Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 08.06.2013, 21:23   #1
sweeby1982
 
Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun? - Standard

Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun?



Hallo liebes Team,
habe vor zwei Tagen nach Computerstart eine Meldung der Benutzerkontensteuerung bekommen, in der ich wssAAA.tmp von Perion Network Ltd. ausführen sollte, was ich natürlich nicht gemacht habe. Mir fiel auf, dass diese Meldung immer nach Neustart wiederkam, welche ich weiterhin nicht bestätigte.

Als ich auf Facebook meine Nachrichten aufrufen wollte, schlug mein Virenprogramm (avast! Free-antivirus) Alarm. Die Objekte sowie Infektionen hatten immer andere Namen. Die Windows-Firewall meldete gleichzeitig das avast ausgeschaltet wäre, obwohl dieses, bei jedem Versuch die Facebook-Nachrichten aufzurufen, wie wild schrie.

Ich probierte alles aus, was mir als nicht-Spezi möglich war..... Virenscanner negativ, Anti-Maleware negativ, da suchte ich wieder bei avast. Dort wollte ich unter Updates alles manuell aktualisieren. Doch nach kurzer Prüfung hieß es, das das Modul beschädigt sei. Sowohl bei der Datenbank als auch beim Programm, also avast neu runtergeladen, deinstalliert und neu drauf gespielt. Schon konnte ich bei Facebook wieder die völlig harmlosen Nachrichten abrufen.
Doch die Perion-Meldung war immer noch nach Neustart da......

Heute passierte genau dasselbe wieder. Wieder meldete die Firewall, dass avast ausgeschaltet wäre, und die Meldung von Perion kam auf den Bildschirm. Ich sah, dass der Name sich geändert hatte und schrieb schnell wssBC9C.tmp auf. Doch als ich wieder auf den Bildschirm sah, drückte ich Trottel auf ausführen !!!!!! Der Rechner lief danach noch ca. 1 std und dann wurde der Bildschirm fast völlig dunkel, als ich gerade hier schreiben wollte. Man sah nur noch schemenhaft die Schrift im Hintergrund.
Nach mehreren Versuchen den Rechner neu zu starten, konnte ich das Windows-Reparatur-Tool starten (musste mehrmals hart runterfahren), welches mir zumindest das System wiederherstellte. Dann habe ich Anti-Maleware nochmal scannen lassen und das fand 3 Infektion, die ich auch von dem Programm entfernen ließ.

Ich bin mir jetzt nicht sicher, ob das alles richtig war. Ich hoffe, ich habe keine wichtige Info vergessen und einer von euch kann und möchte mir helfen.....

Vielen lieben Dank jetzt schonmal
Lg Sweeby

PS. Jetzt gerade, wo ich kurz vorm abschicken dieser Nachricht bin, kommt die Meldung mit wieder neuem Namen. Diesmal heisst sie wss14F7.tmp !!!!!
Jetzt bin ich mir sicher, dass da immer noch was böses aufm Rechner ist

Alt 08.06.2013, 21:26   #2
markusg
/// Malware-holic
 
Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun? - Standard

Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun?



hi, poste alle Malwarebytes Logs mit Funden.
http://www.trojaner-board.de/125889-...en-posten.html
__________________

__________________

Alt 08.06.2013, 21:51   #3
sweeby1982
 
Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun? - Standard

Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun?



der eben ausgeführte quick-scan
dazu der quick-scan mit den drei Funden
__________________
Angehängte Dateien
Dateityp: txt mbam-log-2013-06-08 (22-32-08).txt (2,1 KB, 141x aufgerufen)
Dateityp: txt MBAM-log-2013-06-08 (21-11-04).txt (2,4 KB, 132x aufgerufen)

Alt 08.06.2013, 22:12   #4
markusg
/// Malware-holic
 
Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun? - Standard

Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun?



Hi

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 08.06.2013, 22:55   #5
sweeby1982
 
Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun? - Standard

Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun?



Danke für die schnellen Antworten, leider weiss ich nicht wie ich die Logs in so einem Kasten poste. Ich habe durch die Vorrecherche OTL schon runtergeladen und einmal laufen lassen, doch jetzt bei dem zweiten Lauf habe ich diese Extra-log nicht bekommen?! Hab ich da was falsch gemacht? Ich schick mal die erste mit.....

Zweiter Scan nach eurer AnweisungOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 08.06.2013 23:20:15 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Luzifer\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,97 Gb Total Physical Memory | 1,91 Gb Available Physical Memory | 64,47% Memory free
6,14 Gb Paging File | 5,00 Gb Available in Paging File | 81,57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 217,86 Gb Total Space | 139,35 Gb Free Space | 63,96% Space Free | Partition Type: NTFS
Drive D: | 70,83 Gb Total Space | 70,65 Gb Free Space | 99,75% Space Free | Partition Type: NTFS
Drive G: | 70,93 Gb Total Space | 59,57 Gb Free Space | 83,98% Space Free | Partition Type: NTFS
 
Computer Name: LUZIFER-PC | User Name: Luzifer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.06.08 19:01:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Luzifer\Downloads\OTL.exe
PRC - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.05.09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.08.15 20:08:34 | 000,231,768 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.02.26 18:36:46 | 000,030,040 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2008.11.22 04:33:20 | 000,303,104 | ---- | M] (Sony Corporation) -- C:\Programme\sony\Network Utility\NSUService.exe
PRC - [2008.11.22 04:33:20 | 000,270,336 | ---- | M] (Sony Corporation) -- C:\Programme\sony\Network Utility\LANUtil.exe
PRC - [2008.11.05 18:32:28 | 000,203,624 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Event Service\VESMgr.exe
PRC - [2008.11.05 18:32:28 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Event Service\VESMgrSub.exe
PRC - [2008.10.17 19:16:54 | 000,415,584 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Power Management\SPMService.exe
PRC - [2008.10.17 12:28:57 | 000,102,400 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RTKAUDIOSERVICE.EXE
PRC - [2008.10.14 17:07:30 | 000,776,744 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008.09.30 02:04:57 | 000,122,880 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\Apoint\Apoint.exe
PRC - [2008.09.30 02:04:57 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\Apoint\ApntEx.exe
PRC - [2008.09.30 02:04:55 | 000,050,472 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\Apoint\ApMsgFwd.exe
PRC - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Programme\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2008.09.11 19:28:26 | 000,446,464 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2008.09.08 09:59:54 | 000,192,512 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2008.09.08 09:59:52 | 000,279,848 | ---- | M] (Sony Corporation) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2008.09.05 12:54:58 | 001,771,360 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Power Management\SPMgr.exe
PRC - [2008.08.28 20:21:36 | 000,870,240 | ---- | M] (Sony Corporation) -- C:\Programme\sony\VAIO Update 4\VAIOUpdt.exe
PRC - [2008.08.20 16:38:30 | 000,860,160 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe
PRC - [2008.08.20 16:08:02 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008.06.11 23:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Programme\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2008.01.21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
PRC - [2007.09.11 00:45:04 | 000,124,832 | ---- | M] () -- c:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
PRC - [2007.01.04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) -- c:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.05.16 09:08:33 | 001,071,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\eb525a947a47b0e41bfabf91855e7459\System.IdentityModel.ni.dll
MOD - [2013.05.16 09:08:30 | 017,404,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\93c9e616b0bf994a9fe885dd4f460218\System.ServiceModel.ni.dll
MOD - [2013.05.16 09:08:08 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\3da65115bf9debbf564861f6b123a2e4\System.Configuration.ni.dll
MOD - [2013.05.16 09:03:42 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e9ea3e70247b4aa4a8b260426db3aa6b\System.Windows.Forms.ni.dll
MOD - [2013.02.14 15:08:03 | 011,820,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\421cb77e6a4c21f94e3c5ddf766de23b\System.Web.ni.dll
MOD - [2013.01.10 04:36:41 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\f300bbe8b18d4a04933422f241aa1428\System.IdentityModel.Selectors.ni.dll
MOD - [2013.01.10 04:36:18 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\9b2eef59d0cfc5aff182d0951de5f040\Accessibility.ni.dll
MOD - [2013.01.10 04:36:16 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll
MOD - [2013.01.10 04:36:04 | 002,346,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\895899bb8c1772f2043de17305d7eb35\System.Runtime.Serialization.ni.dll
MOD - [2013.01.10 04:35:57 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\bb8af3cf69f1337efda4e810b6751b89\SMDiagnostics.ni.dll
MOD - [2013.01.10 04:35:56 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll
MOD - [2013.01.10 04:35:32 | 001,593,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll
MOD - [2013.01.10 04:34:36 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll
MOD - [2013.01.10 04:34:29 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll
MOD - [2012.08.05 09:55:00 | 001,687,552 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3120.40644__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2012.08.05 09:55:00 | 000,270,336 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3120.40600__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2012.08.05 09:55:00 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3120.40658__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2012.08.05 09:55:00 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3120.40816__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2012.08.05 09:55:00 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3120.40636__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2012.08.05 09:55:00 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3120.40744__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2012.08.05 09:55:00 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3120.40622__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2012.08.05 09:54:59 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3120.40847__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2012.08.05 09:54:59 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3120.40780__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2012.08.05 09:54:43 | 000,348,160 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3120.40788__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2012.08.05 09:54:43 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3120.40854__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2012.08.05 09:54:43 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3120.40794__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2012.08.05 09:54:43 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3120.40615__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2012.08.05 09:54:43 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3120.40787__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2012.08.05 09:54:42 | 000,806,912 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3120.40747__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2012.08.05 09:54:42 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3120.40806__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2012.08.05 09:54:42 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3120.40664__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2012.08.05 09:54:42 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3120.40762__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2012.08.05 09:54:42 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3120.40746__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2012.08.05 09:54:42 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3120.40761__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2012.08.05 09:54:41 | 000,585,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3120.40669__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2012.08.05 09:54:41 | 000,450,560 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3120.40739__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2012.08.05 09:54:41 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3120.40623__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2012.08.05 09:54:41 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3120.40774__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2012.08.05 09:54:41 | 000,376,832 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3120.40745__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2012.08.05 09:54:41 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3120.40675__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2012.08.05 09:54:41 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3120.40744__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2012.08.05 09:54:41 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3120.40675__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2012.08.05 09:54:41 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3120.40745__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2012.08.05 09:54:41 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3120.40773__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2012.08.05 09:54:41 | 000,008,192 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3120.40587__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2012.08.05 09:54:41 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3120.40582__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2012.08.05 09:54:41 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2012.08.05 09:54:41 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3120.40845__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2012.08.05 09:54:41 | 000,006,144 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3120.40587__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2012.08.05 09:54:41 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3120.40600__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2012.08.05 09:54:41 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3120.40588__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2012.08.05 09:54:40 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3120.40816__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2012.08.05 09:54:40 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3120.40581__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2012.08.05 09:54:40 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3120.40583__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2012.08.05 09:54:40 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3120.40786__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2012.08.05 09:54:40 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3120.40746__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2012.08.05 09:54:40 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2012.08.05 09:54:40 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3120.40846__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2012.08.05 09:54:40 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3120.40837__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2012.08.05 09:54:40 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3120.40621__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2012.08.05 09:54:40 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3120.40761__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2012.08.05 09:54:40 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3120.40583__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2012.08.05 09:54:40 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3120.40583__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2012.08.05 09:54:40 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3120.40599__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2012.08.05 09:54:40 | 000,019,968 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3120.40580__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2012.08.05 09:54:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2012.08.05 09:54:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2012.08.05 09:54:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3120.40636__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2012.08.05 09:54:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3120.40614__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2012.08.05 09:54:40 | 000,015,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3120.40582__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2012.08.05 09:54:40 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3120.40582__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2012.08.05 09:54:40 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3120.40598__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2012.08.05 09:54:40 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3120.40599__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2012.08.05 09:54:40 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3120.40584__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2012.08.05 09:54:40 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3120.40585__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2012.08.05 09:54:40 | 000,005,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3120.40599__90ba9c70f846762e\DEM.OS.dll
MOD - [2012.08.05 09:54:39 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3120.40745__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2012.08.05 09:54:39 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3120.40642__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2012.08.05 09:54:39 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3120.40780__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2012.08.05 09:54:39 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3120.40621__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2012.08.05 09:54:39 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3120.40621__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2012.08.05 09:54:39 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3120.40642__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2012.08.05 09:54:39 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2012.08.05 09:54:39 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3120.40582__90ba9c70f846762e\APM.Foundation.dll
MOD - [2012.08.05 09:54:39 | 000,006,144 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3120.40589__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2012.08.05 09:54:35 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory.resources\2.0.3120.40592_de_90ba9c70f846762e\CLI.Component.SkinFactory.resources.dll
MOD - [2012.08.05 09:54:34 | 000,005,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.3120.40829_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll
MOD - [2012.08.05 09:54:33 | 000,417,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3120.40829__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2012.08.05 09:54:33 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3120.40629__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2012.08.05 09:54:33 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3120.40837__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2012.08.05 09:54:33 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3120.40836__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2012.08.05 09:54:33 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3120.40592__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2012.08.05 09:54:33 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3120.40591__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2012.08.05 09:54:33 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3120.40587__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2012.08.05 09:54:33 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3120.40867__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2012.08.05 09:54:33 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3120.40586__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2012.08.05 09:54:33 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3120.40585__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2012.08.05 09:54:33 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3120.40584__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2012.08.05 09:54:33 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2012.08.05 09:54:33 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2012.08.05 09:54:33 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3120.40629__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2012.08.05 09:54:33 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3120.40878__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2012.08.05 09:54:33 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3120.40588__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2012.08.05 09:54:33 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3120.40591__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2012.08.05 09:54:32 | 000,995,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3120.40608__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2012.08.05 09:54:32 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3120.40599__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2012.08.05 09:54:32 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3120.40590__90ba9c70f846762e\APM.Server.dll
MOD - [2012.08.05 09:54:32 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3120.40589__90ba9c70f846762e\AEM.Server.dll
MOD - [2012.08.05 09:54:32 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3120.40607__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2012.08.05 09:54:32 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2012.08.05 09:54:32 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3120.40837__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2012.08.05 09:54:32 | 000,010,240 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3120.40607__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2012.08.05 09:54:32 | 000,008,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3120.40650__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2009.12.09 08:54:50 | 000,495,616 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_de_b77a5c561934e089\System.ServiceModel.resources.dll
MOD - [2009.03.30 06:42:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.03.30 06:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.11.25 14:41:44 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\SPMDam\3.1.0.6020__1b3c579b6925895f\SPMDam.dll
MOD - [2008.11.25 14:41:39 | 000,086,016 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\SPMCommon\3.1.0.6020__e3c7096ba83f9295\SPMCommon.dll
MOD - [2008.10.14 16:56:08 | 000,126,976 | ---- | M] () -- C:\Programme\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2008.09.25 02:44:18 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008.08.26 11:41:42 | 000,016,384 | R--- | M] () -- c:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2013.05.24 16:21:59 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.05.16 10:47:09 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.07.20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009.02.26 18:36:22 | 000,064,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2008.11.25 14:40:16 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.11.22 04:33:20 | 000,303,104 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\sony\Network Utility\NSUService.exe -- (NSUService)
SRV - [2008.11.05 18:32:28 | 000,203,624 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2008.10.21 10:52:38 | 000,353,568 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\sony\VAIO Media plus\SOHDms.exe -- (SOHDms)
SRV - [2008.10.21 10:52:38 | 000,062,752 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\sony\VAIO Media plus\SOHDs.exe -- (SOHDs)
SRV - [2008.10.21 10:52:36 | 000,103,712 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\sony\VAIO Media plus\SOHCImp.exe -- (SOHCImp)
SRV - [2008.10.17 19:16:54 | 000,415,584 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV - [2008.10.17 12:28:57 | 000,102,400 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Windows\RTKAUDIOSERVICE.EXE -- (RtkAudioService)
SRV - [2008.10.01 18:18:48 | 000,369,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2008.09.19 10:06:22 | 000,083,232 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)
SRV - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Programme\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2008.09.11 19:28:26 | 000,446,464 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2008.09.08 09:59:56 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2008.09.08 09:59:54 | 000,192,512 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2008.09.08 09:59:52 | 000,279,848 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2008.08.20 16:38:30 | 000,860,160 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008.08.20 16:08:02 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008.05.20 01:51:34 | 000,077,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2008.05.20 01:49:04 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2008.05.20 01:29:06 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.09.11 00:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- c:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2007.01.04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- c:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | Disabled | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | Boot | Stopped] -- System32\drivers\aynl.sys -- (jgwlhdkr)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2013.05.09 10:59:10 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013.05.09 10:59:10 | 000,368,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013.05.09 10:59:10 | 000,174,664 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013.05.09 10:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013.05.09 10:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013.05.09 10:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013.05.09 10:59:09 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2013.05.09 10:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2008.10.24 02:06:27 | 000,150,560 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2008.10.23 02:02:23 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\risdptsk.sys -- (risdptsk)
DRV - [2008.10.23 02:02:02 | 000,068,608 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2008.09.30 02:04:57 | 000,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008.09.25 02:44:13 | 003,847,168 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.08.28 23:48:46 | 003,664,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32)
DRV - [2008.08.22 17:22:42 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2008.08.22 02:06:22 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV - [2008.06.07 02:02:55 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2008.04.24 14:06:40 | 000,017,920 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2008.01.25 04:14:25 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007.04.17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
IE - HKLM\..\URLSearchHook: {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Programme\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {E0775E9E-5DDC-4C12-B58D-79B2B5918CE9}
IE - HKLM\..\SearchScopes\{E0775E9E-5DDC-4C12-B58D-79B2B5918CE9}: "URL" = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7SNYK_de&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb201/?search={searchTerms}&loc=IB_DS&a=6PQWYvjB0G&i=26
IE - HKCU\..\SearchScopes\{E0775E9E-5DDC-4C12-B58D-79B2B5918CE9}: "URL" = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\ [2013.01.12 17:03:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\IB Updater\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.06.05 23:01:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2013.01.26 16:25:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Luzifer\AppData\Roaming\mozilla\Extensions
[2013.01.26 17:16:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Luzifer\AppData\Roaming\mozilla\Firefox\Profiles\jjzm6vcr.default\extensions
[2013.06.08 20:57:08 | 000,002,120 | ---- | M] () -- C:\Users\Luzifer\AppData\Roaming\mozilla\firefox\profiles\jjzm6vcr.default\searchplugins\MyStart.xml
[2013.05.24 16:22:01 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013.05.24 16:22:01 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (DVDVideoSoftTB DE Toolbar) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Programme\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB DE Toolbar) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files\DVDVideoSoftTB_DE\prxtbDVDV.dll̀ File not found
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB DE Toolbar) - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - C:\Programme\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AML] C:\Program Files\Sony\VAIO Launcher\AML.exe (Sony)
O4 - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [NSUFloatingUI] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java-Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 10.21.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 80.69.100.102 80.69.100.230
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E7565BAE-1A92-4F12-BE98-17C4C25E307B}: DhcpNameServer = 80.69.100.102 80.69.100.230
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\Luzifer\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Luzifer\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.08 18:34:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\jmdp
[2013.06.08 18:34:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\ARFC
[2013.06.08 18:34:35 | 000,000,000 | ---D | C] -- C:\Windows\System32\WNLT
[2013.06.05 23:02:12 | 000,368,944 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013.06.05 23:02:12 | 000,049,760 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2013.06.05 23:02:12 | 000,029,816 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2013.06.05 23:02:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013.06.05 23:02:11 | 000,056,080 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2013.06.05 23:02:10 | 000,765,736 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013.06.05 23:02:09 | 000,066,336 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013.06.05 23:01:27 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.06.05 23:00:52 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.06.02 13:42:16 | 000,000,000 | ---D | C] -- C:\Users\Luzifer\AppData\Roaming\TS3Client
[2013.06.02 13:41:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2013.06.02 13:40:58 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2013.05.26 13:26:34 | 000,000,000 | ---D | C] -- C:\Users\Luzifer\AppData\Local\ArcSoft
[2013.05.24 16:21:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.08 23:17:22 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.08 23:17:22 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.08 22:47:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.08 21:17:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.08 21:17:14 | 3186,663,424 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.08 21:15:38 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013.06.08 20:02:12 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013.06.06 18:23:22 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.06.06 18:23:22 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.06.06 18:23:22 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.06.06 18:23:22 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.06.05 23:02:12 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.06.02 13:41:03 | 000,000,959 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2013.05.21 15:28:38 | 000,027,136 | ---- | M] () -- C:\Windows\System32\ImHttpComm.dll
[2013.05.16 09:00:57 | 000,412,592 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2013.06.08 20:38:19 | 3186,663,424 | -HS- | C] () -- C:\hiberfil.sys
[2013.06.08 18:34:36 | 000,027,136 | ---- | C] () -- C:\Windows\System32\ImHttpComm.dll
[2013.06.05 23:02:12 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.06.05 23:02:10 | 000,174,664 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013.06.05 23:02:09 | 000,049,376 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013.06.02 13:41:03 | 000,000,959 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2013.01.26 14:36:34 | 000,721,397 | ---- | C] () -- C:\Windows\unins000.exe
[2013.01.26 14:36:34 | 000,068,042 | ---- | C] () -- C:\Windows\unins000.dat
[2013.01.25 18:19:39 | 000,000,001 | R--- | C] () -- C:\Users\Luzifer\serverport
[2012.12.04 18:39:54 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012.11.07 10:10:44 | 000,014,336 | ---- | C] () -- C:\Users\Luzifer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.09.20 16:20:58 | 000,000,000 | ---- | C] () -- C:\Users\Luzifer\AppData\Roaming\wklnhst.dat
[2012.08.08 16:14:08 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012.08.08 16:14:08 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012.08.05 11:39:00 | 000,001,356 | ---- | C] () -- C:\Users\Luzifer\AppData\Local\d3d9caps.dat
[2012.08.05 10:34:53 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2012.08.05 10:25:50 | 000,344,064 | ---- | C] () -- C:\Windows\System32\SSMSIppCustom.dll
[2012.08.05 09:36:34 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
 
========== ZeroAccess Check ==========
 
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012.08.27 08:16:26 | 000,000,000 | ---D | M] -- C:\Users\Luzifer\AppData\Roaming\Artogon
[2013.01.12 17:03:22 | 000,000,000 | ---D | M] -- C:\Users\Luzifer\AppData\Roaming\DVDVideoSoft
[2013.01.12 17:03:38 | 000,000,000 | ---D | M] -- C:\Users\Luzifer\AppData\Roaming\DVDVideoSoftIEHelpers
[2013.01.22 16:17:36 | 000,000,000 | ---D | M] -- C:\Users\Luzifer\AppData\Roaming\InterVideo
[2012.12.01 19:06:08 | 000,000,000 | ---D | M] -- C:\Users\Luzifer\AppData\Roaming\OpenCandy
[2012.08.30 15:51:30 | 000,000,000 | ---D | M] -- C:\Users\Luzifer\AppData\Roaming\ScreenSeven
[2012.08.28 12:41:53 | 000,000,000 | ---D | M] -- C:\Users\Luzifer\AppData\Roaming\Settlement. Colossus
[2012.08.31 05:45:14 | 000,000,000 | ---D | M] -- C:\Users\Luzifer\AppData\Roaming\SprillRichiEng
[2013.06.02 16:51:27 | 000,000,000 | ---D | M] -- C:\Users\Luzifer\AppData\Roaming\TS3Client
[2012.12.01 19:06:55 | 000,000,000 | ---D | M] -- C:\Users\Luzifer\AppData\Roaming\TuneUp Software
[2012.08.28 12:36:19 | 000,000,000 | ---D | M] -- C:\Users\Luzifer\AppData\Roaming\VampireSaga
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012.08.05 11:42:11 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2012.08.15 20:03:53 | 000,000,000 | -HSD | M] -- C:\Boot
[2012.08.05 10:34:57 | 000,000,000 | ---D | M] -- C:\Documentation
[2006.11.02 15:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2012.08.05 11:33:47 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2012.08.05 10:09:40 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2008.01.21 04:32:31 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2013.06.05 23:00:52 | 000,000,000 | R--D | M] -- C:\Program Files
[2013.04.06 15:03:17 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2012.08.05 11:33:47 | 000,000,000 | -HSD | M] -- C:\Programme
[2013.06.08 23:22:31 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.08.05 11:38:41 | 000,000,000 | R--D | M] -- C:\Users
[2013.06.05 23:01:27 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2006.11.02 11:44:49 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2006.11.02 11:44:49 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2006.11.02 11:44:49 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2006.11.02 11:44:49 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2009.04.11 08:27:17 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2006.11.02 15:01:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2006.11.02 15:01:49 | 000,032,578 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.08.19 12:50:04 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
 
< MD5 for: AGP440.SYS  >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 04:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
 
< MD5 for: IASTOR.SYS  >
[2008.10.17 04:16:55 | 000,327,192 | ---- | M] (Intel Corporation) MD5=8EF427C54497C5F8A7A645990E4278C7 -- C:\Windows\Drivers\INF\SATA Driver (Intel) (Non-RAID)\IaStor.sys
[2008.10.17 04:16:55 | 000,327,192 | ---- | M] (Intel Corporation) MD5=8EF427C54497C5F8A7A645990E4278C7 -- C:\Windows\System32\drivers\iaStor.sys
[2008.10.17 04:16:55 | 000,327,192 | ---- | M] (Intel Corporation) MD5=8EF427C54497C5F8A7A645990E4278C7 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_3c4af4a0\iaStor.sys
[2008.10.17 04:16:55 | 000,327,192 | ---- | M] (Intel Corporation) MD5=8EF427C54497C5F8A7A645990E4278C7 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_976b5a8f\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\system32\*.dll /lockedfiles >
[2008.09.25 02:44:10 | 000,421,888 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\system32\ATIDEMGX.dll
 
< %USERPROFILE%\*.* >
[2013.06.08 23:21:24 | 002,097,152 | -HS- | M] () -- C:\Users\Luzifer\ntuser.dat
[2013.06.08 23:21:24 | 000,262,144 | -H-- | M] () -- C:\Users\Luzifer\ntuser.dat.LOG1
[2012.08.05 11:39:03 | 000,000,000 | -H-- | M] () -- C:\Users\Luzifer\ntuser.dat.LOG2
[2013.06.08 21:15:37 | 000,065,536 | -HS- | M] () -- C:\Users\Luzifer\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2013.06.08 21:15:37 | 000,524,288 | -HS- | M] () -- C:\Users\Luzifer\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2012.08.05 14:01:01 | 000,524,288 | -HS- | M] () -- C:\Users\Luzifer\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2008.01.21 03:42:57 | 000,000,020 | -HS- | M] () -- C:\Users\Luzifer\ntuser.ini
[2013.01.26 00:22:59 | 000,000,001 | R--- | M] () -- C:\Users\Luzifer\serverport
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
 
<           >

< End of report >
         
--- --- ---

Erster Scan, Extra-Datei vor euren AnweisungOTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 08.06.2013 19:19:51 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Luzifer\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,97 Gb Total Physical Memory | 1,46 Gb Available Physical Memory | 49,36% Memory free
6,13 Gb Paging File | 4,56 Gb Available in Paging File | 74,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 217,86 Gb Total Space | 139,64 Gb Free Space | 64,10% Space Free | Partition Type: NTFS
Drive D: | 70,83 Gb Total Space | 70,65 Gb Free Space | 99,75% Space Free | Partition Type: NTFS
Drive G: | 70,93 Gb Total Space | 59,57 Gb Free Space | 83,98% Space Free | Partition Type: NTFS
 
Computer Name: LUZIFER-PC | User Name: Luzifer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-1322557523-2006374409-1625639609-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{11BB58CC-E14E-436F-BA7F-B75D1C3B9E9B}" = rport=137 | protocol=17 | dir=out | app=system | 
"{16BE3345-E9DC-4718-B9E3-A7883C320D94}" = lport=139 | protocol=6 | dir=in | app=system | 
"{1F0CECBC-7A21-400B-BDCC-455FCC69F064}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{21C1FE20-B052-4ECE-B99F-1DB94CB210EF}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{266F0778-5AB6-49D7-8766-3A03C4D8C4D2}" = rport=139 | protocol=6 | dir=out | app=system | 
"{4AFD6186-1BBA-4ACA-87E1-D44225CEA82C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{4F6EF5B1-8589-4822-95EE-CAC9FBCA49ED}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{529ADDD5-367D-4A2A-89B8-A6C66CA76045}" = lport=138 | protocol=17 | dir=in | app=system | 
"{553FAC7A-8284-49B8-9523-3082515AA207}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{7939121E-70A1-4A41-BA77-DB7EA5A9FCF3}" = lport=137 | protocol=17 | dir=in | app=system | 
"{878C590F-BF1C-40F3-92F7-7A0A6197E685}" = rport=138 | protocol=17 | dir=out | app=system | 
"{8E47A0A1-0DF4-4587-8461-491DDA2E83BB}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{900A59C0-1CC4-49FB-B987-612A38F99D23}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{9238B44F-B087-4B1D-91C2-7860DE153F3F}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{9552AE6D-A591-4562-A09E-B9834AC17C1B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{A6BC3AD4-6ACE-48E2-8AB7-DAA23C1C55B6}" = lport=445 | protocol=6 | dir=in | app=system | 
"{B811DD6B-1994-4330-8527-115716F30431}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{C8048B9E-1955-4893-8EE9-5AA31A99CE6E}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{D8312AAB-CC4B-4338-AB80-C5C4A4A64668}" = rport=445 | protocol=6 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{064380B3-9A59-4BDF-93C4-ADA64BC3F198}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{13E831AF-F860-4961-936D-0B824A1E6E89}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe | 
"{2853E22D-F23D-49F7-B553-061F2A76F983}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{39CDD2B8-7572-43BD-BFBD-623DF39CB946}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{3CBB65AE-DFEB-43A7-AC71-AE0137D6966E}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe | 
"{3E57570F-B7E6-48B7-BB4C-89601F00B43A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{43ECF99D-F702-4A03-B970-1EECC9E57271}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{48B9F099-20F0-4688-8C28-67E0B5A96B70}" = protocol=6 | dir=in | app=c:\program files\google\google talk\googletalk.exe | 
"{4A3255F4-0056-4D1E-B3C5-11AE48E1FA69}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe | 
"{4C613E03-9FF0-465E-834F-A668782B8AA6}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{67D0FC26-6C07-4B9D-9112-18BCE5FF1C7D}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{71DA052F-FA6D-445C-9D98-E5ABF9ED645A}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe | 
"{8FBE1AD2-3E56-44F7-8CA4-E549495F595E}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe | 
"{908C4F3E-1EBC-4AED-B77E-A23A93461F1F}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe | 
"{934EEDA2-78D2-4078-8B0F-1812739C76B2}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{94ACB65F-B338-4949-9CC1-6418A59D648E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{994BF859-FA90-4517-ADAE-F16AABC09560}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe | 
"{A43DE983-5726-4D59-844D-5385E421F606}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A47F399B-28F9-4AF0-AA94-D6B168CEAC08}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{CB8A933B-1A6F-4158-93B5-4892BF277BCE}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{D5A86384-1294-496E-966B-169D98D015DA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{D6D5EF51-4540-46F6-843C-ED90642ECF21}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe | 
"{E5004AF1-4513-4109-B056-AE8273E6ACE5}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe | 
"{FA6B13DC-66E5-47DF-822E-BC59F54164C4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{FB3E8ACF-77F1-4DD2-A299-446C95AE107E}" = protocol=17 | dir=in | app=c:\program files\google\google talk\googletalk.exe | 
"{FCFFFE9C-A218-4CE4-9545-A96DED0774ED}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe | 
"TCP Query User{54A6C59D-A593-444F-8E5E-F70D9EB9D207}C:\users\luzifer\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light" = protocol=6 | dir=in | app=c:\users\luzifer\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light | 
"TCP Query User{6E7D4B6C-701B-499E-941D-5CFBE7A97C13}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe | 
"UDP Query User{DE619FF4-8963-42ED-9584-8C0866BF1CBF}C:\users\luzifer\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light" = protocol=17 | dir=in | app=c:\users\luzifer\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light | 
"UDP Query User{F118C519-5B1B-4EDC-9773-74F1E70531BB}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{018F8F57-B46B-B9B9-C452-DE8F5618434F}" = Catalyst Control Center Graphics Full Existing
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07C93E59-2DE3-1565-28A9-8C848B26D0F5}" = CCC Help German
"{088C7311-A3BB-43C5-B046-C114D2F9728C}" = VAIO Media plus
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{0A6F9244-8C79-1296-3A43-097F67EB666A}" = Catalyst Control Center Localization Dutch
"{0E3C2706-59A3-426E-A0EA-65BFF05048C7}" = VAIO Content Metadata Intelligent Analyzing Manager
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{1790FDA2-938F-C886-8988-1ECB74E45517}" = Catalyst Control Center Localization Norwegian
"{1C815731-19F3-0770-8776-D78D6BEBC291}" = Catalyst Control Center Localization Hungarian
"{1EC06E70-BE43-DAAA-A217-E5C98869B1F8}" = Catalyst Control Center Localization Greek
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{2018C019-30D9-4240-8C01-0865C10DCF5A}" = Unterstützung für VAIO-Präsentation
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{252E50FD-F27C-C8DD-C9E2-D2845A2DC399}" = ATI Catalyst Install Manager
"{25BA8D5A-228A-7192-6FA1-890D9F1C679F}" = CCC Help Korean
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{327B75F0-92AF-420A-988F-FA596A218E0B}" = VAIO Content Folder Watcher
"{36557787-E9BE-40E0-8627-C6C3486FF1CF}" = VAIO Content Metadata Intelligent Analyzing Manager
"{36BDB1C2-CC66-41EB-B7DD-76339A7BB046}" = VAIO Edit Components
"{3B311FB9-5B6A-328C-D7AE-2445D639D886}" = CCC Help Norwegian
"{3B659FAD-E772-44A3-B7E7-560FF084669F}" = VAIO Smart Network
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D333C7C-102B-F474-9524-72AAA3F292B8}" = Catalyst Control Center Localization Danish
"{3E2C691B-B7E6-4053-B5C3-94B8BC407E7A}" = Adobe Premiere Elements 4.0
"{4529BC6B-16AE-6829-4946-36C33DBF8DD1}" = Catalyst Control Center Localization French
"{46D7A7FB-305B-F77D-60F8-8FAE1C432374}" = Catalyst Control Center InstallProxy
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox
"{527EB2A4-BF51-B1B6-3F09-2032A861548E}" = Catalyst Control Center Graphics Light
"{52A7C6A6-6B88-47D1-922E-9F8A7E089E6A}" = Intel(R) PROSet/Wireless WiFi-Software
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{55AF809F-BD6D-45AF-A2C2-833308FA432A}" = VAIO Content Metadata XML Interface Library
"{55C0F7C1-8B6D-CBBD-2B88-EE7261A87254}" = CCC Help Greek
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5C5EE8F2-0B38-4C13-AE4E-A87A237FE718}" = 
"{5F5867F0-2D23-4338-A206-01A76C823924}" = VAIO Energie Verwaltung
"{629FD96D-5877-0832-2D31-0EFE781F870D}" = CCC Help Portuguese
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{6332AFF1-9D9A-429C-AA03-F82749FA4F49}" = SonicStage Mastering Studio
"{652C5DED-9B9F-93D0-5E94-931B8C38EF0E}" = Catalyst Control Center Localization Thai
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{69C8B1E3-2665-4A0F-B049-67746E5C4CE3}" = Software Info for Me&My VAIO
"{6A54CB6A-59D1-6A3A-08F3-E34ECF8905A9}" = Catalyst Control Center Graphics Previews Vista
"{6AA6EEA5-BF09-932B-AC25-0E9CCA4B709A}" = CCC Help Danish
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6C4EF0CA-A9DD-96CF-B722-CCDEB589DD26}" = Catalyst Control Center Localization Chinese Traditional
"{6D4673B7-A982-43E5-82E9-13E037681478}" = Click to Disc
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{711D43D7-24FE-A2B7-CC52-A48BCAAF3926}" = Catalyst Control Center Graphics Previews Common
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{73496381-83C9-7BE6-6EB6-4CF97C00E5FD}" = CCC Help Polish
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{75F52FAC-16CE-4A2A-B89A-9742F39A1864}" = VAIO Movie Story
"{76D7CCD6-8369-405C-B494-5F34FAE67249}" = Me&My VAIO
"{79BBD55C-9FF6-D496-8AE6-E2EC2829F974}" = Catalyst Control Center Localization Czech
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{7CC28423-465C-F4B9-9379-343DF715BE62}" = CCC Help Swedish
"{80828DF5-270E-F8E6-6274-55ACA4C7E229}" = Catalyst Control Center Localization Japanese
"{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}" = VAIO Update 4
"{84037798-D63A-F5CA-9FB2-829B362BF712}" = CCC Help Finnish
"{8470A1D9-536E-C7C1-AE2D-24B739B1665A}" = Catalyst Control Center Localization Russian
"{882683C6-8B60-5CBC-38A8-55ED185FD975}" = CCC Help Turkish
"{8843C5E1-51E5-DFA6-1AD8-757C8DCA7E37}" = CCC Help Russian
"{88C596E4-6882-8E76-EBEF-AB739F5A3B69}" = Catalyst Control Center Localization Italian
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C467DE1-6E04-0888-B281-172909C96F37}" = Skins
"{8C7FB08D-7A84-22E0-F553-F6B827023E17}" = CCC Help Chinese Traditional
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91F2D688-B8CB-4461-A92D-6B35279DAE8F}" = VAIO Content Folder Watcher
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{93F32124-BB54-C599-CF55-E1E57565BCE3}" = CCC Help Czech
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{96C951BB-47C8-8497-78F0-7D8D328B58E3}" = Catalyst Control Center Localization Portuguese
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" = 
"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music
"{9973498D-EA29-4A68-BE0B-C88D6E03E928}" = ArcSoft WebCam Companion 2
"{99D8CD4E-A5D2-A9DF-A152-B28EB5A71F85}" = Catalyst Control Center Localization German
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}" = SonicStage Mastering Studio Plugins
"{9EAC0E21-510E-4259-A9C6-F5D5B8969036}" = Catalyst Control Center - Branding
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A2052C95-48CC-4AC9-A8D4-FCD89DDD8F2C}" = VAIO Content Folder Watcher
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A939F952-1C7E-CBF8-EE77-CFBD9C6A4ECC}" = ccc-core-static
"{AA75988E-9EC1-EECE-CE00-D5D935974528}" = CCC Help Dutch
"{AC76BA86-1033-F400-BA7E-000000000004}" = Adobe Acrobat  9 Standard - English, Français, Deutsch
"{AC76BA86-1033-F400-BA7E-000000000004}{AC76BA86-1033-F400-BA7E-000000000004}" = Adobe Acrobat  9 Standard - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Deutsch
"{ACB5FD4A-6C58-972C-180C-9677C037E71D}" = Catalyst Control Center Localization Chinese Standard
"{ADBDB038-FF77-C672-04A1-7A0E67E8C73C}" = Catalyst Control Center Core Implementation
"{ADECE95F-585D-8B33-BF50-53C2BDA1E241}" = Catalyst Control Center Localization Korean
"{AE0FBCB5-3193-4583-C6CB-AA96F307EA70}" = ccc-utility
"{AFF10119-F154-4888-77F3-B149DE987976}" = Catalyst Control Center Localization Polish
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7C03E84-AF46-42F4-809D-D4127D9086D0}" = VAIO Edit Components 6.5
"{C1083DBC-C541-4E8C-91EA-D92397AB9A2C}" = OpenMG Secure Module 5.1.00
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C767EE67-9AA4-1CBF-8FD4-87F52CBB041D}" = CCC Help Italian
"{C8E57F8C-64FE-28D7-0F65-7BE87AF49745}" = Catalyst Control Center Graphics Full New
"{CAE07D54-A400-DAF9-912B-306DD941B61C}" = Catalyst Control Center Localization Finnish
"{CB6CF566-E06F-2556-55EF-EE149FC6EE7F}" = CCC Help French
"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Music Transfer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D035FBF6-FDEF-487D-89CA-6F9DD07B783F}" = Dolby Control Center
"{D355ECA7-DBF5-F22E-4E1A-BF69CFC5CED8}" = CCC Help Japanese
"{D44DF260-2D5A-3277-97D6-C97D1A806CF5}" = CCC Help Thai
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D5FBA9C1-21D3-4210-A604-CF9E38238F35}" = VAIO Entertainment Platform
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D7019E24-BF07-3690-18C7-3D0DE87D09AB}" = CCC Help Chinese Standard
"{D7FFE7EB-1A15-864C-B335-E768BF623B84}" = Catalyst Control Center Localization Swedish
"{DE1F799A-0A02-FF3B-8786-195E91D0DE94}" = CCC Help Spanish
"{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}" = SonicStage Mastering Studio Audio Filter
"{E31010F6-DE18-0E9F-E028-FC709306C6F1}" = Catalyst Control Center Localization Turkish
"{E3453B1B-C91B-4C48-B046-8DF635DD46F2}" = VAIO Content Metadata XML Interface Library
"{E464702F-5433-46EC-8F65-159276C0A54F}" = WIDCOMM Bluetooth Software 6.2.0.5800
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5BD6683-301D-B224-FB7C-320299CD51F9}" = CCC Help Hungarian
"{E9730C7A-E5DA-8222-45FE-2D71E810BE46}" = Catalyst Control Center Localization Spanish
"{EA39F1F5-D4A1-C02A-0865-7F6A95A33A56}" = CCC Help English
"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1
"{EADE97A7-E7AA-43FD-A042-92A68E0187A6}" = VAIO Content Metadata Manager Setting
"{EC37A846-53AC-4DA7-98FA-76A4E74AA900}" = Benutzerdefinierte Voreinstellungen für SonicStage Mastering Studio Audio Filter
"{ECB5774A-A39B-4419-A7D3-92F49C0FCAB3}" = VAIO Content Metadata Intelligent Analyzing Manager
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EDF6A69E-967B-4F17-B537-647CA205EC1D}" = VAIO Content Metadata Manager Setting
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2D7A126-9648-4588-9C3E-7C1E7FD22C23}" = SonicStage Mastering Studio
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F85C7118-F3DC-4ED9-AB27-3E7931EA3D88}" = Adobe Premiere Elements 4.0 Templates
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"avast" = avast! Free Antivirus
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"Converter_is1" = Converter version 0.1
"dt icon module" = 
"DVDVideoSoftTB_DE Toolbar" = DVDVideoSoftTB DE Toolbar
"eMule" = eMule
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"Free YouTube Download_is1" = Free YouTube Download version 3.1.42.1212
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.36.1201
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"InstallShield_{C1083DBC-C541-4E8C-91EA-D92397AB9A2C}" = OpenMG Secure Module 5.1.00
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.5.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"MarketingTools" = VAIO Marketing Tools
"MFU Module" = 
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Picasa2" = Picasa 2
"PremElem40" = Adobe Premiere Elements 4.0
"PremElem40Templates" = Adobe Premiere Elements 4.0 Templates
"ProInst" = Intel PROSet Wireless
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VAIO Help and Support" = 
"VLC media player" = VLC media player 2.0.5
"WNLT" = IB Updater Service
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1322557523-2006374409-1625639609-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"RYL2NORTHPOLE" = RYL2NORTHPOLE
"RYL2NORTHPOLE v2025" = RYL2NORTHPOLE v2025
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 14.05.2013 11:14:47 | Computer Name = Luzifer-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 14.05.2013 11:14:49 | Computer Name = Luzifer-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 15.05.2013 00:48:51 | Computer Name = Luzifer-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 15.05.2013 00:48:52 | Computer Name = Luzifer-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
Error - 15.05.2013 00:52:14 | Computer Name = Luzifer-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 15.05.2013 00:52:14 | Computer Name = Luzifer-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 15.05.2013 00:52:14 | Computer Name = Luzifer-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 15.05.2013 00:52:14 | Computer Name = Luzifer-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 15.05.2013 10:48:22 | Computer Name = Luzifer-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 15.05.2013 10:48:22 | Computer Name = Luzifer-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
 (Fehlercode = 0x80042019)
 
[ System Events ]
Error - 06.06.2013 00:32:13 | Computer Name = Luzifer-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 06.06.2013 00:32:13 | Computer Name = Luzifer-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 06.06.2013 12:17:11 | Computer Name = Luzifer-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 06.06.2013 12:17:11 | Computer Name = Luzifer-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 07.06.2013 05:10:29 | Computer Name = Luzifer-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 07.06.2013 05:10:29 | Computer Name = Luzifer-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 07.06.2013 07:57:39 | Computer Name = Luzifer-PC | Source = iaStor | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
 geantwortet.
 
Error - 08.06.2013 12:29:55 | Computer Name = Luzifer-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 07.06.2013 um 20:28:17 unerwartet heruntergefahren.
 
Error - 08.06.2013 12:30:41 | Computer Name = Luzifer-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 08.06.2013 12:30:41 | Computer Name = Luzifer-PC | Source = Service Control Manager | ID = 7026
Description = 
 
 
< End of report >
         
--- --- ---


Wenn mir jemand sagt, wie ich eine neue Extra datei erstelle, mach ich das natürlich auch......

Hi markusg,
sorry, ich will nicht hetzen, habe nächste woche spätschicht und traue mich kaum an den Rechner um irgendwas zu machen, da ich nicht weiss, was ich da aufm rechner habe.
Warte auf sehnsüchtig auf weitere Anweisungen


Alt 09.06.2013, 18:26   #6
markusg
/// Malware-holic
 
Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun? - Standard

Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun?



Hi,
das ist normal
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
--> Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun?

Alt 09.06.2013, 19:58   #7
sweeby1982
 
Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun? - Standard

Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun?



ok, hier die TDSSlog
20:28:40.0111 1464 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:28:40.0228 1464 ============================================================
20:28:40.0228 1464 Current date / time: 2013/06/09 20:28:40.0228
20:28:40.0228 1464 SystemInfo:
20:28:40.0228 1464
20:28:40.0228 1464 OS Version: 6.0.6002 ServicePack: 2.0
20:28:40.0228 1464 Product type: Workstation
20:28:40.0228 1464 ComputerName: LUZIFER-PC
20:28:40.0228 1464 UserName: Luzifer
20:28:40.0228 1464 Windows directory: C:\Windows
20:28:40.0228 1464 System windows directory: C:\Windows
20:28:40.0228 1464 Processor architecture: Intel x86
20:28:40.0228 1464 Number of processors: 2
20:28:40.0228 1464 Page size: 0x1000
20:28:40.0229 1464 Boot type: Normal boot
20:28:40.0229 1464 ============================================================
20:28:40.0948 1464 Drive \Device\Harddisk0\DR0 - Size: 0x5D27216000 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:28:40.0961 1464 ============================================================
20:28:40.0961 1464 \Device\Harddisk0\DR0:
20:28:40.0961 1464 MBR partitions:
20:28:40.0962 1464 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x19FB800, BlocksNum 0x1B3B77F8
20:28:40.0962 1464 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1CDB3000, BlocksNum 0x8DDDFF8
20:28:40.0992 1464 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x25B91800, BlocksNum 0x8DA7000
20:28:40.0992 1464 ============================================================
20:28:41.0050 1464 C: <-> \Device\Harddisk0\DR0\Partition1
20:28:41.0093 1464 D: <-> \Device\Harddisk0\DR0\Partition3
20:28:41.0142 1464 G: <-> \Device\Harddisk0\DR0\Partition2
20:28:41.0143 1464 ============================================================
20:28:41.0143 1464 Initialize success
20:28:41.0143 1464 ============================================================
20:51:46.0396 3544 ============================================================
20:51:46.0396 3544 Scan started
20:51:46.0396 3544 Mode: Manual; SigCheck; TDLFS;
20:51:46.0396 3544 ============================================================
20:51:47.0176 3544 ================ Scan system memory ========================
20:51:47.0176 3544 System memory - ok
20:51:47.0176 3544 ================ Scan services =============================
20:51:47.0878 3544 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
20:51:48.0112 3544 ACDaemon - ok
20:51:48.0845 3544 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
20:51:48.0923 3544 ACPI - ok
20:51:49.0079 3544 [ E8FE4FCE23D2809BD88BCC1D0F8408CE ] AdobeActiveFileMonitor6.0 c:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
20:51:49.0126 3544 AdobeActiveFileMonitor6.0 - ok
20:51:49.0251 3544 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:51:49.0313 3544 AdobeARMservice - ok
20:51:49.0438 3544 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:51:49.0500 3544 AdobeFlashPlayerUpdateSvc - ok
20:51:49.0563 3544 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:51:49.0641 3544 adp94xx - ok
20:51:49.0703 3544 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:51:49.0765 3544 adpahci - ok
20:51:49.0812 3544 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
20:51:49.0875 3544 adpu160m - ok
20:51:49.0906 3544 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:51:49.0953 3544 adpu320 - ok
20:51:49.0984 3544 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:51:50.0077 3544 AeLookupSvc - ok
20:51:50.0140 3544 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
20:51:50.0249 3544 AFD - ok
20:51:50.0296 3544 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:51:50.0327 3544 agp440 - ok
20:51:50.0374 3544 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
20:51:50.0389 3544 aic78xx - ok
20:51:50.0421 3544 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
20:51:50.0467 3544 ALG - ok
20:51:50.0499 3544 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
20:51:50.0530 3544 aliide - ok
20:51:50.0545 3544 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:51:50.0561 3544 amdagp - ok
20:51:50.0577 3544 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
20:51:50.0608 3544 amdide - ok
20:51:50.0623 3544 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
20:51:50.0686 3544 AmdK7 - ok
20:51:50.0701 3544 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:51:50.0779 3544 AmdK8 - ok
20:51:50.0842 3544 [ 9325E49D555D8F12CE1735227DBB3D80 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
20:51:50.0857 3544 ApfiltrService - ok
20:51:50.0904 3544 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
20:51:50.0982 3544 Appinfo - ok
20:51:51.0013 3544 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
20:51:51.0029 3544 arc - ok
20:51:51.0076 3544 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:51:51.0107 3544 arcsas - ok
20:51:51.0138 3544 [ 857B48965A0503B7AB795D4BFE7CBD8B ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
20:51:51.0169 3544 ArcSoftKsUFilter - ok
20:51:51.0201 3544 [ 4AF5F360BA1E8794D32B366E45A64A0A ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
20:51:51.0232 3544 aswFsBlk - ok
20:51:51.0294 3544 [ 1F7094D4268D46F718C51286DC189791 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
20:51:51.0310 3544 aswMonFlt - ok
20:51:51.0325 3544 [ 7B43265F92257A21CBFD88E7A651044C ] AswRdr C:\Windows\system32\drivers\AswRdr.sys
20:51:51.0341 3544 AswRdr - ok
20:51:51.0357 3544 [ B680134BA1813B78B47FDD1DFF223CA5 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
20:51:51.0388 3544 aswRvrt - ok
20:51:51.0419 3544 [ 6CAB0A5991C5C0FC63F5E66593E71D7E ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
20:51:51.0481 3544 aswSnx - ok
20:51:51.0528 3544 [ 99102F60F344BEBAF4F6114514FD28D3 ] aswSP C:\Windows\system32\drivers\aswSP.sys
20:51:51.0591 3544 aswSP - ok
20:51:51.0622 3544 [ 1F71F170D90E42EFDE9633D81D5E12DC ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
20:51:51.0637 3544 aswTdi - ok
20:51:51.0653 3544 [ 16B8E3CD50A460EC32CA680C8210A0A9 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
20:51:51.0669 3544 aswVmm - ok
20:51:51.0700 3544 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:51:51.0762 3544 AsyncMac - ok
20:51:51.0793 3544 [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi C:\Windows\system32\drivers\atapi.sys
20:51:51.0809 3544 atapi - ok
20:51:51.0887 3544 [ 6455100A6CDB1DEDC551E12FD41BC519 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
20:51:51.0996 3544 Ati External Event Utility - ok
20:51:52.0480 3544 [ 9F66D1BA97911731133E46212539A08D ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:51:52.0761 3544 atikmdag - ok
20:51:52.0823 3544 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:51:52.0917 3544 AudioEndpointBuilder - ok
20:51:52.0948 3544 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:51:52.0995 3544 Audiosrv - ok
20:51:53.0057 3544 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
20:51:53.0073 3544 avast! Antivirus - ok
20:51:53.0135 3544 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
20:51:53.0229 3544 Beep - ok
20:51:53.0291 3544 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
20:51:53.0400 3544 BFE - ok
20:51:53.0587 3544 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
20:51:53.0743 3544 BITS - ok
20:51:53.0775 3544 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
20:51:53.0837 3544 blbdrive - ok
20:51:53.0899 3544 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:51:53.0977 3544 bowser - ok
20:51:54.0024 3544 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
20:51:54.0087 3544 BrFiltLo - ok
20:51:54.0102 3544 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
20:51:54.0180 3544 BrFiltUp - ok
20:51:54.0243 3544 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
20:51:54.0367 3544 Browser - ok
20:51:54.0882 3544 [ 013A330F16B1CECBDE5CB6F921689523 ] BrowserDefendert C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
20:51:55.0038 3544 BrowserDefendert - ok
20:51:55.0069 3544 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
20:51:55.0132 3544 Brserid - ok
20:51:55.0163 3544 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
20:51:55.0319 3544 BrSerWdm - ok
20:51:55.0335 3544 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
20:51:55.0428 3544 BrUsbMdm - ok
20:51:55.0444 3544 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
20:51:55.0506 3544 BrUsbSer - ok
20:51:55.0537 3544 [ CCE53AFC28347CC18EA139972E5B5E5A ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
20:51:55.0600 3544 BthEnum - ok
20:51:55.0631 3544 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:51:55.0725 3544 BTHMODEM - ok
20:51:55.0756 3544 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:51:55.0818 3544 BthPan - ok
20:51:55.0881 3544 [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
20:51:55.0990 3544 BTHPORT - ok
20:51:56.0052 3544 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
20:51:56.0115 3544 BthServ - ok
20:51:56.0146 3544 [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
20:51:56.0224 3544 BTHUSB - ok
20:51:56.0271 3544 [ 14164C0CFD9D5A2704FDAB93A9688630 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
20:51:56.0302 3544 btwaudio - ok
20:51:56.0333 3544 [ 94DC6E5F3F532C5054F078D845714129 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
20:51:56.0349 3544 btwavdt - ok
20:51:56.0489 3544 [ C832A3622A35CA7C595EA8CA385BA813 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
20:51:56.0536 3544 btwdins - ok
20:51:56.0583 3544 [ B9920FB30BCAFF10C111654909B275C9 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
20:51:56.0598 3544 btwl2cap - ok
20:51:56.0614 3544 [ 61E29BA977B972C9BAA847CC11D48C3D ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
20:51:56.0645 3544 btwrchid - ok
20:51:56.0692 3544 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:51:56.0770 3544 cdfs - ok
20:51:56.0801 3544 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:51:56.0863 3544 cdrom - ok
20:51:56.0941 3544 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
20:51:57.0035 3544 CertPropSvc - ok
20:51:57.0051 3544 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
20:51:57.0097 3544 circlass - ok
20:51:57.0160 3544 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
20:51:57.0207 3544 CLFS - ok
20:51:57.0456 3544 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:51:57.0519 3544 clr_optimization_v2.0.50727_32 - ok
20:51:57.0597 3544 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:51:57.0643 3544 clr_optimization_v4.0.30319_32 - ok
20:51:57.0690 3544 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:51:57.0784 3544 CmBatt - ok
20:51:57.0815 3544 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:51:57.0862 3544 cmdide - ok
20:51:57.0893 3544 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:51:57.0940 3544 Compbatt - ok
20:51:57.0955 3544 COMSysApp - ok
20:51:57.0971 3544 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:51:58.0018 3544 crcdisk - ok
20:51:58.0049 3544 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
20:51:58.0127 3544 Crusoe - ok
20:51:58.0189 3544 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:51:58.0283 3544 CryptSvc - ok
20:51:58.0423 3544 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:51:58.0533 3544 DcomLaunch - ok
20:51:58.0626 3544 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:51:58.0720 3544 DfsC - ok
20:51:59.0063 3544 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
20:51:59.0297 3544 DFSR - ok
20:51:59.0391 3544 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
20:51:59.0453 3544 Dhcp - ok
20:51:59.0484 3544 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
20:51:59.0515 3544 disk - ok
20:51:59.0578 3544 [ F206E28ED74C491FD5D7C0A1119CE37F ] DMICall C:\Windows\system32\DRIVERS\DMICall.sys
20:51:59.0593 3544 DMICall - ok
20:51:59.0640 3544 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:51:59.0687 3544 Dnscache - ok
20:51:59.0749 3544 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:51:59.0843 3544 dot3svc - ok
20:51:59.0890 3544 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
20:51:59.0999 3544 DPS - ok
20:52:00.0061 3544 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:52:00.0139 3544 drmkaud - ok
20:52:00.0295 3544 [ 5DE0FAEC9E5D1AAE74F8568897891A01 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:52:00.0405 3544 DXGKrnl - ok
20:52:00.0467 3544 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
20:52:00.0514 3544 E1G60 - ok
20:52:00.0576 3544 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
20:52:00.0639 3544 EapHost - ok
20:52:00.0748 3544 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
20:52:00.0810 3544 Ecache - ok
20:52:00.0919 3544 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:52:00.0997 3544 ehRecvr - ok
20:52:01.0029 3544 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
20:52:01.0107 3544 ehSched - ok
20:52:01.0122 3544 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
20:52:01.0185 3544 ehstart - ok
20:52:01.0247 3544 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:52:01.0325 3544 elxstor - ok
20:52:01.0497 3544 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
20:52:01.0637 3544 EMDMgmt - ok
20:52:01.0684 3544 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:52:01.0746 3544 ErrDev - ok
20:52:01.0840 3544 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
20:52:01.0933 3544 EventSystem - ok
20:52:02.0136 3544 [ BA6063E3375F9BC11A9C8450A7F61E70 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
20:52:02.0230 3544 EvtEng ( UnsignedFile.Multi.Generic ) - warning
20:52:02.0230 3544 EvtEng - detected UnsignedFile.Multi.Generic (1)
20:52:02.0292 3544 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
20:52:02.0401 3544 exfat - ok
20:52:02.0479 3544 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:52:02.0573 3544 fastfat - ok
20:52:02.0620 3544 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:52:02.0713 3544 fdc - ok
20:52:02.0776 3544 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
20:52:02.0869 3544 fdPHost - ok
20:52:02.0885 3544 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
20:52:03.0041 3544 FDResPub - ok
20:52:03.0088 3544 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:52:03.0135 3544 FileInfo - ok
20:52:03.0166 3544 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:52:03.0275 3544 Filetrace - ok
20:52:03.0353 3544 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:52:03.0478 3544 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
20:52:03.0478 3544 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
20:52:03.0540 3544 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:52:03.0649 3544 flpydisk - ok
20:52:03.0743 3544 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:52:03.0805 3544 FltMgr - ok
20:52:03.0915 3544 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
20:52:03.0977 3544 FontCache - ok
20:52:04.0117 3544 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:52:04.0133 3544 FontCache3.0.0.0 - ok
20:52:04.0195 3544 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:52:04.0273 3544 Fs_Rec - ok
20:52:04.0320 3544 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:52:04.0336 3544 gagp30kx - ok
20:52:04.0398 3544 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
20:52:04.0492 3544 gpsvc - ok
20:52:04.0632 3544 [ 649F407A844DDE2B97BC086AF97D663B ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:52:04.0679 3544 gusvc - ok
20:52:04.0726 3544 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:52:04.0804 3544 HdAudAddService - ok
20:52:04.0960 3544 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:52:05.0116 3544 HDAudBus - ok
20:52:05.0147 3544 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:52:05.0287 3544 HidBth - ok
20:52:05.0334 3544 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
20:52:05.0490 3544 HidIr - ok
20:52:05.0553 3544 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
20:52:05.0631 3544 hidserv - ok
20:52:05.0677 3544 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:52:05.0771 3544 HidUsb - ok
20:52:05.0818 3544 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:52:05.0927 3544 hkmsvc - ok
20:52:05.0989 3544 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
20:52:06.0036 3544 HpCISSs - ok
20:52:06.0114 3544 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
20:52:06.0177 3544 HSFHWAZL - ok
20:52:06.0239 3544 [ 7BC42C65B5C6281777C1A7605B253BA8 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
20:52:06.0457 3544 HSF_DPV - ok
20:52:06.0520 3544 [ 9EBF2D102CCBB6BCDFBF1B7922F8BA2E ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
20:52:06.0582 3544 HSXHWAZL - ok
20:52:06.0645 3544 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:52:06.0754 3544 HTTP - ok
20:52:06.0816 3544 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
20:52:06.0879 3544 i2omp - ok
20:52:06.0925 3544 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:52:07.0003 3544 i8042prt - ok
20:52:07.0113 3544 [ 8EF427C54497C5F8A7A645990E4278C7 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
20:52:07.0159 3544 iaStor - ok
20:52:07.0206 3544 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
20:52:07.0269 3544 iaStorV - ok
20:52:07.0393 3544 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:52:07.0518 3544 idsvc - ok
20:52:07.0549 3544 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:52:07.0581 3544 iirsp - ok
20:52:07.0627 3544 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
20:52:07.0768 3544 IKEEXT - ok
20:52:07.0971 3544 [ 4A0F260DF9A5333C07F4AB40CA9D4F4B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
20:52:08.0220 3544 IntcAzAudAddService - ok
20:52:08.0267 3544 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
20:52:08.0314 3544 intelide - ok
20:52:08.0361 3544 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:52:08.0439 3544 intelppm - ok
20:52:08.0470 3544 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:52:08.0532 3544 IPBusEnum - ok
20:52:08.0548 3544 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:52:08.0610 3544 IpFilterDriver - ok
20:52:08.0641 3544 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:52:08.0688 3544 iphlpsvc - ok
20:52:08.0704 3544 IpInIp - ok
20:52:08.0719 3544 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
20:52:08.0797 3544 IPMIDRV - ok
20:52:08.0829 3544 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
20:52:08.0875 3544 IPNAT - ok
20:52:08.0891 3544 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:52:08.0922 3544 IRENUM - ok
20:52:08.0969 3544 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:52:09.0000 3544 isapnp - ok
20:52:09.0031 3544 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
20:52:09.0063 3544 iScsiPrt - ok
20:52:09.0078 3544 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
20:52:09.0109 3544 iteatapi - ok
20:52:09.0141 3544 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
20:52:09.0172 3544 iteraid - ok
20:52:09.0234 3544 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
20:52:09.0250 3544 IviRegMgr - ok
20:52:09.0281 3544 jgwlhdkr - ok
20:52:09.0297 3544 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:52:09.0312 3544 kbdclass - ok
20:52:09.0343 3544 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:52:09.0390 3544 kbdhid - ok
20:52:09.0453 3544 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
20:52:09.0515 3544 KeyIso - ok
20:52:09.0546 3544 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:52:09.0577 3544 KSecDD - ok
20:52:09.0640 3544 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
20:52:09.0718 3544 KtmRm - ok
20:52:09.0780 3544 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
20:52:09.0811 3544 LanmanServer - ok
20:52:09.0827 3544 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:52:09.0858 3544 LanmanWorkstation - ok
20:52:09.0905 3544 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:52:09.0952 3544 lltdio - ok
20:52:09.0999 3544 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:52:10.0077 3544 lltdsvc - ok
20:52:10.0108 3544 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:52:10.0201 3544 lmhosts - ok
20:52:10.0233 3544 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:52:10.0264 3544 LSI_FC - ok
20:52:10.0279 3544 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:52:10.0295 3544 LSI_SAS - ok
20:52:10.0311 3544 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:52:10.0342 3544 LSI_SCSI - ok
20:52:10.0357 3544 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
20:52:10.0420 3544 luafv - ok
20:52:10.0467 3544 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:52:10.0529 3544 Mcx2Svc - ok
20:52:10.0576 3544 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
20:52:10.0623 3544 mdmxsdk - ok
20:52:10.0654 3544 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
20:52:10.0685 3544 megasas - ok
20:52:10.0732 3544 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
20:52:10.0763 3544 MegaSR - ok
20:52:10.0857 3544 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
20:52:10.0919 3544 Microsoft Office Groove Audit Service - ok
20:52:10.0950 3544 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
20:52:11.0028 3544 MMCSS - ok
20:52:11.0059 3544 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
20:52:11.0153 3544 Modem - ok
20:52:11.0184 3544 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:52:11.0262 3544 monitor - ok
20:52:11.0293 3544 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:52:11.0356 3544 mouclass - ok
20:52:11.0387 3544 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:52:11.0481 3544 mouhid - ok
20:52:11.0512 3544 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
20:52:11.0559 3544 MountMgr - ok
20:52:11.0637 3544 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:52:11.0683 3544 MozillaMaintenance - ok
20:52:11.0730 3544 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
20:52:11.0777 3544 mpio - ok
20:52:11.0808 3544 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:52:11.0902 3544 mpsdrv - ok
20:52:12.0058 3544 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
20:52:12.0183 3544 MpsSvc - ok
20:52:12.0245 3544 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
20:52:12.0307 3544 Mraid35x - ok
20:52:12.0354 3544 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:52:12.0448 3544 MRxDAV - ok
20:52:12.0479 3544 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:52:12.0573 3544 mrxsmb - ok
20:52:12.0635 3544 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:52:12.0713 3544 mrxsmb10 - ok
20:52:12.0775 3544 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:52:12.0822 3544 mrxsmb20 - ok
20:52:12.0853 3544 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
20:52:12.0885 3544 msahci - ok
20:52:12.0963 3544 [ A99D2C7E30AD63EF920A894131CAF5F7 ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
20:52:13.0025 3544 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - warning
20:52:13.0025 3544 MSCSPTISRV - detected UnsignedFile.Multi.Generic (1)
20:52:13.0056 3544 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:52:13.0103 3544 msdsm - ok
20:52:13.0119 3544 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
20:52:13.0181 3544 MSDTC - ok
20:52:13.0228 3544 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:52:13.0290 3544 Msfs - ok
20:52:13.0353 3544 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:52:13.0399 3544 msisadrv - ok
20:52:13.0446 3544 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:52:13.0555 3544 MSiSCSI - ok
20:52:13.0571 3544 msiserver - ok
20:52:13.0618 3544 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:52:13.0711 3544 MSKSSRV - ok
20:52:13.0758 3544 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:52:13.0836 3544 MSPCLOCK - ok
20:52:13.0883 3544 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:52:13.0945 3544 MSPQM - ok
20:52:14.0055 3544 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:52:14.0117 3544 MsRPC - ok
20:52:14.0179 3544 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
20:52:14.0226 3544 mssmbios - ok
20:52:14.0257 3544 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:52:14.0351 3544 MSTEE - ok
20:52:14.0398 3544 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
20:52:14.0460 3544 Mup - ok
20:52:14.0554 3544 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
20:52:14.0663 3544 napagent - ok
20:52:14.0725 3544 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:52:14.0803 3544 NativeWifiP - ok
20:52:14.0975 3544 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:52:15.0037 3544 NDIS - ok
20:52:15.0100 3544 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:52:15.0178 3544 NdisTapi - ok
20:52:15.0193 3544 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:52:15.0256 3544 Ndisuio - ok
20:52:15.0303 3544 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:52:15.0365 3544 NdisWan - ok
20:52:15.0381 3544 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:52:15.0427 3544 NDProxy - ok
20:52:15.0459 3544 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:52:15.0521 3544 NetBIOS - ok
20:52:15.0583 3544 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
20:52:15.0677 3544 netbt - ok
20:52:15.0693 3544 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
20:52:15.0739 3544 Netlogon - ok
20:52:15.0833 3544 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
20:52:15.0958 3544 Netman - ok
20:52:15.0989 3544 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
20:52:16.0114 3544 netprofm - ok
20:52:16.0176 3544 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:52:16.0239 3544 NetTcpPortSharing - ok
20:52:16.0707 3544 [ BA420E8EBFCAD35581FE8E4C64F71469 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys
20:52:17.0112 3544 NETw5v32 - ok
20:52:17.0159 3544 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:52:17.0221 3544 nfrd960 - ok
20:52:17.0284 3544 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:52:17.0377 3544 NlaSvc - ok
20:52:17.0440 3544 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:52:17.0502 3544 Npfs - ok
20:52:17.0549 3544 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
20:52:17.0596 3544 nsi - ok
20:52:17.0611 3544 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:52:17.0674 3544 nsiproxy - ok
20:52:17.0799 3544 [ B30F5C423B45A6668EADAD883678E2D0 ] NSUService C:\Program Files\sony\Network Utility\NSUService.exe
20:52:17.0845 3544 NSUService ( UnsignedFile.Multi.Generic ) - warning
20:52:17.0845 3544 NSUService - detected UnsignedFile.Multi.Generic (1)
20:52:17.0939 3544 [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:52:18.0095 3544 Ntfs - ok
20:52:18.0157 3544 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
20:52:18.0313 3544 ntrigdigi - ok
20:52:18.0345 3544 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
20:52:18.0454 3544 Null - ok
20:52:18.0501 3544 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:52:18.0563 3544 nvraid - ok
20:52:18.0579 3544 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:52:18.0641 3544 nvstor - ok
20:52:18.0672 3544 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:52:18.0735 3544 nv_agp - ok
20:52:18.0750 3544 NwlnkFlt - ok
20:52:18.0766 3544 NwlnkFwd - ok
20:52:18.0937 3544 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:52:19.0000 3544 odserv - ok
20:52:19.0047 3544 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
20:52:19.0125 3544 ohci1394 - ok
20:52:19.0187 3544 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:52:19.0234 3544 ose - ok
20:52:19.0359 3544 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
20:52:19.0499 3544 p2pimsvc - ok
20:52:19.0561 3544 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
20:52:19.0593 3544 p2psvc - ok
20:52:19.0655 3544 [ 41C33FB4FD929FED732A00D2DAEF5BE0 ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
20:52:19.0702 3544 PACSPTISVR ( UnsignedFile.Multi.Generic ) - warning
20:52:19.0702 3544 PACSPTISVR - detected UnsignedFile.Multi.Generic (1)
20:52:19.0733 3544 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
20:52:19.0795 3544 Parport - ok
20:52:19.0842 3544 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:52:19.0873 3544 partmgr - ok
20:52:19.0889 3544 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
20:52:19.0967 3544 Parvdm - ok
20:52:20.0014 3544 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
20:52:20.0045 3544 PcaSvc - ok
20:52:20.0076 3544 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
20:52:20.0092 3544 pci - ok
20:52:20.0107 3544 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
20:52:20.0139 3544 pciide - ok
20:52:20.0170 3544 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:52:20.0201 3544 pcmcia - ok
20:52:20.0263 3544 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:52:20.0419 3544 PEAUTH - ok
20:52:20.0669 3544 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
20:52:20.0856 3544 pla - ok
20:52:20.0903 3544 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:52:20.0950 3544 PlugPlay - ok
20:52:20.0997 3544 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
20:52:21.0028 3544 PNRPAutoReg - ok
20:52:21.0059 3544 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
20:52:21.0121 3544 PNRPsvc - ok
20:52:21.0137 3544 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:52:21.0215 3544 PolicyAgent - ok
20:52:21.0246 3544 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:52:21.0309 3544 PptpMiniport - ok
20:52:21.0340 3544 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
20:52:21.0387 3544 Processor - ok
20:52:21.0496 3544 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
20:52:21.0652 3544 ProfSvc - ok
20:52:21.0667 3544 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
20:52:21.0730 3544 ProtectedStorage - ok
20:52:21.0855 3544 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
20:52:21.0901 3544 PSched - ok
20:52:21.0979 3544 [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
20:52:21.0995 3544 PxHelp20 - ok
20:52:22.0260 3544 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:52:22.0416 3544 ql2300 - ok
20:52:22.0447 3544 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:52:22.0494 3544 ql40xx - ok
20:52:22.0525 3544 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
20:52:22.0603 3544 QWAVE - ok
20:52:22.0650 3544 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:52:22.0697 3544 QWAVEdrv - ok
20:52:22.0713 3544 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:52:22.0822 3544 RasAcd - ok
20:52:22.0853 3544 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
20:52:22.0931 3544 RasAuto - ok
20:52:22.0947 3544 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:52:23.0009 3544 Rasl2tp - ok
20:52:23.0087 3544 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
20:52:23.0149 3544 RasMan - ok
20:52:23.0196 3544 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:52:23.0274 3544 RasPppoe - ok
20:52:23.0321 3544 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:52:23.0352 3544 RasSstp - ok
20:52:23.0399 3544 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:52:23.0430 3544 rdbss - ok
20:52:23.0461 3544 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:52:23.0524 3544 RDPCDD - ok
20:52:23.0555 3544 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
20:52:23.0602 3544 rdpdr - ok
20:52:23.0617 3544 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:52:23.0664 3544 RDPENCDD - ok
20:52:23.0711 3544 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:52:23.0742 3544 RDPWD - ok
20:52:23.0773 3544 [ 001B4278407F4303EFC902A2B16F2453 ] regi C:\Windows\system32\drivers\regi.sys
20:52:23.0789 3544 regi - ok
20:52:23.0883 3544 [ 7EEEEC28A34516E66137F355DCC15BDB ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
20:52:23.0898 3544 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
20:52:23.0898 3544 RegSrvc - detected UnsignedFile.Multi.Generic (1)
20:52:23.0945 3544 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:52:23.0992 3544 RemoteAccess - ok
20:52:24.0039 3544 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:52:24.0070 3544 RemoteRegistry - ok
20:52:24.0101 3544 [ 23F486726DA7A9B2F3EC7326421A9C36 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:52:24.0132 3544 RFCOMM - ok
20:52:24.0179 3544 [ F7D9ECF41EBD3CF6C65944368150F66B ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
20:52:24.0226 3544 rimsptsk - ok
20:52:24.0241 3544 [ 1BE6C42767A7C67BA31AE32B293B37A3 ] risdptsk C:\Windows\system32\DRIVERS\risdptsk.sys
20:52:24.0273 3544 risdptsk - ok
20:52:24.0304 3544 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
20:52:24.0351 3544 RpcLocator - ok
20:52:24.0397 3544 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
20:52:24.0444 3544 RpcSs - ok
20:52:24.0444 3544 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:52:24.0507 3544 rspndr - ok
20:52:24.0585 3544 [ 065A51298212455584F1811B033B617E ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys
20:52:24.0600 3544 RTHDMIAzAudService - ok
20:52:24.0631 3544 [ DF1970AB067B4BA4221F0AD0AB9EBB30 ] RtkAudioService C:\Windows\RtkAudioService.exe
20:52:24.0678 3544 RtkAudioService ( UnsignedFile.Multi.Generic ) - warning
20:52:24.0678 3544 RtkAudioService - detected UnsignedFile.Multi.Generic (1)
20:52:24.0678 3544 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
20:52:24.0709 3544 SamSs - ok
20:52:24.0741 3544 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:52:24.0756 3544 sbp2port - ok
20:52:24.0819 3544 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:52:24.0865 3544 SCardSvr - ok
20:52:24.0912 3544 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
20:52:25.0021 3544 Schedule - ok
20:52:25.0053 3544 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:52:25.0084 3544 SCPolicySvc - ok
20:52:25.0131 3544 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
20:52:25.0193 3544 sdbus - ok
20:52:25.0224 3544 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:52:25.0287 3544 SDRSVC - ok
20:52:25.0302 3544 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:52:25.0396 3544 secdrv - ok
20:52:25.0411 3544 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
20:52:25.0474 3544 seclogon - ok
20:52:25.0489 3544 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
20:52:25.0567 3544 SENS - ok
20:52:25.0614 3544 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
20:52:25.0692 3544 Serenum - ok
20:52:25.0708 3544 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
20:52:25.0801 3544 Serial - ok
20:52:25.0833 3544 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:52:25.0879 3544 sermouse - ok
20:52:25.0926 3544 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
20:52:25.0989 3544 SessionEnv - ok
20:52:26.0051 3544 [ 8B7C1768D2CDE2E02E09A66563DDFD16 ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
20:52:26.0098 3544 SFEP - ok
20:52:26.0129 3544 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:52:26.0160 3544 sffdisk - ok
20:52:26.0176 3544 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:52:26.0238 3544 sffp_mmc - ok
20:52:26.0254 3544 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:52:26.0285 3544 sffp_sd - ok
20:52:26.0301 3544 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:52:26.0379 3544 sfloppy - ok
20:52:26.0441 3544 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:52:26.0503 3544 SharedAccess - ok
20:52:26.0566 3544 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:52:26.0644 3544 ShellHWDetection - ok
20:52:26.0659 3544 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:52:26.0706 3544 sisagp - ok
20:52:26.0737 3544 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
20:52:26.0769 3544 SiSRaid2 - ok
20:52:26.0800 3544 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:52:26.0831 3544 SiSRaid4 - ok
20:52:26.0893 3544 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
20:52:26.0925 3544 SkypeUpdate - ok
20:52:27.0221 3544 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
20:52:27.0580 3544 slsvc - ok
20:52:27.0627 3544 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
20:52:27.0689 3544 SLUINotify - ok
20:52:27.0720 3544 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:52:27.0798 3544 Smb - ok
20:52:27.0845 3544 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:52:27.0892 3544 SNMPTRAP - ok
20:52:28.0032 3544 [ 1A9DD46C547646A54CDB4065C1996A07 ] SOHCImp C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe
20:52:28.0095 3544 SOHCImp - ok
20:52:28.0141 3544 [ 2E1B0D8278BB616148DDCA13DAE87544 ] SOHDms C:\Program Files\Sony\VAIO Media plus\SOHDms.exe
20:52:28.0204 3544 SOHDms - ok
20:52:28.0251 3544 [ 892529EE03211C35AEA7132E119F4862 ] SOHDs C:\Program Files\Sony\VAIO Media plus\SOHDs.exe
20:52:28.0297 3544 SOHDs - ok
20:52:28.0344 3544 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
20:52:28.0391 3544 spldr - ok
20:52:28.0438 3544 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
20:52:28.0485 3544 Spooler - ok
20:52:28.0531 3544 [ F63102F289AE2039940B22E9B2A8E0BD ] SPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
20:52:28.0547 3544 SPTISRV ( UnsignedFile.Multi.Generic ) - warning
20:52:28.0547 3544 SPTISRV - detected UnsignedFile.Multi.Generic (1)
20:52:28.0578 3544 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:52:28.0656 3544 srv - ok
20:52:28.0703 3544 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:52:28.0750 3544 srv2 - ok
20:52:28.0765 3544 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:52:28.0797 3544 srvnet - ok
20:52:28.0828 3544 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:52:28.0890 3544 SSDPSRV - ok
20:52:28.0937 3544 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:52:28.0984 3544 SstpSvc - ok
20:52:29.0077 3544 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
20:52:29.0124 3544 stisvc - ok
20:52:29.0140 3544 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
20:52:29.0155 3544 swenum - ok
20:52:29.0265 3544 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
20:52:29.0389 3544 swprv - ok
20:52:29.0405 3544 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
20:52:29.0421 3544 Symc8xx - ok
20:52:29.0436 3544 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
20:52:29.0452 3544 Sym_hi - ok
20:52:29.0467 3544 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
20:52:29.0499 3544 Sym_u3 - ok
20:52:29.0577 3544 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
20:52:29.0686 3544 SysMain - ok
20:52:29.0733 3544 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:52:29.0764 3544 TabletInputService - ok
20:52:29.0842 3544 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:52:29.0935 3544 TapiSrv - ok
20:52:29.0967 3544 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
20:52:30.0045 3544 TBS - ok
20:52:30.0185 3544 [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:52:30.0325 3544 Tcpip - ok
20:52:30.0403 3544 [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
20:52:30.0450 3544 Tcpip6 - ok
20:52:30.0497 3544 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:52:30.0528 3544 tcpipreg - ok
20:52:30.0559 3544 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:52:30.0637 3544 TDPIPE - ok
20:52:30.0669 3544 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:52:30.0715 3544 TDTCP - ok
20:52:30.0778 3544 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:52:30.0825 3544 tdx - ok
20:52:30.0840 3544 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
20:52:30.0871 3544 TermDD - ok
20:52:30.0934 3544 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
20:52:31.0012 3544 TermService - ok
20:52:31.0043 3544 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
20:52:31.0074 3544 Themes - ok
20:52:31.0090 3544 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
20:52:31.0137 3544 THREADORDER - ok
20:52:31.0183 3544 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
20:52:31.0277 3544 TrkWks - ok
20:52:31.0355 3544 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:52:31.0464 3544 TrustedInstaller - ok
20:52:31.0511 3544 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:52:31.0620 3544 tssecsrv - ok
20:52:31.0667 3544 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
20:52:31.0698 3544 tunmp - ok
20:52:31.0776 3544 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:52:31.0823 3544 tunnel - ok
20:52:31.0854 3544 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:52:31.0901 3544 uagp35 - ok
20:52:31.0932 3544 [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
20:52:31.0963 3544 uCamMonitor - ok
20:52:32.0026 3544 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:52:32.0104 3544 udfs - ok
20:52:32.0151 3544 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:52:32.0197 3544 UI0Detect - ok
20:52:32.0197 3544 UIUSys - ok
20:52:32.0229 3544 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:52:32.0260 3544 uliagpkx - ok
20:52:32.0307 3544 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
20:52:32.0353 3544 uliahci - ok
20:52:32.0385 3544 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
20:52:32.0416 3544 UlSata - ok
20:52:32.0447 3544 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
20:52:32.0478 3544 ulsata2 - ok
20:52:32.0494 3544 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:52:32.0525 3544 umbus - ok
20:52:32.0587 3544 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
20:52:32.0665 3544 upnphost - ok
20:52:32.0728 3544 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:52:32.0775 3544 usbccgp - ok
20:52:32.0806 3544 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:52:32.0899 3544 usbcir - ok
20:52:32.0931 3544 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:52:32.0977 3544 usbehci - ok
20:52:33.0024 3544 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:52:33.0071 3544 usbhub - ok
20:52:33.0102 3544 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:52:33.0196 3544 usbohci - ok
20:52:33.0243 3544 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:52:33.0289 3544 usbprint - ok
20:52:33.0336 3544 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:52:33.0383 3544 USBSTOR - ok
20:52:33.0399 3544 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
20:52:33.0477 3544 usbuhci - ok
20:52:33.0539 3544 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:52:33.0586 3544 usbvideo - ok
20:52:33.0617 3544 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
20:52:33.0679 3544 UxSms - ok
20:52:33.0804 3544 [ 2A640DC735CB0112AC1DCD1E1549B27E ] VAIO Entertainment TV Device Arbitration Service C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
20:52:33.0820 3544 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - warning
20:52:33.0820 3544 VAIO Entertainment TV Device Arbitration Service - detected UnsignedFile.Multi.Generic (1)
20:52:33.0882 3544 [ 2C3DBB9B671AB95245DED1EFC5276CE9 ] VAIO Event Service C:\Program Files\sony\VAIO Event Service\VESMgr.exe
20:52:33.0898 3544 VAIO Event Service - ok
20:52:33.0976 3544 [ C1ED0F71D3B9EA8D774FC7C4CBF7EE7F ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
20:52:34.0023 3544 VAIO Power Management - ok
20:52:34.0179 3544 [ 7773EB681E99217FD92E5E8A5A199AE5 ] VCFw C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
20:52:34.0210 3544 VCFw ( UnsignedFile.Multi.Generic ) - warning
20:52:34.0210 3544 VCFw - detected UnsignedFile.Multi.Generic (1)
20:52:34.0366 3544 [ 2686B87EDC54ED215CE479AC9B7675DE ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
20:52:34.0475 3544 VcmIAlzMgr - ok
20:52:34.0553 3544 [ BB5781ED436D3E121F85617C3BBB7AD5 ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
20:52:34.0600 3544 VcmXmlIfHelper - ok
20:52:34.0600 3544 Vcsw - ok
20:52:34.0740 3544 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
20:52:34.0881 3544 vds - ok
20:52:34.0943 3544 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:52:35.0005 3544 vga - ok
20:52:35.0021 3544 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
20:52:35.0083 3544 VgaSave - ok
20:52:35.0115 3544 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:52:35.0146 3544 viaagp - ok
20:52:35.0177 3544 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
20:52:35.0208 3544 ViaC7 - ok
20:52:35.0224 3544 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
20:52:35.0271 3544 viaide - ok
20:52:35.0317 3544 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:52:35.0364 3544 volmgr - ok
20:52:35.0395 3544 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:52:35.0442 3544 volmgrx - ok
20:52:35.0489 3544 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:52:35.0520 3544 volsnap - ok
20:52:35.0598 3544 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:52:35.0645 3544 vsmraid - ok
20:52:35.0832 3544 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
20:52:35.0988 3544 VSS - ok
20:52:36.0129 3544 [ 071634532066C2E29350D450C3412837 ] VzCdbSvc C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
20:52:36.0175 3544 VzCdbSvc ( UnsignedFile.Multi.Generic ) - warning
20:52:36.0175 3544 VzCdbSvc - detected UnsignedFile.Multi.Generic (1)
20:52:36.0238 3544 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
20:52:36.0331 3544 W32Time - ok
20:52:36.0363 3544 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:52:36.0472 3544 WacomPen - ok
20:52:36.0503 3544 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
20:52:36.0550 3544 Wanarp - ok
20:52:36.0565 3544 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:52:36.0597 3544 Wanarpv6 - ok
20:52:36.0628 3544 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:52:36.0690 3544 wcncsvc - ok
20:52:36.0721 3544 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:52:36.0768 3544 WcsPlugInService - ok
20:52:36.0799 3544 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
20:52:36.0831 3544 Wd - ok
20:52:36.0877 3544 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:52:36.0940 3544 Wdf01000 - ok
20:52:36.0955 3544 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:52:37.0002 3544 WdiServiceHost - ok
20:52:37.0002 3544 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:52:37.0049 3544 WdiSystemHost - ok
20:52:37.0143 3544 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
20:52:37.0205 3544 WebClient - ok
20:52:37.0252 3544 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:52:37.0299 3544 Wecsvc - ok
20:52:37.0345 3544 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:52:37.0392 3544 wercplsupport - ok
20:52:37.0439 3544 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
20:52:37.0501 3544 WerSvc - ok
20:52:37.0564 3544 [ 090A2B8F055343815556A01F725F6C35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
20:52:37.0579 3544 WimFltr - ok
20:52:37.0611 3544 [ 5A77AC34A0FFB70CE8B35B524FEDE9BA ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
20:52:37.0720 3544 winachsf - ok
20:52:37.0813 3544 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
20:52:37.0876 3544 WinDefend - ok
20:52:37.0891 3544 WinHttpAutoProxySvc - ok
20:52:38.0125 3544 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:52:38.0203 3544 Winmgmt - ok
20:52:38.0328 3544 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
20:52:38.0515 3544 WinRM - ok
20:52:38.0656 3544 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:52:38.0796 3544 Wlansvc - ok
20:52:38.0890 3544 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:52:38.0983 3544 WmiAcpi - ok
20:52:39.0108 3544 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:52:39.0171 3544 wmiApSrv - ok
20:52:39.0358 3544 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:52:39.0483 3544 WMPNetworkSvc - ok
20:52:39.0514 3544 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:52:39.0576 3544 WPCSvc - ok
20:52:39.0607 3544 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:52:39.0670 3544 WPDBusEnum - ok
20:52:39.0966 3544 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:52:40.0075 3544 WPFFontCache_v0400 - ok
20:52:40.0091 3544 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:52:40.0169 3544 ws2ifsl - ok
20:52:40.0231 3544 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
20:52:40.0309 3544 wscsvc - ok
20:52:40.0309 3544 WSearch - ok
20:52:40.0684 3544 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
20:52:40.0918 3544 wuauserv - ok
20:52:40.0996 3544 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:52:41.0074 3544 WudfPf - ok
20:52:41.0121 3544 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:52:41.0199 3544 WUDFRd - ok
20:52:41.0245 3544 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:52:41.0308 3544 wudfsvc - ok
20:52:41.0339 3544 [ 88AF537264F2B818DA15479CEEAF5D7C ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
20:52:41.0401 3544 XAudio - ok
20:52:41.0479 3544 [ 15A317674A08DF26BE65164D959E9203 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
20:52:41.0542 3544 XAudioService - ok
20:52:41.0651 3544 [ 67E3D2AF24C3873E6A0CAC89DE78D63B ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
20:52:41.0682 3544 yukonwlh - ok
20:52:41.0698 3544 ================ Scan global ===============================
20:52:41.0713 3544 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
20:52:41.0807 3544 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
20:52:41.0869 3544 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
20:52:41.0932 3544 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
20:52:41.0947 3544 [Global] - ok
20:52:41.0947 3544 ================ Scan MBR ==================================
20:52:41.0979 3544 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:52:46.0269 3544 \Device\Harddisk0\DR0 - ok
20:52:46.0269 3544 ================ Scan VBR ==================================
20:52:46.0269 3544 [ 05983EBA6E120252BAF6617A72B6C471 ] \Device\Harddisk0\DR0\Partition1
20:52:46.0300 3544 \Device\Harddisk0\DR0\Partition1 - ok
20:52:46.0331 3544 [ 076E19422DD4F5480C60066F52935400 ] \Device\Harddisk0\DR0\Partition2
20:52:46.0378 3544 \Device\Harddisk0\DR0\Partition2 - ok
20:52:46.0409 3544 [ BA55BC1DBECF9AB5BF8DED9133A84AE2 ] \Device\Harddisk0\DR0\Partition3
20:52:46.0456 3544 \Device\Harddisk0\DR0\Partition3 - ok
20:52:46.0456 3544 ============================================================
20:52:46.0456 3544 Scan finished
20:52:46.0456 3544 ============================================================
20:52:46.0487 1508 Detected object count: 11
20:52:46.0487 1508 Actual detected object count: 11
20:53:26.0751 1508 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
20:53:26.0751 1508 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:53:26.0751 1508 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:53:26.0751 1508 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:53:26.0766 1508 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user
20:53:26.0766 1508 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:53:26.0766 1508 NSUService ( UnsignedFile.Multi.Generic ) - skipped by user
20:53:26.0766 1508 NSUService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:53:26.0766 1508 PACSPTISVR ( UnsignedFile.Multi.Generic ) - skipped by user
20:53:26.0766 1508 PACSPTISVR ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:53:26.0766 1508 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:53:26.0766 1508 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:53:26.0766 1508 RtkAudioService ( UnsignedFile.Multi.Generic ) - skipped by user
20:53:26.0766 1508 RtkAudioService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:53:26.0766 1508 SPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user
20:53:26.0766 1508 SPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:53:26.0766 1508 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:53:26.0766 1508 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:53:26.0766 1508 VCFw ( UnsignedFile.Multi.Generic ) - skipped by user
20:53:26.0766 1508 VCFw ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:53:26.0782 1508 VzCdbSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:53:26.0782 1508 VzCdbSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip

Alt 09.06.2013, 20:01   #8
markusg
/// Malware-holic
 
Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun? - Standard

Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun?



Hi,
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 09.06.2013, 20:13   #9
sweeby1982
 
Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun? - Standard

Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun?



ok, bevor ich das gleich mache, habe ich ein, zwei fragen....

Das Virenprogramm NUR deaktivieren, NICHT deinstallieren? Richtig?
Muss ich Maleware-byte auch irgendwie still legen?

Und wie mache ich das mit den Code-Tags ? Habe das gestern irgendwo gelesen, finde es aber gerade echt nicht, auch nicht über die Suchfunktion.
Sorry.....

Alt 09.06.2013, 20:15   #10
markusg
/// Malware-holic
 
Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun? - Standard

Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun?



1. nur deaktivieren.
2. musst du nicht.
3.

Code:
ATTFilter
         
oder du kopierst die Logs einfach rein.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 09.06.2013, 20:56   #11
sweeby1982
 
Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun? - Standard

Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun?



hier die combofix-log


Combofix Logfile:
Code:
ATTFilter
ComboFix 13-06-08.02 - Luzifer 09.06.2013  21:40:47.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.3038.1639 [GMT 2:00]
ausgeführt von:: c:\users\Luzifer\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\Public\sdelevURL.tmp
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-05-09 bis 2013-06-09  ))))))))))))))))))))))))))))))
.
.
2013-06-09 19:48 . 2013-06-09 19:48	--------	d-----w-	c:\users\Luzifer\AppData\Local\temp
2013-06-09 19:48 . 2013-06-09 19:48	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-06-09 18:10 . 2013-06-09 18:10	--------	d-----w-	c:\programdata\BrowserDefender
2013-06-09 18:09 . 2013-06-09 18:09	--------	d-----w-	c:\programdata\Babylon
2013-06-09 18:09 . 2013-06-09 18:09	--------	d-----w-	c:\users\Luzifer\AppData\Roaming\Babylon
2013-06-08 16:34 . 2013-06-08 16:34	--------	d-----w-	c:\windows\system32\jmdp
2013-06-08 16:34 . 2013-06-08 16:34	--------	d-----w-	c:\windows\system32\ARFC
2013-06-08 16:34 . 2013-05-21 13:28	27136	----a-w-	c:\windows\system32\ImHttpComm.dll
2013-06-08 16:34 . 2013-06-08 18:34	--------	d-----w-	c:\windows\system32\WNLT
2013-06-07 09:36 . 2013-06-09 15:46	60872	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{D3605FF7-5E0D-4F1C-A8BD-AEC32DC9DEF2}\offreg.dll
2013-06-07 09:18 . 2013-05-13 06:19	7016152	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{D3605FF7-5E0D-4F1C-A8BD-AEC32DC9DEF2}\mpengine.dll
2013-06-05 21:02 . 2013-05-09 08:59	368944	----a-w-	c:\windows\system32\drivers\aswSP.sys
2013-06-05 21:02 . 2013-05-09 08:59	49760	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2013-06-05 21:02 . 2013-05-09 08:59	29816	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2013-06-05 21:02 . 2013-05-09 08:59	56080	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2013-06-05 21:02 . 2013-05-09 08:59	765736	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2013-06-05 21:02 . 2013-05-09 08:59	174664	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2013-06-05 21:02 . 2013-05-09 08:59	49376	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2013-06-05 21:02 . 2013-05-09 08:59	66336	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2013-06-05 21:01 . 2013-05-09 08:58	41664	----a-w-	c:\windows\avastSS.scr
2013-06-05 21:00 . 2013-06-05 21:00	--------	d-----w-	c:\program files\AVAST Software
2013-06-02 11:42 . 2013-06-02 14:51	--------	d-----w-	c:\users\Luzifer\AppData\Roaming\TS3Client
2013-06-02 11:40 . 2013-06-02 11:41	--------	d-----w-	c:\program files\TeamSpeak 3 Client
2013-05-26 11:26 . 2013-05-26 11:26	--------	d-----w-	c:\users\Luzifer\AppData\Local\ArcSoft
2013-05-15 15:06 . 2013-05-05 19:12	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2013-05-15 14:56 . 2013-04-04 22:47	149632	----a-w-	c:\program files\Internet Explorer\sqmapi.dll
2013-05-15 14:56 . 2013-04-04 22:00	768512	----a-w-	c:\program files\Common Files\Microsoft Shared\vgx\VGX.dll
2013-05-15 14:56 . 2013-04-04 21:57	420864	----a-w-	c:\windows\system32\vbscript.dll
2013-05-15 14:56 . 2013-04-04 21:59	194048	----a-w-	c:\program files\Internet Explorer\IEShims.dll
2013-05-15 09:58 . 2013-04-15 14:20	638328	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 09:58 . 2013-04-13 10:56	37376	----a-w-	c:\windows\system32\cdd.dll
2013-05-15 09:57 . 2013-04-09 01:36	2049024	----a-w-	c:\windows\system32\win32k.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-16 08:47 . 2012-08-19 10:50	71048	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-16 08:47 . 2012-08-19 10:50	692104	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2013-05-09 08:58 . 2012-08-11 14:40	229648	----a-w-	c:\windows\system32\aswBoot.exe
2013-05-02 00:06 . 2012-08-05 10:52	238872	------w-	c:\windows\system32\MpSigStub.exe
2013-05-01 13:16 . 2013-05-01 13:18	94112	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2013-05-01 13:16 . 2012-09-29 08:54	866720	----a-w-	c:\windows\system32\npdeployJava1.dll
2013-05-01 13:16 . 2012-09-29 08:54	788896	----a-w-	c:\windows\system32\deployJava1.dll
2013-04-04 12:50 . 2012-08-10 18:09	22856	----a-w-	c:\windows\system32\drivers\mbam.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}]
2011-05-09 09:49	176936	----a-w-	c:\program files\DVDVideoSoftTB_DE\prxtbDVDV.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}"= "c:\program files\DVDVideoSoftTB_DE\prxtbDVDV.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}"= "c:\program files\DVDVideoSoftTB_DE\prxtbDVDV.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58	121968	----a-w-	c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-11-22 270336]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-10-17 6295552]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2008-09-30 122880]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"AML"="c:\program files\Sony\VAIO Launcher\AML.exe" [2008-09-09 1097728]
"Skytel"="Skytel.exe" [2008-10-17 1826816]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"Sweetpacks Communicator"="c:\program files\SweetIM\Communicator\SweetPacksUpdateManager.exe" [2012-08-15 231768]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-10-14 776744]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2008-11-05 16:32	98304	----a-w-	c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe"
"MarketingTools"=c:\program files\Sony\Marketing Tools\MarketingTools.exe
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 22340143
*Deregistered* - 22340143
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs	REG_MULTI_SZ   	BthServ
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-19 08:47]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId=E42F00215DF25656
TCP: DhcpNameServer = 80.69.100.102 80.69.100.230
FF - ProfilePath - c:\users\Luzifer\AppData\Roaming\Mozilla\Firefox\Profiles\jjzm6vcr.default\
FF - ExtSQL: 2013-06-05 23:01; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-06-09 20:10; ffxtlbr@delta.com; c:\users\Luzifer\AppData\Roaming\Mozilla\Firefox\Profiles\jjzm6vcr.default\extensions\ffxtlbr@delta.com
FF - user.js: extensions.delta.tlbrSrchUrl - 
FF - user.js: extensions.delta.id - e42f595e00000000000000215df25656
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15865
FF - user.js: extensions.delta.vrsn - 1.8.21.5
FF - user.js: extensions.delta.vrsni - 1.8.21.5
FF - user.js: extensions.delta.vrsnTs - 1.8.21.520:10
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=119816
FF - user.js: extensions.delta_i.babExt - 
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-RunOnce-awde7zip19598 - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-06-09 21:48
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000042
.
Zeit der Fertigstellung: 2013-06-09  21:51:02
ComboFix-quarantined-files.txt  2013-06-09 19:50
.
Vor Suchlauf: 6 Verzeichnis(se), 153.826.940.928 Bytes frei
Nach Suchlauf: 10 Verzeichnis(se), 154.251.663.360 Bytes frei
.
- - End Of File - - 2DB3DFEE3F0F8FD048513047F895ADC8
         
--- --- ---
A36C5E4F47E84449FF07ED3517B43A31

Alt 09.06.2013, 21:30   #12
markusg
/// Malware-holic
 
Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun? - Standard

Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun?



malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 10.06.2013, 08:03   #13
sweeby1982
 
Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun? - Standard

Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun?



hi,
hier die log von malewarebytes ohne befund

Malwarebytes Anti-Malware 1.75.0.1300
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2013.06.09.04

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Luzifer :: LUZIFER-PC [Administrator]

09.06.2013 22:35:55
mbam-log-2013-06-09 (22-35-55).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|G:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 461719
Laufzeit: 1 Stunde(n), 43 Minute(n), 12 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

hi,
habe gerade den Rechner hochgefahren und wieder kam die meldung der Benutzerkontensteuerung, diesmal mit namen wssA015.tmp, habe dieses nicht bestätigt. Die firewall meldete wieder ein ausgeschaltetes avast, welches sich aber problemlos anschalten ließ.
Muss jetzt los zur Spätschicht und komme frühestens heute abend gegen 23.30uhr wieder an den Rechner, nur damit du bescheid weißt

LG Sweeby

Alt 10.06.2013, 15:34   #14
markusg
/// Malware-holic
 
Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun? - Standard

Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun?



Hi,

lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 10.06.2013, 23:59   #15
sweeby1982
 
Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun? - Standard

Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun?



Guten Abend
geschafft......leider habe ich da sehr viele programme, die schon ab Werk installiert wurden. Bei sehr vielen bin ich mir gar nicht sicher, ob ich die irgendwie brauche. Ich schreibe bei diesen dann "ab Werk" und hoffe das du für mich die wirklich brauchbaren Sachen filtern kannst.
Code:
ATTFilter
Adobe Acrobat  9 Standard - English, Français, Deutsch	Adobe Systems	03.12.2012	756MB	9.0.0 Notwendig
Adobe Flash Player 11 ActiveX	Adobe Systems Incorporated	16.05.2013		11.7.700.202 Notwendig
Adobe Flash Player 11 Plugin	Adobe Systems Incorporated	16.05.2013		11.7.700.202 Notwendig 
Adobe Photoshop Elements 6.0	Adobe Systems, Inc.	05.08.2012	372MB	6.0 ab Werk
Adobe Premiere Elements 4.0	Ihr Firmenname	05.08.2012	1,71GB	4.0 ab Werk
Adobe Premiere Elements 4.0 Templates	Ihr Firmenname	05.08.2012	1,71GB	4.0.0 ab Werk
Adobe Reader X (10.1.7) - Deutsch	Adobe Systems Incorporated	14.05.2013	120MB	10.1.7 Notwendig
Alps Pointing-device for VAIO		24.11.2008	2,81MB Notwendig	
ArcSoft Magic-i Visual Effects 2	ArcSoft	05.08.2012	34,2MB	2.0.1.39 Notwendig
ArcSoft WebCam Companion 2	ArcSoft	05.08.2012	24,2MB	Notwendig
ATI Catalyst Install Manager	ATI Technologies, Inc.	05.08.2012	13,6MB	3.0.682.0 Notwendig
avast! Free Antivirus	AVAST Software	08.06.2013	346MB	8.0.1489.0 Notwendig
Benutzerdefinierte Voreinstellungen für SonicStage Mastering Studio Audio Filter	Sony Corporation	05.08.2012	56,4MB	2.5 ab Werk
Bundled software uninstaller		09.06.2013	218KB	Unbekannt
CCleaner	Piriform	24.05.2013	5,60MB	4.02 Notwendig
Click to Disc	Sony Corporation	05.08.2012	70,4MB	1.2.52.09250 ab Werk
Click to Disc Editor	Sony Corporation	05.08.2012	185MB	1.2.51 ab Werk
Compatibility Pack für 2007 Office System	Microsoft Corporation	09.01.2013	5,84MB	12.0.6612.1000 ab Werk
Converter version 0.1		25.01.2013		0.1 Unbekannt
DivX Codec	DivX, Inc.	05.08.2012	1,40MB	6.8.4 ab Werk
DivX Converter	DivX, Inc.	05.08.2012	30,3MB	6.6.1 ab Werk
DivX Player		05.08.2012	15,3MB	6.8.2 ab Werk
DivX Web Player	DivX,Inc.	05.08.2012	2,91MB	1.4.0 ab Werk
Dolby Control Center	Dolby	24.11.2008	46,9MB	1.2.0702 ab Werk
DVDVideoSoftTB DE Toolbar	DVDVideoSoftTB DE	30.11.2012	4,85MB	6.9.0.16 Unnötig
eMule		19.08.2012	10,6MB	 Unnötig
Free PDF to Word Doc Converter v1.1	Free PDF to Word Doc Converter - easy and powerful pdf converter software.	10.10.2012	2,73MB	1.1 Unnötig
Free YouTube Download version 3.1.42.1212	DVDVideoSoft Ltd.	11.01.2013	5,82MB	3.1.42.1212 Unnötig
Free YouTube to MP3 Converter version 3.11.36.1201	DVDVideoSoft Ltd.	11.12.2012	15,1MB	3.11.36.1201 Unnötig
HDAUDIO SoftV92 Data Fax Modem with SmartCP		24.11.2008	1,01MB	ab Werk
IB Updater Service		08.06.2013		3.0.5.4 Unbekannt
Intel(R) PROSet/Wireless WiFi-Software	Intel(R) Corporation	05.08.2012	78,1MB	12.01.1000 ab Werk
Java 7 Update 21	Oracle	01.05.2013	129MB	7.0.210 Notwendig
Java(TM) 6 Update 7	Sun Microsystems, Inc.	24.11.2008	171MB	1.6.0.70 Notwendig
K-Lite Codec Pack 9.5.0 (Full)		03.12.2012	86,8MB	9.5.0 Notwendig
Malwarebytes Anti-Malware Version 1.75.0.1300	Malwarebytes Corporation	26.04.2013	11,8MB	1.75.0.1300 Notwendig
Me&My VAIO	Sony Corporation	05.08.2012	69,8MB	1.0.0.11140 ab Werk
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU	Microsoft Corporation	08.08.2012	36,7MB ab Werk
Microsoft .NET Framework 3.5 SP1	Microsoft Corporation	05.08.2012	27,6MB	ab Werk
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	05.08.2012	120MB	4.0.30319 ab Werk
Microsoft .NET Framework 4 Client Profile DEU Language Pack	Microsoft Corporation	05.08.2012	24,4MB	4.0.30319 ab Werk
Microsoft Office Enterprise 2007	Microsoft Corporation	08.09.2012	638MB	12.0.6612.1000 ab Werk
Microsoft Office File Validation Add-In	Microsoft Corporation	13.09.2012	7,95MB	14.0.5130.5003 ab Werk
Microsoft Office Home and Student 2007	Microsoft Corporation	08.09.2012	295MB	12.0.6612.1000 ab Werk
Microsoft Office Live Add-in 1.5	Microsoft Corporation	11.09.2012	504KB	2.0.4024.1 ab Werk
Microsoft Office PowerPoint Viewer 2007 (German)	Microsoft Corporation	09.01.2013	3,39MB	12.0.6612.1000 ab Werk
Microsoft Office Suite Activation Assistant	Microsoft Corporation	05.08.2012	7,96MB	2.9 ab Werk
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	08.09.2012	294KB	8.0.61001 ab Werk
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	02.06.2013	234KB	9.0.30729 ab Werk
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148	Microsoft Corporation	11.08.2012	592KB	9.0.30729.4148 ab Werk
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161	Microsoft Corporation	08.09.2012	598KB	9.0.30729.6161 ab Werk
Microsoft Works	Microsoft Corporation	10.10.2012	376MB	9.7.0621 ab Werk
Mozilla Firefox 21.0 (x86 de)	Mozilla	25.05.2013	44,6MB	21.0 Notwendig
Mozilla Maintenance Service	Mozilla	25.05.2013	202KB	21.0 Unbekannt
MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	05.08.2012	35,0KB	4.20.9870.0 Unbekannt
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	05.08.2012	1,33MB	4.20.9876.0 Unbekannt
Music Transfer	Sony Corporation	05.08.2012	40,6MB	1.2.00.17290 ab Werk
OpenMG Secure Module 5.1.00	Sony Corporation	05.08.2012		5.1.00.05200 Unbekannt
Picasa 2	Google, Inc.	05.08.2012	34,9MB	2.0 Unnötig
Realtek High Definition Audio Driver	Realtek Semiconductor Corp.	24.11.2008	26,4MB	6.0.1.5653 ab Werk
Roxio Easy Media Creator 10 LJ	Roxio	05.08.2012	5,22MB	10.1 ab Werk
RYL2NORTHPOLE		21.02.2013	2,72GB	Unnötig
RYL2NORTHPOLE v2025		21.02.2013	2,73GB	Unnötig
Setting Utility Series	Sony Corporation	05.08.2012	11,3MB	4.2.0.10150 ab Werk
Skype™ 5.10	Skype Technologies S.A.	12.09.2012	19,3MB	5.10.116 Notwendig
Software Info for Me&My VAIO	Sony Corporation	05.08.2012	264KB	1.0.0.09110 ab Werk
SonicStage Mastering Studio	Sony Corporation	05.08.2012	56,4MB	2.6 ab Werk
SonicStage Mastering Studio Audio Filter	Sony Corporation	05.08.2012	12,6MB	2.5 ab Werk
SonicStage Mastering Studio Plugins	Sony Corporation	05.08.2012	30,0MB	2.5 ab Werk
Sony Picture Utility	Sony Corporation	05.08.2012	387MB	3.3.01.09300 ab Werk
Sony Video Shared Library	Sony Corporation	05.08.2012	5,26MB	3.5.00 ab Werk
TeamSpeak 3 Client	TeamSpeak Systems GmbH	02.06.2013	60,2MB	3.0.10 Unnötig
Unterstützung für VAIO-Präsentation	Sony Corporation	05.08.2012	3,52MB	1.1.0.08250 ab Werk
Update Manager for SweetPacks 1.1	SweetIM Technologies Ltd.	25.01.2013	2,75MB	1.1.0008 Unbekannt
VAIO Content Folder Setting	Sony Corporation	05.08.2012	7,59MB	2.1.0.08260 ab Werk
VAIO Content Folder Watcher	Sony Corporation	05.08.2012	16,0MB	1.0.01.09030 ab Werk
VAIO Content Metadata Intelligent Analyzing Manager	Sony Corporation	05.08.2012	21,8MB	3.3.0.10012 ab Werk
VAIO Content Metadata Manager Setting	Sony Corporation	05.08.2012	3,17MB	3.3.0.09300 ab Werk
VAIO Content Metadata XML Interface Library	Sony Corporation	05.08.2012	2,55MB	3.3.0.09182 ab Werk
VAIO Control Center	Sony Corporation	05.08.2012	4,66MB	3.2.0.09120 ab Werk
VAIO Data Restore Tool	Sony Corporation	05.08.2012	6,49MB	1.0.04.01170 ab Werk
VAIO DVD Menu Data Basic	Sony Corporation	05.08.2012	541MB	1.0.00.08130 ab Werk
VAIO Edit Components 6.5	Sony Corporation	05.08.2012	35,6MB	6.5 ab Werk 
VAIO Energie Verwaltung	Sony Corporation	24.11.2008	6,39MB	3.2.0.10310 ab Werk
VAIO Entertainment Platform	Sony Corporation	05.08.2012	4,73MB	3.2.3.10070 ab Werk
VAIO Event Service	Sony Corporation	05.08.2012	7,27MB	4.2.0.11060 ab Werk
VAIO Launcher	Sony Corporation	05.08.2012	7,44MB	2.2.0.09090 ab Werk
VAIO Marketing Tools	Sony Corporation	05.08.2012	586KB ab Werk	
VAIO Media plus	Sony Corporation	05.08.2012	54,8MB	1.2.0.10230 ab Werk
VAIO Media plus Opening Movie	Sony Corporation	05.08.2012	21,0MB	1.2.0.09100 ab Werk
VAIO Movie Story	Sony Corporation	05.08.2012	57,2MB	1.3.01.08060 ab Werk
VAIO Movie Story Template Data	Sony Corporation	05.08.2012	398MB	1.3.00.06120 ab Werk
VAIO MusicBox	Sony Corporation	05.08.2012	64,4MB	2.1.1.09160 ab Werk
VAIO MusicBox Sample Music	Sony Corporation	05.08.2012	90,2MB	1.1.00.14140 ab Werk
VAIO Original Function Setting	Sony Corporation	05.08.2012	7,16MB	1.5.00.08150 ab Werk
VAIO Smart Network	Sony Corporation	05.08.2012	24,4MB	2.2.0.11210 ab Werk
VAIO Update 4	Sony Corporation	05.08.2012	2,44MB	4.0.0.08280 ab Werk
VAIO Wallpaper Contents	Sony Corporation	05.08.2012	133MB	1.3.0.10310 ab Werk
VLC media player 2.0.5	VideoLAN	23.03.2013	94,7MB	2.0.5 Notwendig
WIDCOMM Bluetooth Software 6.2.0.5800	Broadcom Corporation	24.11.2008	70,7MB	6.2.0.5800 Notwendig
WinDVD BD for VAIO	InterVideo Inc.	05.08.2012	110MB	8.0-B9.617 ab Werk
         

Antwort

Themen zu Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun?
avast, meldung, neustart, perion network, windows-firewall, wssbc9c



Ähnliche Themen: Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun?


  1. Java Meldung : ich soll 100€ zahlen
    Plagegeister aller Art und deren Bekämpfung - 17.08.2015 (41)
  2. Ich habe eine Meldung, dass ich pornographische Seiten besucht hätte und soll diese Seite aktualisieren. Alles ist blockiert.
    Plagegeister aller Art und deren Bekämpfung - 10.05.2015 (1)
  3. Facebook macht eine Systemfehler Meldung die meinen PC zum sofortigen neustart erzwingt.
    Plagegeister aller Art und deren Bekämpfung - 06.05.2015 (5)
  4. Facebook macht eine Systemfehler Meldung die meinen PC zum sofortigen neustart erzwingt.
    Alles rund um Windows - 03.05.2015 (1)
  5. Win 8.1: Nach löschen von Virus mit Avira erscheint jedes Mal nach dem starten ein Fenster mit Auswahl, wie Datei geöffnet werden soll.
    Plagegeister aller Art und deren Bekämpfung - 30.04.2015 (30)
  6. E-Mail-Anhang geöffnet, der Schadsoftware enthielt; Avira-Meldung versehentlich gelöscht/ignoriert
    Plagegeister aller Art und deren Bekämpfung - 10.01.2015 (13)
  7. Bei jedem Neustart: Wartungscenter 1 wichtige Meldung. AVIRA Desktop ist nicht aktiviert?
    Alles rund um Windows - 05.04.2014 (1)
  8. Nach öffnen von Email bleibt Laptop hängen, nach Neustart keine Ausgabe mehr (schwarzer Bildschirm).
    Antiviren-, Firewall- und andere Schutzprogramme - 18.01.2014 (10)
  9. Softwareupdater.Ui.exe-Meldung nach jedem Neustart
    Plagegeister aller Art und deren Bekämpfung - 16.11.2013 (13)
  10. Ich bekomme die Meldung win32/small.ca-virus entfernen. Was soll ich tun? Win 7 64 bit
    Log-Analyse und Auswertung - 21.09.2013 (5)
  11. Weißer Bildschirm nach dem Neustart/einmalige Meldung von Bundespolzei
    Plagegeister aller Art und deren Bekämpfung - 20.05.2013 (52)
  12. habe versehentlich den downloadlink von sweetpeektoolbar mit ja bestätigt und Fdss und Win 32 Rootki
    Log-Analyse und Auswertung - 19.04.2012 (22)
  13. Windows XP Home Edition SP2-Windows fährt runter - nach Neustart soll 100 Euro zahlen
    Plagegeister aller Art und deren Bekämpfung - 06.12.2011 (10)
  14. Microsoft bestätigt Rootkits als Absturzursache nach Update
    Nachrichten - 18.02.2010 (0)
  15. Trojaner gelöscht - nun RUNDLL-Meldung bei Neustart
    Plagegeister aller Art und deren Bekämpfung - 27.06.2009 (23)
  16. Internet geht nach ca. 10min nicht mehr / vorher nur lahm / nach neustart das gleiche
    Log-Analyse und Auswertung - 01.12.2008 (0)
  17. Erhalte ständige Meldung, dass ich ein PlugIn Installieren soll...
    Log-Analyse und Auswertung - 18.06.2005 (1)

Zum Thema Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun? - Hallo liebes Team, habe vor zwei Tagen nach Computerstart eine Meldung der Benutzerkontensteuerung bekommen, in der ich wssAAA.tmp von Perion Network Ltd. ausführen sollte, was ich natürlich nicht gemacht habe. - Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun?...
Archiv
Du betrachtest: Nach neustart wssBC9C.tmp Meldung versehentlich bestätigt, was soll ich tun? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.