll 0x74270000
Library C:\Windows\system32\SXS.DLL 0x75430000
Library C:\Windows\system32\wbem\wbemprox.dll 0x70230000
Library C:\Windows\system32\wbemcomn.dll 0x6FCC0000
Library C:\Windows\system32\WS2_32.dll 0x75830000
Library C:\Windows\system32\NSI.dll 0x77480000
Library C:\Windows\system32\wbem\wbemsvc.dll 0x6F3D0000
Library C:\Windows\system32\wbem\fastprox.dll 0x6F520000
Library C:\Windows\system32\NTDSAPI.dll 0x6F500000
Library C:\Windows\system32\WindowsCodecs.dll 0x73D40000
Library C:\Windows\system32\dwmapi.dll 0x73F00000
Library C:\Windows\system32\wdmaud.drv 0x71D60000
Library C:\Windows\system32\ksuser.dll 0x709E0000
Library C:\Windows\system32\AVRT.dll 0x73E40000
Library C:\Windows\system32\AUDIOSES.DLL 0x6EAD0000
Library C:\Windows\system32\msacm32.drv 0x73D10000
Library C:\Windows\system32\MSACM32.dll 0x73CF0000
Library C:\Windows\system32\midimap.dll 0x73B30000
Library C:\Windows\system32\imagehlp.dll 0x75BD0000
Library C:\Windows\system32\ncrypt.dll 0x75080000
Library C:\Windows\system32\bcrypt.dll 0x75060000
Library C:\Windows\system32\bcryptprimitives.dll 0x74BF0000
Library C:\Windows\system32\GPAPI.dll 0x74AA0000
Library C:\Windows\system32\apphelp.dll 0x753D0000

Process C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe(2010-09-21 13:03:14) 2312
Library C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe 0x00C70000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000


Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\PSAPI.DLL 0x77470000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000

Process C:\Windows\system32\DllHost.exe(2009-07-13 23:43:52) 2400
Library C:\Windows\system32\DllHost.exe 0x00390000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Program Files\Common Files\Sony Shared\Sony Utilities\SSLProxyCOM.dll 0x6EDD0000
Library C:\Program Files\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll 0x6F070000
Library C:\Windows\system32\SETUPAPI.dll 0x75870000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000
Library C:\Windows\system32\DEVOBJ.dll 0x75690000
Library C:\Windows\system32\MSVCP100.dll 0x70DF0000
Library C:\Windows\system32\MSVCR100.dll 0x70D30000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\WINTRUST.dll 0x75770000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000
Library C:\Windows\System32\msxml6.dll 0x719A0000
Library C:\Windows\system32\SXS.DLL 0x75430000

Process C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe(2010-07-29 17:45:48) 2432
Library C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe 0x00400000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Program Files\WIDCOMM\Bluetooth Software\btosif.dll 0x10000000
Library C:\Windows\system32\WS2_32.dll 0x75830000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\NSI.dll 0x77480000
Library C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.5592_none_cbf62b764709d1c9\MFC80.DLL 0x6B8D0000
Library C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.5592_none_d09196c24426e2d4\MSVCR80.dll 0x6BB30000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000
Library C:\Program Files\WIDCOMM\Bluetooth Software\BtAudioHelper.dll 0x001D0000
Library C:\Windows\system32\WINMM.dll 0x70910000
Library C:\Windows\system32\SETUPAPI.dll 0x75870000
Library C:\Windows\system32\DEVOBJ.dll 0x75690000
Library C:\Windows\system32\IPHLPAPI.DLL 0x73600000
Library C:\Windows\system32\WINNSI.DLL 0x735F0000
Library C:\Windows\system32\msi.dll 0x703B0000

Alt 19.02.2013, 23:49   #9
trampeltier
 
Trojaner - es ist einfach nur langsam! - Standard

Trojaner - es ist einfach nur langsam!



GMER Teil 7



Library C:\Windows\system32\irprops.cpl 0x6B290000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library C:\Windows\system32\WSOCK32.dll 0x6B8C0000
Library C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll 0x740A0000
Library C:\Windows\system32\PSAPI.DLL 0x77470000
Library C:\Windows\system32\WINSPOOL.DRV 0x73C90000
Library C:\Windows\system32\VERSION.dll 0x74950000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll 0x744C0000
Library C:\Windows\system32\bthprops.cpl 0x73BE0000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Program Files\WIDCOMM\Bluetooth Software\btosif_ol.dll 0x01D90000
Library C:\Program Files\WIDCOMM\Bluetooth Software\btosif_olx.dll 0x01DF0000
Library C:\Windows\system32\MAPI32.dll 0x6A600000
Library C:\Program Files\WIDCOMM\Bluetooth Software\btosif_notes.dll 0x02350000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll 0x023B0000
Library C:\Windows\system32\uxtheme.dll 0x74230000
Library C:\Windows\system32\dwmapi.dll 0x73F00000
Library C:\Windows\system32\WINTRUST.dll 0x75770000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000
Library C:\Windows\system32\Wtsapi32.dll 0x74960000
Library C:\Windows\system32\WINSTA.dll 0x74B50000
Library C:\Windows\system32\mswsock.dll 0x74F10000
Library C:\Windows\System32\wshBth.dll 0x6B160000
Library C:\Windows\system32\SXS.DLL 0x75430000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\COMCTL32.dll 0x72070000
Library C:\Windows\system32\apphelp.dll 0x753D0000
Library C:\Windows\system32\propsys.dll 0x74270000
Library C:\Windows\system32\ntmarta.dll 0x73910000
Library C:\Windows\system32\WLDAP32.dll 0x75D30000
Library C:\Windows\system32\dhcpcsvc.DLL 0x73220000

Process C:\Windows\system32\DllHost.exe(2009-07-13 23:43:52) 2472
Library C:\Windows\system32\DllHost.exe 0x00390000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Windows\system32\wls0wndh.dll 0x6EE00000
Library C:\Program Files\Sony\VAIO Control Center\CommonSetting.dll 0x6ED90000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\MSVCP100.dll 0x70DF0000
Library C:\Windows\system32\MSVCR100.dll 0x70D30000
Library C:\Windows\system32\SXS.DLL 0x75430000
Library C:\Windows\System32\msxml6.dll 0x719A0000
Library C:\Program Files\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll 0x6F070000
Library C:\Windows\system32\SETUPAPI.dll 0x75870000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000
Library C:\Windows\system32\DEVOBJ.dll 0x75690000
Library C:\Windows\system32\WINTRUST.dll 0x75770000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000

Process C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe(2010-09-28 14:33:02) 2568
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe 0x01120000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\SYSTEM32\MSCOREE.DLL 0x702F0000
Library C:\Windows\system32\KERNEL32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll 0x70280000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll 0x6C220000
Library C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.5592_none_d09196c24426e2d4\MSVCR80.dll 0x6BB30000
Library C:\Windows\system32\shell32.dll 0x75EC0000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll 0x6A660000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\uxtheme.dll 0x74230000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll 0x69F60000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll 0x69760000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll 0x695D0000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll 0x689F0000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.Implementation.dll 0x6E710000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.dll 0x72B60000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.Foundation.dll 0x72A50000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.dll 0x6E600000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Private.dll 0x72B50000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.Private.dll 0x6E0C0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.dll 0x72B30000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll 0x72EB0000
Library C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll 0x72AA0000
Library C:\Windows\system32\shfolder.dll 0x6E000000
Library C:\Windows\system32\dwmapi.dll 0x73F00000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.Implementation.dll 0x73740000
Library C:\Windows\system32\apphelp.dll 0x753D0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.XManifest.dll 0x6D460000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll 0x6CE60000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.dll 0x67CD0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.Private.dll 0x66900000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Private.dll 0x67C70000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.dll 0x67C40000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ATICCCom.dll 0x67C60000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll 0x72BD0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.dll 0x72C10000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\NEWAEM.Foundation.dll 0x72C00000
Library C:\Windows\system32\atiadlxx.dll 0x10000000
Library C:\Windows\system32\USERENV.dll 0x74AC0000
Library C:\Windows\system32\WTSAPI32.dll 0x74960000
Library C:\Windows\system32\SETUPAPI.dll 0x75870000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\DEVOBJ.dll 0x75690000
Library C:\Windows\system32\PSAPI.DLL 0x77470000
Library C:\Windows\system32\WINTRUST.dll 0x75770000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.Shared.dll 0x72BF0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Source.Kit.Server.dll 0x72BC0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.DPPE.Shared.dll 0x72BB0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Hotkeys.Shared.dll 0x6EA00000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.WinMessages.Shared.dll 0x6E9F0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0601.dll 0x6E9C0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Foundation.dll 0x6E9B0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.dll 0x6E9A0000
Library C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll 0x042B0000
Library C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll 0x740A0000
Library C:\Windows\system32\ATIDEMGX.dll 0x6E750000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1010.dll 0x6E990000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll 0x6D530000
Library C:\Windows\system32\atipdlxx.dll 0x04BF0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.dll 0x6E820000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Shared.dll 0x6E940000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll 0x6E930000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.GD.Shared.dll 0x6E740000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Actions.CCAA.Shared.dll 0x6E730000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Private.dll 0x6E720000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll 0x6E700000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll 0x66D00000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll 0x6E620000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll 0x6E6F0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.Shared.Private.dll 0x6E580000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll 0x6E570000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll 0x6E560000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects2.Runtime.dll 0x6D4F0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll 0x6E540000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceLCD.Graphics.Shared.dll 0x6E530000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Shared.dll 0x6E5F0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Runtime.dll 0x6E5D0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Shared.dll 0x6D4D0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormats.Graphics.Shared.dll 0x6E5C0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll 0x6D4C0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Runtime.dll 0x6D4B0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Runtime.dll 0x6D490000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Runtime.dll 0x6D480000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Shared.dll 0x6D430000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0906.dll 0x6D470000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCV.Graphics.Shared.dll 0x6D420000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0912.dll 0x6D410000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll 0x6D400000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0706.dll 0x6CE40000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Runtime.dll 0x6CE50000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll 0x67D10000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll 0x67D00000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.shared.dll 0x67CF0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.shared.dll 0x67CC0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Shared.dll 0x67CB0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.shared.dll 0x67CA0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Shared.dll 0x67C90000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceTV.Graphics.shared.dll 0x67C20000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll 0x67C80000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll 0x67C50000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll 0x67C10000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1011.dll 0x67C00000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atixclib.dll 0x67BF0000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Runtime.dll 0x67BE0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Shared.dll 0x67BD0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Fuel.Foundation.dll 0x67BC0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Fuel\FUEL.Implementation.dll 0x67BB0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll 0x67B90000
Library C:\Windows\system32\MSVCP100.dll 0x70DF0000
Library C:\Windows\system32\MSVCR100.dll 0x70D30000
Library C:\Windows\system32\POWRPROF.dll 0x74920000
Library C:\Windows\system32\secur32.dll 0x75390000
Library C:\Windows\system32\SSPICLI.DLL 0x753B0000
Library C:\Windows\system32\credssp.dll 0x74BB0000
Library C:\Windows\system32\msv1_0.DLL 0x74EB0000
Library C:\Windows\system32\cryptdll.dll 0x75140000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Private.dll 0x67B40000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Implementation.de_Localization.dll 0x67B00000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.REG.Shared.dll 0x6E9E0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Fusion.Aspects.Runtime.dll 0x6E970000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DPPE.Fuel.Shared.dll 0x6E9D0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Fets.Fuel.Shared.dll 0x6E920000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.WiFi.Fuel.Shared.dll 0x6E910000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUPStates.Fuel.Shared.dll 0x6E900000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Runtime.dll 0x6E8F0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Shared.dll 0x6E8E0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\APM.Server.dll 0x6E8C0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\APM.Foundation.dll 0x6E8B0000
Library C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll 0x67E30000
Library C:\Windows\system32\sxs.dll 0x75430000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll 0x67EA0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Extension.EEU.dll 0x6E8A0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.EEU.Shared.dll 0x6E890000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.dll 0x07540000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.Private.dll 0x6E880000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.dll 0x6E870000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.dll 0x67E20000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll 0x65D50000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a013e3b347de5b1b608daebdff0d46c0\PresentationFramework.ni.dll 0x64F90000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.Private.dll 0x679D0000
Library C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll 0x67820000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Systemtray.dll 0x67DB0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Implementation.dll 0x67D80000
Library C:\Windows\system32\WindowsCodecs.dll 0x73D40000
Library C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll 0x67D70000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.dll 0x674B0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.Shared.dll 0x67240000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Dashboard.dll 0x674A0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects1.Dashboard.dll 0x67040000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll 0x66CA0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 0x66C50000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll 0x67490000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects2.Dashboard.dll 0x669F0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Dashboard.dll 0x07F40000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Dashboard.dll 0x677F0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Dashboard.dll 0x677E0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Dashboard.dll 0x677D0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.User.Fuel.Dashboard.dll 0x67690000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Fets.Fuel.Dashboard.dll 0x67680000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.WiFi.Fuel.Dashboard.dll 0x67670000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DPPE.Fuel.Dashboard.dll 0x67650000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUPStates.Fuel.Dashboard.dll 0x67640000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Dashboard.dll 0x67630000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Client.dll 0x675E0000
Library C:\Windows\system32\d3d9.dll 0x64DC0000
Library C:\Windows\system32\VERSION.dll 0x74950000
Library C:\Windows\system32\d3d8thk.dll 0x675D0000
Library C:\Windows\system32\aticfx32.dll 0x71300000
Library C:\Windows\system32\atiu9pag.dll 0x67570000
Library C:\Windows\system32\atiumdag.dll 0x64560000
Library C:\Windows\system32\atiumdva.dll 0x649E0000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll 0x73070000
Library C:\Windows\system32\urlmon.dll 0x76F70000
Library C:\Windows\system32\iertutil.dll 0x76BE0000
Library C:\Windows\system32\WININET.dll 0x76E50000
Library C:\Windows\system32\Normaliz.dll 0x75BC0000
Library C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll 0x67530000
Library C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll 0x674F0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.ProfileManager2.dll 0x669D0000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll 0x64320000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\78967b28f748b8807eaa97c1cb454adc\WindowsFormsIntegration.ni.dll 0x66990000
Library C:\Windows\system32\WINSTA.dll 0x74B50000
Library C:\Windows\system32\WINMM.dll 0x70910000
Library C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_de_31bf3856ad364e35\PresentationCore.resources.dll 0x66910000
Library C:\Windows\system32\PresentationNative_v0300.dll 0x64260000
Library C:\Windows\system32\msctfui.dll 0x66930000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.dll 0x640F0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private.dll 0x6ECC0000

Process C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe(2013-02-13 23:12:37) 2624
Library C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe 0x011C0000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\mfc100u.dll 0x6BDE0000
Library C:\Windows\system32\MSVCR100.dll 0x70D30000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\COMCTL32.dll 0x744C0000
Library C:\Windows\system32\MSIMG32.dll 0x736B0000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\XmlLite.dll 0x73ED0000
Library C:\Windows\system32\MSVCP100.dll 0x70DF0000
Library C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll 0x740A0000
Library C:\Windows\system32\RASAPI32.dll 0x73970000
Library C:\Windows\system32\rasman.dll 0x73950000
Library C:\Windows\system32\WS2_32.dll 0x75830000
Library C:\Windows\system32\NSI.dll 0x77480000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\UxTheme.dll 0x74230000
Library C:\Windows\system32\dwmapi.dll 0x73F00000
Library C:\Windows\system32\MFC100DEU.DLL 0x71E20000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\wbem\wbemprox.dll 0x70230000
Library C:\Windows\system32\wbemcomn.dll 0x6FCC0000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Windows\system32\wbem\wbemsvc.dll 0x6F3D0000
Library C:\Windows\system32\wbem\fastprox.dll 0x6F520000
Library C:\Windows\system32\NTDSAPI.dll 0x6F500000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Program Files\Sony\VAIO Update\VUAgentPS.dll 0x67480000
Library C:\Windows\system32\SXS.DLL 0x75430000
Library C:\Program Files\Sony\VAIO Improvement\viaggregator.dll 0x6EFC0000
Library C:\Windows\system32\taskschd.dll 0x6FF40000
Library C:\Windows\system32\SspiCli.dll 0x753B0000
Library C:\Windows\system32\wuapi.dll 0x633E0000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000
Library C:\Windows\system32\Cabinet.dll 0x63A50000
Library C:\Windows\system32\WINTRUST.dll 0x75770000
Library C:\Windows\system32\wups.dll 0x6F040000
Library C:\Program Files\Sony\VAIO Update\InternetWrapperPS.dll 0x6A0F0000
Library C:\Windows\system32\rtutils.dll 0x73940000
Library C:\Windows\system32\wwanapi.dll 0x6E7D0000
Library C:\Windows\system32\wwapi.dll 0x72DA0000

Process C:\Program Files\Synaptics\SynTP\SynTPEnh.exe(2010-11-01 13:21:30) 2852
Library C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 0x00400000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\NETAPI32.dll 0x73B00000
Library C:\Windows\system32\netutils.dll 0x73AF0000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\srvcli.dll 0x75320000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\wkscli.dll 0x73AE0000
Library C:\Windows\system32\SAMCLI.DLL 0x73AD0000
Library C:\Windows\system32\VERSION.dll 0x74950000
Library C:\Windows\system32\WINMM.dll 0x70910000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\PSAPI.DLL 0x77470000
Library C:\Windows\system32\comdlg32.dll 0x75B40000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\COMCTL32.dll 0x72070000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\uxtheme.dll 0x74230000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\SynCOM.dll 0x10000000
Library C:\Windows\system32\dwmapi.dll 0x73F00000
Library C:\Windows\System32\MMDevApi.dll 0x73F20000
Library C:\Windows\System32\PROPSYS.dll 0x74270000
Library C:\Windows\system32\SETUPAPI.dll 0x75870000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000
Library C:\Windows\system32\DEVOBJ.dll 0x75690000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll 0x744C0000
Library C:\Windows\system32\ntmarta.dll 0x73910000
Library C:\Windows\system32\WLDAP32.dll 0x75D30000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Windows\system32\urlmon.dll 0x76F70000
Library C:\Windows\system32\iertutil.dll 0x76BE0000
Library C:\Windows\system32\WININET.dll 0x76E50000
Library C:\Windows\system32\Normaliz.dll 0x75BC0000
Library C:\Windows\system32\Secur32.dll 0x75390000
Library C:\Windows\system32\SSPICLI.DLL 0x753B0000
Library C:\Windows\system32\MPR.dll 0x71D40000
Library C:\Windows\system32\AUDIOSES.DLL 0x6EAD0000
Library C:\Windows\system32\SynTPAPI.dll 0x63010000
Library C:\Windows\system32\WINSTA.dll 0x74B50000
Library C:\Windows\system32\SAMLIB.dll 0x74480000

Process C:\Program Files\Sony\ISB Utility\ISBMgr.exe(2013-02-13 02:26:47) 2860
Library C:\Program Files\Sony\ISB Utility\ISBMgr.exe 0x003B0000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\SETUPAPI.dll 0x75870000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\DEVOBJ.dll 0x75690000
Library C:\Windows\system32\POWRPROF.dll 0x74920000
Library C:\Windows\system32\MSIMG32.dll 0x736B0000
Library C:\Windows\system32\COMDLG32.dll 0x75B40000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\COMCTL32.dll 0x72070000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library C:\Windows\system32\WINSPOOL.DRV 0x73C90000
Library C:\Windows\system32\oledlg.dll 0x70360000
Library C:\Windows\system32\OLEACC.dll 0x73A60000
Library C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll 0x740A0000
Library C:\Windows\system32\IMM32.dll 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\WINMM.dll 0x70910000
Library C:\Windows\system32\uxtheme.dll 0x74230000
Library C:\Windows\system32\dwmapi.dll 0x73F00000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll 0x744C0000
Library C:\Windows\system32\wtsapi32.dll 0x74960000
Library C:\Windows\system32\WINSTA.dll 0x74B50000
Library C:\Windows\system32\WINTRUST.dll 0x75770000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000
Library C:\Program Files\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll 0x6F070000
Library C:\Windows\system32\MSVCP100.dll 0x70DF0000
Library C:\Windows\system32\MSVCR100.dll 0x70D30000

Process C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe(2010-08-23 15:11:04) 2964
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe 0x00280000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\SYSTEM32\MSCOREE.DLL 0x702F0000
Library C:\Windows\system32\KERNEL32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll 0x70280000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll 0x6C220000
Library C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.5592_none_d09196c24426e2d4\MSVCR80.dll 0x6BB30000
Library C:\Windows\system32\shell32.dll 0x75EC0000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll 0x6A660000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\uxtheme.dll 0x74230000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll 0x69F60000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll 0x69760000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll 0x695D0000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll 0x689F0000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.Implementation.dll 0x73740000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.dll 0x72B60000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Private.dll 0x72B50000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.dll 0x72B30000
Library C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll 0x72AA0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.Foundation.dll 0x72A50000
Library C:\Windows\system32\dwmapi.dll 0x73F00000
Library C:\Windows\system32\wtsapi32.dll 0x74960000
Library C:\Windows\system32\WINSTA.dll 0x74B50000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.Private.dll 0x6E0C0000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll 0x72EB0000
Library C:\Windows\system32\shfolder.dll 0x6E000000
Library C:\Windows\system32\PROPSYS.dll 0x74270000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll 0x744C0000
Library C:\Windows\system32\apphelp.dll 0x753D0000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\System32\ieframe.dll 0x6D660000
Library C:\Windows\system32\PSAPI.DLL 0x77470000
Library C:\Windows\System32\OLEACC.dll 0x73A60000
Library C:\Windows\system32\iertutil.dll 0x76BE0000
Library C:\Windows\system32\urlmon.dll 0x76F70000
Library C:\Windows\system32\WININET.dll 0x76E50000
Library C:\Windows\system32\Normaliz.dll 0x75BC0000
Library C:\Windows\system32\SETUPAPI.dll 0x75870000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000
Library C:\Windows\system32\DEVOBJ.dll 0x75690000
Library C:\Windows\system32\ntmarta.dll 0x73910000
Library C:\Windows\system32\WLDAP32.dll 0x75D30000
Library C:\Windows\system32\Secur32.dll 0x75390000
Library C:\Windows\system32\SSPICLI.DLL 0x753B0000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll 0x67EA0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.Implementation.dll 0x6E710000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\NEWAEM.Foundation.dll 0x72C00000
Library C:\Windows\system32\version.dll 0x74950000

Process C:\Windows\system32\taskeng.exe(2010-11-20 21:29:06) 3016
Library C:\Windows\system32\taskeng.exe 0x00BF0000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\SspiCli.dll 0x753B0000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\tschannel.dll 0x70C80000
Library C:\Windows\system32\uxtheme.dll 0x74230000
Library C:\Windows\system32\dwmapi.dll 0x73F00000
Library C:\Windows\system32\XmlLite.dll 0x73ED0000
Library C:\Windows\system32\apphelp.dll 0x753D0000

Process C:\Program Files\Sony\VAIO Care\VCsystray.exe(2013-02-13 03:28:44) 3128
Library C:\Program Files\Sony\VAIO Care\VCsystray.exe 0x010E0000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\SYSTEM32\MSCOREE.DLL 0x702F0000
Library C:\Windows\system32\KERNEL32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll 0x70280000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll 0x6C220000
Library C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.5592_none_d09196c24426e2d4\MSVCR80.dll 0x6BB30000
Library C:\Windows\system32\shell32.dll 0x75EC0000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll 0x6A660000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\uxtheme.dll 0x74230000
Library C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll 0x69F60000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll 0x69760000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Program Files\Sony\VAIO Care\VCUtility.dll 0x6F050000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\3e79256ce40faa9682f9e3511ca115ea\System.ServiceModel.ni.dll 0x59770000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll 0x695D0000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll 0x689F0000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll 0x6CE60000
Library C:\Program Files\Sony\VAIO Care\KeyUtilities.dll 0x6EF90000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll 0x64320000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\sxs.dll 0x75430000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\eb33bf977e97e97b12e82c18e36fbaee\SMDiagnostics.ni.dll 0x63BC0000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll 0x6D530000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll 0x5BB40000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll 0x67EA0000
Library C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll 0x72AA0000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\9266d6e1f8057b5b62b460cbf33cda21\System.WorkflowServices.ni.dll 0x5C350000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\1e04a5319c58010e945220af2751d34e\System.ServiceModel.Web.ni.dll 0x5C1A0000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\219c68f83fa608b496b163fd6782e696\System.IdentityModel.ni.dll 0x5BA30000
Library C:\Windows\system32\security.dll 0x5B850000
Library C:\Windows\system32\SECUR32.DLL 0x75390000
Library C:\Windows\system32\SSPICLI.DLL 0x753B0000
Library C:\Windows\system32\credssp.dll 0x74BB0000
Library C:\Windows\system32\msv1_0.DLL 0x74EB0000
Library C:\Windows\system32\cryptdll.dll 0x75140000
Library C:\Program Files\Sony\VAIO Care\Metrics.dll 0x5B7A0000
Library C:\Windows\system32\psapi.dll 0x77470000
Library C:\Program Files\Sony\VAIO Gate\VAIOGateNotifications.dll 0x59180000
Library C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.5570_none_509463cabcb6ef2a\MSVCR90.dll 0x70820000
Library C:\Windows\system32\dwmapi.dll 0x73F00000
Library C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll 0x740A0000
Library C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll 0x10000000
Library C:\Program Files\Sony\VAIO Gate\VGDam.dll 0x72C20000
Library C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.5570_none_509463cabcb6ef2a\MSVCP90.dll 0x6FA30000
Library C:\Windows\System32\msxml6.dll 0x719A0000

Process C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe(2010-11-26 23:55:42) 3132
Library C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe 0x00EF0000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\WTSAPI32.dll 0x74960000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\SETUPAPI.dll 0x75870000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000
Library C:\Windows\system32\DEVOBJ.dll 0x75690000
Library C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.5570_none_509463cabcb6ef2a\MSVCP90.dll 0x6FA30000
Library C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.5570_none_509463cabcb6ef2a\MSVCR90.dll 0x70820000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\COMCTL32.dll 0x744C0000
Library C:\Windows\system32\IPHLPAPI.DLL 0x73600000
Library C:\Windows\system32\NSI.dll 0x77480000
Library C:\Windows\system32\WINNSI.DLL 0x735F0000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\uxtheme.dll 0x74230000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\propsys.dll 0x74270000
Library C:\Windows\system32\ntmarta.dll 0x73910000
Library C:\Windows\system32\WLDAP32.dll 0x75D30000
Library C:\Program Files\Sony\PMB\XpStorageDevice_WinXp2k.dll 0x71E00000
Library C:\Windows\system32\WININET.dll 0x76E50000
Library C:\Windows\system32\Normaliz.dll 0x75BC0000
Library C:\Windows\system32\iertutil.dll 0x76BE0000
Library C:\Windows\system32\urlmon.dll 0x76F70000
Library C:\Windows\system32\dwmapi.dll 0x73F00000
Library C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL 0x00550000
Library C:\Windows\system32\Secur32.dll 0x75390000
Library C:\Windows\system32\SSPICLI.DLL 0x753B0000
Library C:\Program Files\Sony\PMB\PMBVolumeWatcherLOC.DLL 0x10000000
Library C:\Windows\system32\WINSTA.dll 0x74B50000
Library C:\Windows\system32\devenum.dll 0x6B1D0000
Library C:\Windows\system32\WINMM.dll 0x70910000
Library C:\Windows\system32\WINTRUST.dll 0x75770000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000
Library C:\Windows\system32\msdmo.dll 0x6A650000
Library C:\Windows\system32\PortableDeviceApi.dll 0x71FE0000

Process C:\Program Files\Avira\AntiVir Desktop\avgnt.exe(2013-02-13 08:50:33) 3140
Library C:\Program Files\Avira\AntiVir Desktop\avgnt.exe 0x00E70000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\mfc100u.dll 0x6BDE0000
Library C:\Windows\system32\MSVCR100.dll 0x70D30000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\COMCTL32.dll 0x744C0000
Library C:\Windows\system32\MSIMG32.dll 0x736B0000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000

Alt 19.02.2013, 23:50   #10
trampeltier
 
Trojaner - es ist einfach nur langsam! - Standard

Trojaner - es ist einfach nur langsam!



GMER Teil 8


Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\MSVCP100.dll 0x70DF0000
Library C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll 0x740A0000
Library C:\Windows\system32\NETAPI32.dll 0x73B00000
Library C:\Windows\system32\netutils.dll 0x73AF0000
Library C:\Windows\system32\srvcli.dll 0x75320000
Library C:\Windows\system32\wkscli.dll 0x73AE0000
Library C:\Windows\system32\LOGONCLI.DLL 0x74DA0000
Library C:\Windows\system32\BROWCLI.DLL 0x70070000
Library C:\Windows\system32\ACTIVEDS.dll 0x70030000
Library C:\Windows\system32\adsldpc.dll 0x6FFF0000
Library C:\Windows\system32\WLDAP32.dll 0x75D30000
Library C:\Windows\system32\ATL.DLL 0x73800000
Library C:\Windows\system32\WININET.dll 0x76E50000
Library C:\Windows\system32\Normaliz.dll 0x75BC0000
Library C:\Windows\system32\iertutil.dll 0x76BE0000
Library C:\Windows\system32\urlmon.dll 0x76F70000
Library C:\Windows\system32\VERSION.dll 0x74950000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\UxTheme.dll 0x74230000
Library C:\Windows\system32\dwmapi.dll 0x73F00000
Library C:\Windows\system32\MFC100DEU.DLL 0x71E20000
Library C:\Program Files\Avira\AntiVir Desktop\ccwkrlib.dll 0x6BC40000
Library C:\Windows\system32\WINHTTP.dll 0x6FB40000
Library C:\Windows\system32\webio.dll 0x6FAF0000
Library C:\Windows\system32\SspiCli.dll 0x753B0000
Library c:\program files\avira\antivir desktop\cfglib.dll 0x70D20000
Library c:\program files\avira\antivir desktop\ccguard.dll 0x6BBD0000
Library C:\Windows\system32\PSAPI.DLL 0x77470000
Library c:\program files\avira\antivir desktop\ccgrdrc.dll 0x70960000
Library c:\program files\avira\antivir desktop\ccgrdw.dll 0x6ED50000
Library C:\Program Files\Avira\AntiVir Desktop\grdcore.dll 0x70CC0000
Library c:\program files\avira\antivir desktop\gpipc.dll 0x70B90000
Library C:\Windows\system32\MPR.dll 0x71D40000
Library C:\Program Files\Avira\AntiVir Desktop\avipc.dll 0x6F800000
Library c:\program files\avira\antivir desktop\ccwgrd.dll 0x6B840000
Library C:\Windows\system32\SAMCLI.DLL 0x73AD0000
Library C:\Windows\system32\WS2_32.dll 0x75830000
Library C:\Windows\system32\NSI.dll 0x77480000
Library c:\program files\avira\antivir desktop\ccgen.dll 0x6B720000
Library c:\program files\avira\antivir desktop\ccgenrc.dll 0x70950000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library c:\program files\avira\antivir desktop\ccupdate.dll 0x6B490000
Library c:\program files\avira\antivir desktop\ccupdrc.dll 0x6ECE0000
Library C:\Windows\system32\ntmarta.dll 0x73910000
Library c:\program files\avira\antivir desktop\cclic.dll 0x6B470000
Library c:\program files\avira\antivir desktop\cclicrc.dll 0x6ECD0000
Library c:\program files\avira\antivir desktop\ccmsg.dll 0x6B190000
Library c:\program files\avira\antivir desktop\ccmsgrc.dll 0x6B180000
Library C:\Windows\system32\wtsapi32.dll 0x74960000
Library C:\Windows\system32\WINSTA.dll 0x74B50000
Library c:\program files\avira\antivir desktop\ccmainrc.dll 0x6B170000
Library C:\Program Files\Avira\AntiVir Desktop\rcimage.dll 0x6A170000
Library C:\Windows\system32\WindowsCodecs.dll 0x73D40000
Library C:\Program Files\Avira\AntiVir Desktop\ccupdw.dll 0x72AF0000
Library C:\Windows\system32\PROPSYS.dll 0x74270000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Windows\system32\Secur32.dll 0x75390000
Library C:\Windows\system32\SETUPAPI.dll 0x75870000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000
Library C:\Windows\system32\DEVOBJ.dll 0x75690000
Library C:\Windows\system32\apphelp.dll 0x753D0000
Library C:\Windows\system32\DEVRTL.dll 0x74CD0000

Process C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE(2013-02-13 15:44:37) 3148
Library C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE 0x00400000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\VERSION.dll 0x74950000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\WINSPOOL.DRV 0x73C90000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\uxtheme.dll 0x74230000
Library C:\Program Files\Canon\MyPrinter\BJMyRes.dll 0x10000000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Windows\system32\dwmapi.dll 0x73F00000

Process C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe(2013-02-13 15:50:12) 3156
Library C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe 0x00400000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\COMCTL32.dll 0x744C0000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\WINSPOOL.DRV 0x73C90000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Program Files\Canon\Canon IJ Network Scan Utility\CNSU_DEU.DLL 0x10000000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\uxtheme.dll 0x74230000
Library C:\Windows\system32\CNMNPPM.DLL 0x00320000
Library C:\Windows\system32\iphlpapi.dll 0x73600000
Library C:\Windows\system32\NSI.dll 0x77480000
Library C:\Windows\system32\WINNSI.DLL 0x735F0000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\WS2_32.dll 0x75830000
Library C:\Windows\system32\VERSION.dll 0x74950000
Library C:\Windows\system32\dhcpcsvc.DLL 0x73220000
Library C:\Windows\system32\dhcpcsvc6.DLL 0x73160000
Library C:\Windows\system32\mswsock.dll 0x74F10000
Library C:\Windows\System32\wshtcpip.dll 0x749F0000
Library C:\Windows\system32\dwmapi.dll 0x73F00000
Library C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll 0x00380000
Library C:\Windows\system32\PSAPI.DLL 0x77470000

Process C:\Windows\system32\wbem\wmiprvse.exe(2010-11-20 21:29:20) 3228
Library C:\Windows\system32\wbem\wmiprvse.exe 0x00110000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\wbemcomn.dll 0x6FCC0000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\WS2_32.dll 0x75830000
Library C:\Windows\system32\NSI.dll 0x77480000
Library C:\Windows\system32\wbem\FastProx.dll 0x6F520000
Library C:\Windows\system32\NTDSAPI.dll 0x6F500000
Library C:\Windows\system32\NCObjAPI.DLL 0x73710000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\ntmarta.dll 0x73910000
Library C:\Windows\system32\WLDAP32.dll 0x75D30000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Windows\system32\wbem\wbemsvc.dll 0x6F3D0000
Library C:\Windows\system32\wbem\wmiutils.dll 0x6F390000
Library C:\Windows\system32\wbem\wmiprov.dll 0x6B4E0000

Process C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe(2010-07-29 17:45:48) 3264
Library C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe 0x00400000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Program Files\WIDCOMM\Bluetooth Software\btwapi.dll 0x10000000
Library C:\Windows\system32\SETUPAPI.dll 0x75870000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\DEVOBJ.dll 0x75690000
Library C:\Windows\system32\msi.dll 0x703B0000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\WS2_32.dll 0x75830000
Library C:\Windows\system32\NSI.dll 0x77480000
Library C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.5592_none_cbf62b764709d1c9\MFC80.DLL 0x6B8D0000
Library C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.5592_none_d09196c24426e2d4\MSVCR80.dll 0x6BB30000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library C:\Windows\system32\VERSION.dll 0x74950000
Library C:\Program Files\WIDCOMM\Bluetooth Software\btosif.dll 0x001D0000
Library C:\Windows\system32\RASAPI32.dll 0x73970000
Library C:\Windows\system32\rasman.dll 0x73950000
Library C:\Windows\system32\WINMM.dll 0x70910000
Library C:\Program Files\WIDCOMM\Bluetooth Software\btwhidcs.DLL 0x00320000
Library C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.5592_none_cbf62b764709d1c9\MFC80U.DLL 0x6B300000
Library C:\Windows\system32\irprops.cpl 0x6B290000
Library C:\Windows\system32\WSOCK32.dll 0x6B8C0000
Library C:\Windows\system32\COMDLG32.dll 0x75B40000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\COMCTL32.dll 0x744C0000
Library C:\Windows\system32\WINSPOOL.DRV 0x73C90000
Library C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.5592_none_d09196c24426e2d4\MSVCP80.dll 0x6B200000
Library C:\Program Files\WIDCOMM\Bluetooth Software\BtBalloon.dll 0x003D0000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\bthprops.cpl 0x73BE0000
Library C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll 0x02130000
Library C:\Windows\system32\SspiCli.dll 0x753B0000
Library C:\Windows\system32\uxtheme.dll 0x74230000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\mswsock.dll 0x74F10000
Library C:\Windows\System32\wshBth.dll 0x6B160000
Library C:\Windows\system32\WINTRUST.dll 0x75770000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000
Library C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll 0x019C0000
Library C:\Windows\system32\PSAPI.DLL 0x77470000
Library C:\Windows\system32\hid.dll 0x73F60000
Library C:\Program Files\WIDCOMM\Bluetooth Software\BtwCP.DLL 0x01A10000
Library C:\Windows\system32\WTSAPI32.dll 0x74960000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Windows\system32\SXS.DLL 0x75430000

Process C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe(2013-02-13 03:28:23) 3500
Library C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe 0x00810000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\uxtheme.dll 0x74230000
Library C:\Windows\system32\dwmapi.dll 0x73F00000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll 0x744C0000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll 0x740A0000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Program Files\Sony\VAIO Improvement\viaggregator.dll 0x6EFC0000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\MSVCR100.dll 0x70D30000
Library C:\Windows\system32\MSVCP100.dll 0x70DF0000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Windows\system32\SXS.DLL 0x75430000
Library C:\Windows\system32\shell32.dll 0x75EC0000
Library C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll 0x10000000
Library C:\Windows\system32\PSAPI.DLL 0x77470000
Library C:\Windows\system32\Wlanapi.dll 0x70340000
Library C:\Windows\system32\wlanutil.dll 0x731A0000
Library C:\Windows\system32\IPHLPAPI.DLL 0x73600000
Library C:\Windows\system32\NSI.dll 0x77480000
Library C:\Windows\system32\WINNSI.DLL 0x735F0000
Library C:\Windows\system32\dhcpcsvc.DLL 0x73220000
Library C:\Windows\system32\WS2_32.dll 0x75830000
Library C:\Windows\system32\DNSAPI.dll 0x74DD0000
Library C:\Windows\system32\dhcpcsvc6.DLL 0x73160000
Library C:\Windows\system32\SETUPAPI.dll 0x75870000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000
Library C:\Windows\system32\DEVOBJ.dll 0x75690000
Library C:\Windows\system32\WINTRUST.dll 0x75770000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000
Library C:\Windows\system32\ntmarta.dll 0x73910000
Library C:\Windows\system32\WLDAP32.dll 0x75D30000
Library C:\Windows\system32\WindowsCodecs.dll 0x73D40000

Process C:\Windows\System32\svchost.exe(2009-07-13 23:19:28) 3580
Library C:\Windows\System32\svchost.exe 0x00AF0000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library c:\program files\windows defender\mpsvc.dll 0x639A0000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\WTSAPI32.dll 0x74960000
Library C:\Windows\system32\sfc.dll 0x72DE0000
Library C:\Windows\system32\sfc_os.DLL 0x72DD0000
Library c:\program files\windows defender\MpClient.dll 0x63A90000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\USERENV.dll 0x74AC0000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Windows\system32\WINTRUST.dll 0x75770000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000
Library C:\Windows\system32\VERSION.dll 0x74950000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\System32\GPAPI.dll 0x74AA0000
Library C:\Windows\System32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\System32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\imagehlp.dll 0x75BD0000
Library C:\Windows\System32\bcrypt.dll 0x75060000
Library C:\Windows\system32\bcryptprimitives.dll 0x74BF0000
Library C:\Windows\System32\ncrypt.dll 0x75080000
Library c:\program files\windows defender\mprtp.dll 0x633B0000
Library C:\Windows\system32\PSAPI.DLL 0x77470000
Library C:\Windows\System32\tdh.dll 0x72E10000
Library C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EABD79DF-CE62-4DF3-A5FF-34F99448C5CA}\mpengine.dll 0x610F0000
Library C:\Windows\system32\WS2_32.dll 0x75830000
Library C:\Windows\system32\NSI.dll 0x77480000
Library C:\Windows\System32\secur32.dll 0x75390000
Library C:\Windows\System32\ntmarta.dll 0x73910000
Library C:\Windows\system32\WLDAP32.dll 0x75D30000
Library C:\Windows\System32\SSPICLI.DLL 0x753B0000
Library C:\Windows\System32\credssp.dll 0x74BB0000
Library C:\Windows\System32\RpcRtRemote.dll 0x75490000
Library C:\Windows\System32\wscapi.dll 0x649B0000
Library C:\Windows\system32\urlmon.dll 0x76F70000
Library C:\Windows\system32\iertutil.dll 0x76BE0000
Library C:\Windows\system32\WININET.dll 0x76E50000
Library C:\Windows\system32\Normaliz.dll 0x75BC0000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\System32\XmlLite.dll 0x73ED0000
Library C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EABD79DF-CE62-4DF3-A5FF-34F99448C5CA}\offreg.dll 0x73760000

Process C:\Program Files\Avira\AntiVir Desktop\avshadow.exe(2013-02-13 08:50:35) 3808
Library C:\Program Files\Avira\AntiVir Desktop\avshadow.exe 0x001E0000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\VSSAPI.DLL 0x70080000
Library C:\Windows\system32\ATL.DLL 0x73800000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\VssTrace.DLL 0x6FF00000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\MSVCP100.dll 0x70DF0000
Library C:\Windows\system32\MSVCR100.dll 0x70D30000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Program Files\Avira\AntiVir Desktop\avipc.dll 0x6F800000

Process C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe(2013-02-13 03:06:03) 3820
Library C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe 0x00400000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\COMCTL32.dll 0x72070000
Library C:\Windows\system32\SETUPAPI.dll 0x75870000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\DEVOBJ.dll 0x75690000
Library C:\Windows\system32\PSAPI.DLL 0x77470000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\WINSPOOL.DRV 0x73C90000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\ArcSoftKsUFilter.dll 0x10000000
Library C:\Windows\system32\WINTRUST.dll 0x75770000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000

Process C:\Windows\system32\SearchIndexer.exe(2009-07-14 00:14:13) 3904
Library C:\Windows\system32\SearchIndexer.exe 0x00680000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\TQUERY.DLL 0x72710000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\MSSRCH.DLL 0x6E3D0000
Library C:\Windows\system32\ESENT.dll 0x6E220000
Library C:\Windows\system32\IMM32.dll 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\psapi.dll 0x77470000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\secur32.dll 0x75390000
Library C:\Windows\system32\SSPICLI.DLL 0x753B0000
Library C:\Windows\system32\credssp.dll 0x74BB0000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\Msidle.dll 0x72700000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Windows\system32\mssprxy.dll 0x6E1B0000
Library C:\Windows\system32\propsys.dll 0x74270000
Library C:\Windows\system32\ntmarta.dll 0x73910000
Library C:\Windows\system32\WLDAP32.dll 0x75D30000
Library C:\Windows\system32\VSSAPI.DLL 0x70080000
Library C:\Windows\system32\ATL.DLL 0x73800000
Library C:\Windows\system32\VssTrace.DLL 0x6FF00000
Library C:\Windows\system32\samcli.dll 0x73AD0000
Library C:\Windows\system32\SAMLIB.dll 0x74480000
Library C:\Windows\system32\netutils.dll 0x73AF0000
Library C:\Windows\system32\es.dll 0x736C0000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000
Library C:\Windows\system32\WTSAPI32.dll 0x74960000
Library C:\Windows\system32\WINSTA.dll 0x74B50000
Library C:\Windows\system32\USERENV.dll 0x74AC0000
Library C:\Windows\system32\apphelp.dll 0x753D0000
Library C:\Windows\system32\SXS.DLL 0x75430000
Library C:\Windows\System32\NaturalLanguage6.dll 0x60B80000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000
Library C:\Windows\system32\elscore.dll 0x60CF0000
Library C:\Windows\system32\ElsLad.dll 0x5FD40000
Library C:\Windows\System32\NLSData0007.dll 0x60950000
Library C:\Windows\System32\NLSLexicons0007.dll 0x5FDD0000

Process C:\Windows\system32\taskeng.exe(2010-11-20 21:29:06) 3920
Library C:\Windows\system32\taskeng.exe 0x00BF0000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\SspiCli.dll 0x753B0000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\tschannel.dll 0x70C80000
Library C:\Windows\system32\XmlLite.dll 0x73ED0000
Library C:\Windows\system32\apphelp.dll 0x753D0000

Process C:\Program Files\Sony\VAIO Smart Network\VSNService.exe(2013-02-13 03:28:23) 3944
Library C:\Program Files\Sony\VAIO Smart Network\VSNService.exe 0x00C40000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\MSVCP100.dll 0x70DF0000
Library C:\Windows\system32\MSVCR100.dll 0x70D30000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Program Files\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll 0x6F070000
Library C:\Windows\system32\SETUPAPI.dll 0x75870000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000
Library C:\Windows\system32\DEVOBJ.dll 0x75690000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\SXS.DLL 0x75430000
Library C:\Windows\system32\WINTRUST.dll 0x75770000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000
Library C:\Windows\system32\Wlanapi.dll 0x70340000
Library C:\Windows\system32\wlanutil.dll 0x731A0000
Library C:\Windows\system32\IPHLPAPI.DLL 0x73600000
Library C:\Windows\system32\NSI.dll 0x77480000
Library C:\Windows\system32\WINNSI.DLL 0x735F0000
Library C:\Windows\system32\WTSAPI32.dll 0x74960000
Library C:\Windows\system32\WINSTA.dll 0x74B50000
Library C:\Windows\system32\USERENV.dll 0x74AC0000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Windows\system32\SspiCli.dll 0x753B0000
Library C:\Windows\system32\apphelp.dll 0x753D0000
Library C:\Windows\system32\mssprxy.dll 0x6E1B0000
Library C:\Windows\system32\bthprops.cpl 0x73BE0000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll 0x744C0000

Alt 19.02.2013, 23:51   #11
trampeltier
 
Trojaner - es ist einfach nur langsam! - Standard

Trojaner - es ist einfach nur langsam!



Library C:\Windows\system32\WININET.dll 0x76E50000
Library C:\Windows\system32\Normaliz.dll 0x75BC0000
Library C:\Windows\system32\iertutil.dll 0x76BE0000
Library C:\Windows\system32\urlmon.dll 0x76F70000
Library C:\Windows\system32\Secur32.dll 0x75390000
Library C:\Windows\system32\ntmarta.dll 0x73910000
Library C:\Windows\system32\WLDAP32.dll 0x75D30000
Library C:\Windows\system32\WS2_32.dll 0x75830000
Library C:\Windows\system32\dnsapi.DLL 0x74DD0000
Library C:\Windows\system32\RASAPI32.dll 0x73970000
Library C:\Windows\system32\rasman.dll 0x73950000
Library C:\Windows\system32\rtutils.dll 0x73940000
Library C:\Windows\system32\sensapi.dll 0x6F7E0000
Library C:\Windows\system32\wwanapi.dll 0x6E7D0000
Library C:\Windows\system32\wwapi.dll 0x72DA0000
Library C:\Windows\System32\netprofm.dll 0x6F330000
Library C:\Windows\System32\nlaapi.dll 0x73860000
Library C:\Windows\System32\npmproxy.dll 0x726F0000
Library C:\Windows\system32\mswsock.dll 0x74F10000
Library C:\Windows\System32\wshtcpip.dll 0x749F0000
Library C:\Windows\System32\wship6.dll 0x74F00000
Library C:\Windows\system32\dhcpcsvc.DLL 0x73220000
Library C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL 0x6EF20000
Library C:\Windows\system32\PSAPI.DLL 0x77470000
Library C:\Windows\system32\dhcpcsvc6.DLL 0x73160000
Library C:\Windows\system32\rasadhlp.dll 0x6EFE0000
Library C:\Windows\System32\fwpuclnt.dll 0x73460000
Library C:\Windows\System32\msxml6.dll 0x719A0000

Process C:\Windows\system32\svchost.exe(2009-07-13 23:19:28) 4004
Library C:\Windows\system32\svchost.exe 0x00AF0000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library c:\windows\system32\bthserv.dll 0x6E1E0000
Library c:\windows\system32\SHFOLDER.dll 0x6E000000
Library C:\Windows\system32\SHELL32.dll 0x75EC0000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\SETUPAPI.dll 0x75870000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\DEVOBJ.dll 0x75690000
Library C:\Windows\system32\Wlanapi.dll 0x70340000
Library C:\Windows\system32\wlanutil.dll 0x731A0000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\WINTRUST.dll 0x75770000
Library C:\Windows\system32\CRYPT32.dll 0x75520000
Library C:\Windows\system32\MSASN1.dll 0x75510000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Windows\system32\secur32.dll 0x75390000
Library C:\Windows\system32\SSPICLI.DLL 0x753B0000
Library C:\Windows\system32\credssp.dll 0x74BB0000
Library C:\Windows\system32\msv1_0.DLL 0x74EB0000
Library C:\Windows\system32\cryptdll.dll 0x75140000

Process C:\Users\Mirko\Desktop\GMER_2.1.18952.exe(2013-02-19 22:39:33) 4420
Library C:\Users\Mirko\Desktop\GMER_2.1.18952.exe 0x00400000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\COMCTL32.DLL 0x72070000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\uxtheme.dll 0x74230000
Library C:\Windows\system32\dwmapi.dll 0x73F00000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.DLL 0x744C0000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\version.dll 0x74950000
Library C:\Windows\system32\OLEAUT32.DLL 0x77120000

Process C:\Program Files\Sony\VAIO Care\VCService.exe(2013-02-13 03:28:44) 4492
Library C:\Program Files\Sony\VAIO Care\VCService.exe 0x00110000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\system32\kernel32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\USERENV.dll 0x74AC0000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Windows\system32\WTSAPI32.dll 0x74960000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Windows\WinSxS\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.5570_none_51ce1f16bbe3e56e\ATL90.DLL 0x6FAC0000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.5570_none_509463cabcb6ef2a\MSVCR90.dll 0x70820000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Windows\system32\SXS.DLL 0x75430000
Library C:\Windows\system32\WINSTA.dll 0x74B50000
Library C:\Windows\system32\SspiCli.dll 0x753B0000
Library C:\Windows\system32\apphelp.dll 0x753D0000

Process C:\Program Files\Sony\VAIO Care\VCAgent.exe(2013-02-13 03:28:44) 4684
Library C:\Program Files\Sony\VAIO Care\VCAgent.exe 0x000A0000
Library C:\Windows\SYSTEM32\ntdll.dll 0x77310000
Library C:\Windows\SYSTEM32\MSCOREE.DLL 0x702F0000
Library C:\Windows\system32\KERNEL32.dll 0x75A10000
Library C:\Windows\system32\KERNELBASE.dll 0x75640000
Library C:\Windows\system32\ADVAPI32.dll 0x75D80000
Library C:\Windows\system32\msvcrt.dll 0x76DA0000
Library C:\Windows\SYSTEM32\sechost.dll 0x77450000
Library C:\Windows\system32\RPCRT4.dll 0x77490000
Library C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll 0x70280000
Library C:\Windows\system32\SHLWAPI.dll 0x75C00000
Library C:\Windows\system32\GDI32.dll 0x75AF0000
Library C:\Windows\system32\USER32.dll 0x75C60000
Library C:\Windows\system32\LPK.dll 0x75800000
Library C:\Windows\system32\USP10.dll 0x75E20000
Library C:\Windows\system32\IMM32.DLL 0x75810000
Library C:\Windows\system32\MSCTF.dll 0x76B10000
Library C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll 0x6C220000
Library C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.5592_none_d09196c24426e2d4\MSVCR80.dll 0x6BB30000
Library C:\Windows\system32\shell32.dll 0x75EC0000
Library C:\Windows\system32\ole32.dll 0x771B0000
Library C:\Windows\system32\profapi.dll 0x754A0000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll 0x6A660000
Library C:\Windows\system32\CRYPTBASE.dll 0x75420000
Library C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll 0x69F60000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll 0x69760000
Library C:\Program Files\Sony\VAIO Care\KeyUtilities.dll 0x6EF90000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\3e79256ce40faa9682f9e3511ca115ea\System.ServiceModel.ni.dll 0x59770000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll 0x6D530000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll 0x6CE60000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\eb33bf977e97e97b12e82c18e36fbaee\SMDiagnostics.ni.dll 0x63BC0000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll 0x67EA0000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\9266d6e1f8057b5b62b460cbf33cda21\System.WorkflowServices.ni.dll 0x5C350000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\1e04a5319c58010e945220af2751d34e\System.ServiceModel.Web.ni.dll 0x5C1A0000
Library C:\Windows\assembly\GAC_MSIL\System.Configuration.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Configuration.resources.dll 0x6EFB0000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\64cf6c356be66bb17c4667d6d8aa467b\System.Web.Services.ni.dll 0x5BD90000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll 0x5BB40000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\219c68f83fa608b496b163fd6782e696\System.IdentityModel.ni.dll 0x5BA30000
Library C:\Windows\system32\ws2_32.dll 0x75830000
Library C:\Windows\system32\NSI.dll 0x77480000
Library C:\Windows\system32\mswsock.dll 0x74F10000
Library C:\Windows\System32\wshtcpip.dll 0x749F0000
Library C:\Windows\System32\wship6.dll 0x74F00000
Library C:\Windows\system32\DNSAPI.dll 0x74DD0000
Library C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL 0x6EF20000
Library C:\Windows\system32\PSAPI.DLL 0x77470000
Library C:\Windows\system32\IPHLPAPI.DLL 0x73600000
Library C:\Windows\system32\WINNSI.DLL 0x735F0000
Library C:\Windows\system32\rasadhlp.dll 0x6EFE0000
Library C:\Windows\System32\fwpuclnt.dll 0x73460000
Library C:\Windows\system32\httpapi.dll 0x6F7F0000
Library C:\Windows\system32\pcwum.dll 0x74A70000
Library C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll 0x674F0000
Library C:\Program Files\Sony\VAIO Care\CRM\ManagedVAIORecoveryMedia.dll 0x5B9E0000
Library C:\Windows\WinSxS\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.5570_none_4bf8f87ebf99de1f\mfc90u.dll 0x593C0000
Library C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.5570_none_509463cabcb6ef2a\MSVCR90.dll 0x70820000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\COMCTL32.dll 0x72070000
Library C:\Windows\system32\MSIMG32.dll 0x736B0000
Library C:\Windows\system32\OLEAUT32.dll 0x77120000
Library C:\Program Files\Sony\VAIO Care\CRM\VAIORecovery.dll 0x5B9B0000
Library C:\Program Files\Sony\VAIO Care\CRM\Logging.dll 0x6E1C0000
Library C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.5570_none_509463cabcb6ef2a\MSVCP90.dll 0x6FA30000
Library C:\Program Files\Sony\VAIO Care\CRM\VAIOCommon.dll 0x63B40000
Library C:\Program Files\Sony\VAIO Care\CRM\OsServices.dll 0x5B980000
Library C:\Windows\system32\POWRPROF.dll 0x74920000
Library C:\Windows\system32\SETUPAPI.dll 0x75870000
Library C:\Windows\system32\CFGMGR32.dll 0x75740000
Library C:\Windows\system32\DEVOBJ.dll 0x75690000
Library C:\Program Files\Sony\VAIO Care\CRM\PluginFactory.dll 0x63B30000
Library C:\Program Files\Sony\VAIO Care\CRM\RecoveryPartitionManager.dll 0x5B940000
Library C:\Windows\system32\WINSPOOL.DRV 0x73C90000
Library C:\Windows\system32\OLEACC.dll 0x73A60000
Library C:\Program Files\Sony\VAIO Care\CRM\XMLTools.dll 0x63B00000
Library C:\Windows\WinSxS\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.5570_none_51ce1f16bbe3e56e\ATL90.DLL 0x6FAC0000
Library C:\Program Files\Sony\VAIO Care\CRM\VAIOInstallAppsDrivers.dll 0x632C0000
Library C:\Program Files\Sony\VAIO Care\CRM\InstallDB.dll 0x5C700000
Library C:\Program Files\Sony\VAIO Care\CRM\InstallationTools.dll 0x5B920000
Library C:\Windows\system32\WIMGAPI.DLL 0x5B8B0000
Library C:\Windows\system32\VERSION.dll 0x74950000
Library C:\Program Files\Sony\VAIO Care\CRM\VAIOUtility.dll 0x60D00000
Library C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.5570_none_509463cabcb6ef2a\msvcm90.dll 0x5B860000
Library C:\Windows\system32\UxTheme.dll 0x74230000
Library C:\Windows\system32\dwmapi.dll 0x73F00000
Library C:\Windows\system32\CRYPTSP.dll 0x74F50000
Library C:\Windows\system32\rsaenh.dll 0x74CF0000
Library C:\Windows\system32\security.dll 0x5B850000
Library C:\Windows\system32\SECUR32.DLL 0x75390000
Library C:\Windows\system32\SSPICLI.DLL 0x753B0000
Library C:\Windows\system32\credssp.dll 0x74BB0000
Library C:\Windows\system32\msv1_0.DLL 0x74EB0000
Library C:\Windows\system32\cryptdll.dll 0x75140000
Library C:\Program Files\Sony\VAIO Care\VCUtility.dll 0x6F050000
Library C:\Windows\system32\CLBCatQ.DLL 0x77090000
Library C:\Windows\system32\RpcRtRemote.dll 0x75490000
Library C:\Windows\System32\vds_ps.dll 0x5B7F0000
Library C:\Windows\System32\msxml3.dll 0x6F150000
Library C:\Windows\system32\wbem\wbemprox.dll