Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 12.06.2013, 07:55   #1
tam
 
Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen? - Standard

Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen?



Hallo,
seit gestern nachmittag habe ich Probleme mit meinem Laptop. Zuvor funktionierte alles ganz normal, nach dem ich ihn auf der Arbeit heruntergefahren habe und zu Hause wieder angeschaltet hab, wurde keine Webseite mehr geladen, Fehlermeldung: Chrome konnte keine Verbindung zu....herstellen. Nachdem ich an einem anderen PC im Netz gesucht habe, was das Problem sein könnte, bin ich mir nun nicht mehr sicher, ob ich mir nicht irgendetwas eingefangen hab. Ich hatte Avast laufen, bin aber dann drauf gekommen, dass sich Webseiten wieder laden, wenn ich ihn abschalte. Ich hatte mir Malwarebytes runtergeladen und installiert, aber der ist jedesmal abgestürzt. Dann hab ich versucht Avast erstmal zu deinstallieren, dagegen hatte er sich gestern erstmal gewehrt, das hat aber jetzt nach einem Neustart geklappt. CCleaner hab ich auch laufen lassen. Inzwischen hab ich Avira installiert und Malwarebytes hat es tatsächlich jetzt geschafft mal durchzulaufen und jetzt gerade folgendes gefunden: PUP.InstallBrain
Wie soll ich weiter vorgehen? Will jetzt nichts (mehr) falsch machen....

Alt 12.06.2013, 09:53   #2
markusg
/// Malware-holic
 
Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen? - Standard

Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen?



hi,
1. alle Malwarebytes Logs mit Funden posten:
http://www.trojaner-board.de/125889-...en-posten.html

2.

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 12.06.2013, 10:15   #3
tam
 
Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen? - Standard

Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen?



okay, hier erstmal das log von Malwarebytes
Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.06.12.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16576
[Administrator]

12.06.2013 08:37:13
mbam-log-2013-06-12 (08-37-13).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 211928
Laufzeit: 10 Minute(n), 26 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 1
C:\ProgramData\IBUpdaterService (PUP.InstallBrain) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 1
C:\ProgramData\IBUpdaterService\repository.xml (PUP.InstallBrain) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         
Derzeit läuft Avira nachdem Malwarebytes das in Quarantäne gestellt hat und irgendetwas in der Registry losging und Avira das geblockt hat. Im Moment ist er bei knapp 70 % und hat bereits 11 Funde! Bei dem ersten kurzen Scan nachdem ich Avira installiert hatte, hat er nichts gefunden. Solange Avira noch läuft werde ich wohl mit OTL warten müssen, oder?
__________________

Alt 12.06.2013, 10:44   #4
markusg
/// Malware-holic
 
Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen? - Standard

Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen?



ja, aber hier auch, alle Fundmeldungen posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 12.06.2013, 10:54   #5
tam
 
Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen? - Standard

Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen?



so, hier mal der Bericht von Avira:
Code:
ATTFilter
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Mittwoch, 12. Juni 2013  09:09


Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer   : Avira Free Antivirus
Seriennummer   : 0000149996-ADJIE-0000001
Plattform      : Windows 7 Home Premium
Windowsversion : (Service Pack 1)  [6.1.7601]
Boot Modus     : Normal gebootet
Benutzername   : SYSTEM
Computername   : SABINE-VAIO

Versionsinformationen:
BUILD.DAT      : 13.0.0.3640    54852 Bytes  18.04.2013 13:29:00
AVSCAN.EXE     : 13.6.0.1262   636984 Bytes  15.04.2013 18:23:10
AVSCANRC.DLL   : 13.4.0.360     64800 Bytes  07.12.2012 07:39:19
LUKE.DLL       : 13.6.0.1262    65080 Bytes  15.04.2013 18:31:37
AVSCPLR.DLL    : 13.6.0.1262    92216 Bytes  15.04.2013 18:23:21
AVREG.DLL      : 13.6.0.1262   247864 Bytes  15.04.2013 18:22:59
avlode.dll     : 13.6.2.1262   432184 Bytes  15.04.2013 18:22:38
avlode.rdf     : 13.0.0.38      15231 Bytes  22.03.2013 10:51:36
VBASE000.VDF   : 7.11.70.0   66736640 Bytes  04.04.2013 09:00:13
VBASE001.VDF   : 7.11.70.1       2048 Bytes  04.04.2013 09:00:13
VBASE002.VDF   : 7.11.70.2       2048 Bytes  04.04.2013 09:00:13
VBASE003.VDF   : 7.11.70.3       2048 Bytes  04.04.2013 09:00:13
VBASE004.VDF   : 7.11.70.4       2048 Bytes  04.04.2013 09:00:13
VBASE005.VDF   : 7.11.70.5       2048 Bytes  04.04.2013 09:00:13
VBASE006.VDF   : 7.11.70.6       2048 Bytes  04.04.2013 09:00:13
VBASE007.VDF   : 7.11.70.7       2048 Bytes  04.04.2013 09:00:13
VBASE008.VDF   : 7.11.70.8       2048 Bytes  04.04.2013 09:00:13
VBASE009.VDF   : 7.11.70.9       2048 Bytes  04.04.2013 09:00:13
VBASE010.VDF   : 7.11.70.10      2048 Bytes  04.04.2013 09:00:13
VBASE011.VDF   : 7.11.70.11      2048 Bytes  04.04.2013 09:00:13
VBASE012.VDF   : 7.11.70.12      2048 Bytes  04.04.2013 09:00:13
VBASE013.VDF   : 7.11.70.13      2048 Bytes  04.04.2013 09:00:13
VBASE014.VDF   : 7.11.70.103   136192 Bytes  05.04.2013 12:02:18
VBASE015.VDF   : 7.11.70.183   183808 Bytes  06.04.2013 09:17:03
VBASE016.VDF   : 7.11.71.9     145920 Bytes  08.04.2013 09:17:03
VBASE017.VDF   : 7.11.71.115   169472 Bytes  10.04.2013 08:19:36
VBASE018.VDF   : 7.11.71.197   172544 Bytes  11.04.2013 14:06:38
VBASE019.VDF   : 7.11.72.17    135168 Bytes  12.04.2013 11:30:42
VBASE020.VDF   : 7.11.72.103   158208 Bytes  15.04.2013 11:30:42
VBASE021.VDF   : 7.11.72.137   152064 Bytes  15.04.2013 11:30:42
VBASE022.VDF   : 7.11.72.223   159232 Bytes  16.04.2013 14:13:50
VBASE023.VDF   : 7.11.73.59    204288 Bytes  18.04.2013 11:13:10
VBASE024.VDF   : 7.11.73.60      2048 Bytes  18.04.2013 11:13:10
VBASE025.VDF   : 7.11.73.61      2048 Bytes  18.04.2013 11:13:10
VBASE026.VDF   : 7.11.73.62      2048 Bytes  18.04.2013 11:13:10
VBASE027.VDF   : 7.11.73.63      2048 Bytes  18.04.2013 11:13:10
VBASE028.VDF   : 7.11.73.64      2048 Bytes  18.04.2013 11:13:10
VBASE029.VDF   : 7.11.73.65      2048 Bytes  18.04.2013 11:13:10
VBASE030.VDF   : 7.11.73.66      2048 Bytes  18.04.2013 11:13:10
VBASE031.VDF   : 7.11.73.102    38912 Bytes  18.04.2013 11:13:10
Engineversion  : 8.2.12.28 
AEVDF.DLL      : 8.1.2.10      102772 Bytes  29.11.2012 10:25:33
AESCRIPT.DLL   : 8.1.4.106     483709 Bytes  11.04.2013 14:06:52
AESCN.DLL      : 8.1.10.4      131446 Bytes  26.03.2013 14:54:32
AESBX.DLL      : 8.2.5.12      606578 Bytes  29.11.2012 10:25:33
AERDL.DLL      : 8.2.0.88      643444 Bytes  25.01.2013 08:24:59
AEPACK.DLL     : 8.3.2.6       827767 Bytes  28.03.2013 12:20:31
AEOFFICE.DLL   : 8.1.2.56      205180 Bytes  08.03.2013 13:58:35
AEHEUR.DLL     : 8.1.4.286    5845369 Bytes  11.04.2013 14:06:52
AEHELP.DLL     : 8.1.25.2      258423 Bytes  29.11.2012 10:25:30
AEGEN.DLL      : 8.1.7.2       442741 Bytes  26.03.2013 14:54:32
AEEXP.DLL      : 8.4.0.20      192886 Bytes  15.04.2013 11:30:56
AEEMU.DLL      : 8.1.3.2       393587 Bytes  29.11.2012 10:25:29
AECORE.DLL     : 8.1.31.2      201080 Bytes  25.02.2013 14:47:15
AEBB.DLL       : 8.1.1.4        53619 Bytes  29.11.2012 10:25:29
AVWINLL.DLL    : 13.6.0.480     26480 Bytes  25.01.2013 08:25:06
AVPREF.DLL     : 13.6.0.480     51056 Bytes  25.01.2013 08:25:03
AVREP.DLL      : 13.6.0.480    178544 Bytes  25.01.2013 08:25:03
AVARKT.DLL     : 13.6.0.1262   258104 Bytes  15.04.2013 18:21:18
AVEVTLOG.DLL   : 13.6.0.1262   164920 Bytes  15.04.2013 18:22:27
SQLITE3.DLL    : 3.7.0.1       397704 Bytes  25.01.2013 08:25:19
AVSMTP.DLL     : 13.6.0.480     62832 Bytes  25.01.2013 08:25:04
NETNT.DLL      : 13.6.0.480     16240 Bytes  25.01.2013 08:25:15
RCIMAGE.DLL    : 13.4.0.360   4780832 Bytes  07.12.2012 07:39:21
RCTEXT.DLL     : 13.6.0.976     69344 Bytes  08.03.2013 13:58:59

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: c:\program files (x86)\avira\antivir desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: interaktiv
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, 
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert

Beginn des Suchlaufs: Mittwoch, 12. Juni 2013  09:09

Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
    [INFO]      Es wurde kein Virus gefunden!
Masterbootsektor HD1
    [INFO]      Es wurde kein Virus gefunden!

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'C:\'
    [INFO]      Es wurde kein Virus gefunden!

Der Suchlauf nach versteckten Objekten wird begonnen.

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '89' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '115' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '82' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '156' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'vpnagent.exe' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLANExt.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvXDSync.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '97' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '208' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'Ath_CoexAgent.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'adminservice.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'RIconMan.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbamscheduler.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbamservice.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'PMBDeviceInfoProvider.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'PsiService_2.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvSCPAPISvr.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'VESMgr.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCFw.exe' - '69' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbamgui.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'VcmIAlzMgr.exe' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSVC.EXE' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'VESMgrSub.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'VESMgrSub.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'VAIO Gate.exe' - '91' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSvcM.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'cAudioFilterAgent64.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'BtvStack.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'AthBtTray.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'Apoint.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmdc.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'sidebar.exe' - '99' Modul(e) wurden durchsucht
Durchsuche Prozess 'NokiaSuite.exe' - '194' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'SpfService64.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dropbox.exe' - '96' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'VSNService.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'VSNClient.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'ApMsgFwd.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAStorIcon.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'ISBMgr.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'PMBVolumeWatcher.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'vpnui.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '113' Modul(e) wurden durchsucht
Durchsuche Prozess 'Apvfb.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'Apntex.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'ServiceLayer.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'NclUSBSrv64.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '119' Modul(e) wurden durchsucht
Durchsuche Prozess 'NclMSBTSrvEx.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'VAIOUpdt.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'VUAgent.exe' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbam.exe' - '103' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAStorDataMgrSvc.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'iviRegMgr.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMS.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCPerfService.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'listener.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'SOHDs.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'SOHCImp.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'uCamMonitor.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'UNS.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCSystemTray.exe' - '123' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '100' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '126' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'prevhost.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'WINWORD.EXE' - '118' Modul(e) wurden durchsucht
Durchsuche Prozess 'splwow64.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'POWERPNT.EXE' - '107' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCSystemTray.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'AcroRd32.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'AcroRd32.exe' - '97' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '9' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCSystemTray.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCSystemTray.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '31' Modul(e) wurden durchsucht

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '2800' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\'
    [0] Archivtyp: RSRC
    --> C:\Users\Sabine\AppData\Roaming\Dropbox\bin\Dropbox.exe
        [1] Archivtyp: RSRC
      --> C:\Program Files (x86)\PC Connectivity Solution\WUDFUpdate_01009.dll
          [2] Archivtyp: RSRC
        --> C:\Users\Sabine\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\2356a449-5f356537
            [3] Archivtyp: ZIP
          --> VrJrzI.class
              [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Agent.NS
              [WARNUNG]   Infizierte Dateien in Archiven können nicht repariert werden
          --> UWhfAU.class
              [FUND]      Enthält Erkennungsmuster des Exploits EXP/2012-1723.ES
              [WARNUNG]   Infizierte Dateien in Archiven können nicht repariert werden
          --> asrVnO.class
              [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Agent.NT
              [WARNUNG]   Infizierte Dateien in Archiven können nicht repariert werden
          --> cEWCR.class
              [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Agent.NV
              [WARNUNG]   Infizierte Dateien in Archiven können nicht repariert werden
          --> ewpxAUl.class
              [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Dldr.Lamar.KY
              [WARNUNG]   Infizierte Dateien in Archiven können nicht repariert werden
          --> FpoRyv.class
              [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Agent.NW
              [WARNUNG]   Infizierte Dateien in Archiven können nicht repariert werden
          --> Ila.class
              [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Agent.NX
              [WARNUNG]   Infizierte Dateien in Archiven können nicht repariert werden
          --> kWXXT.class
              [FUND]      Enthält Erkennungsmuster des Exploits EXP/Dldr.Java.O
              [WARNUNG]   Infizierte Dateien in Archiven können nicht repariert werden
          --> lVFVd.class
              [FUND]      Enthält Erkennungsmuster des Exploits EXP/4681.AG
              [WARNUNG]   Infizierte Dateien in Archiven können nicht repariert werden
          --> OWAmOvNRW.class
              [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Agent.NU
              [WARNUNG]   Infizierte Dateien in Archiven können nicht repariert werden
          --> TpOQkVyWc.class
              [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Agent.MT
              [WARNUNG]   Infizierte Dateien in Archiven können nicht repariert werden
C:\Users\Sabine\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\2356a449-5f356537
  [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Agent.MT

Beginne mit der Desinfektion:
C:\Users\Sabine\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\2356a449-5f356537
  [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Agent.MT
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '58c6e6a6.qua' verschoben!


Ende des Suchlaufs: Mittwoch, 12. Juni 2013  11:50
Benötigte Zeit:  2:40:07 Stunde(n)

Der Suchlauf wurde vollständig durchgeführt.

  28884 Verzeichnisse wurden überprüft
 551847 Dateien wurden geprüft
     12 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      1 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
 551835 Dateien ohne Befall
   4695 Archive wurden durchsucht
     11 Warnungen
      1 Hinweise
 806055 Objekte wurden beim Rootkitscan durchsucht
      0 Versteckte Objekte wurden gefunden
         
Dann würde ich jetzt mit OTL weitermachen

so, hier nun OTL Bericht:

Code:
ATTFilter
OTL logfile created on: 12.06.2013 12:09:27 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Sabine\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,98 Gb Total Physical Memory | 2,14 Gb Available Physical Memory | 53,80% Memory free
7,96 Gb Paging File | 5,62 Gb Available in Paging File | 70,59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 582,06 Gb Total Space | 471,05 Gb Free Space | 80,93% Space Free | Partition Type: NTFS
Drive E: | 3,80 Gb Total Space | 3,79 Gb Free Space | 99,92% Space Free | Partition Type: FAT32
 
Computer Name: SABINE-VAIO | User Name: Sabine | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.06.12 11:19:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sabine\Desktop\OTL.exe
PRC - [2013.05.25 02:47:30 | 027,776,968 | ---- | M] (Dropbox, Inc.) -- C:\Users\Sabine\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013.04.04 11:22:39 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.02.25 16:47:33 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.02.25 16:47:19 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.12.21 18:56:44 | 001,090,040 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
PRC - [2012.12.19 10:49:34 | 000,732,648 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012.12.19 10:49:12 | 000,149,480 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2012.10.12 15:02:44 | 000,054,760 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Care\VCService.exe
PRC - [2012.08.17 10:38:52 | 000,522,232 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
PRC - [2012.08.17 10:38:24 | 000,479,224 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
PRC - [2012.08.06 14:27:08 | 000,062,464 | ---- | M] () -- C:\Programme\Sony\VAIO Care\listener.exe
PRC - [2011.05.19 19:15:44 | 000,549,616 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
PRC - [2011.04.29 17:20:18 | 000,146,592 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011.04.24 08:02:08 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.03.05 16:42:36 | 000,180,928 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2011.03.05 16:42:36 | 000,064,704 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
PRC - [2011.02.23 14:05:04 | 000,105,024 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2011.02.21 12:55:08 | 000,113,824 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
PRC - [2011.02.21 12:55:08 | 000,067,232 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
PRC - [2011.02.15 11:47:02 | 002,757,312 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
PRC - [2011.02.01 13:20:48 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.02.01 13:20:46 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.01.20 12:16:26 | 000,887,000 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2010.11.27 00:55:42 | 000,648,032 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2010.11.27 00:55:42 | 000,398,176 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2010.09.13 18:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.09.13 18:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010.05.20 16:15:00 | 000,110,736 | R--- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2010.03.10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.05.16 12:46:43 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll
MOD - [2013.05.16 12:46:02 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll
MOD - [2013.05.16 12:45:56 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll
MOD - [2013.03.13 22:48:52 | 024,978,944 | ---- | M] () -- C:\Users\Sabine\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013.01.10 13:08:32 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ceda881f46083cfb6356ed39e6bf9dcb\IAStorUtil.ni.dll
MOD - [2013.01.10 13:08:32 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\85a17526c326bfb377b5c2124dce39f2\IAStorCommon.ni.dll
MOD - [2013.01.10 12:56:51 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013.01.10 12:55:57 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.01.10 12:55:19 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013.01.10 12:55:11 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.01.10 12:54:58 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012.12.21 18:57:44 | 000,276,984 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll
MOD - [2012.12.21 18:57:44 | 000,093,176 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll
MOD - [2012.12.21 18:57:28 | 002,653,176 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll
MOD - [2012.12.21 18:57:28 | 000,364,536 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll
MOD - [2012.12.21 18:57:26 | 011,166,712 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll
MOD - [2012.12.21 18:57:24 | 000,206,328 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll
MOD - [2012.12.21 18:57:22 | 001,347,064 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll
MOD - [2012.12.21 18:57:22 | 001,014,776 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll
MOD - [2012.12.21 18:57:22 | 000,720,888 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll
MOD - [2012.12.21 18:57:20 | 008,507,384 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll
MOD - [2012.12.21 18:57:20 | 000,520,696 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll
MOD - [2012.12.21 18:57:18 | 002,481,144 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll
MOD - [2012.12.21 18:57:18 | 002,354,168 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll
MOD - [2012.12.21 18:57:14 | 000,446,456 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
MOD - [2012.12.21 18:57:10 | 000,207,352 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll
MOD - [2012.12.21 18:57:10 | 000,035,832 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll
MOD - [2012.12.21 18:57:08 | 000,033,272 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll
MOD - [2012.12.21 18:56:40 | 000,438,264 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll
MOD - [2012.12.21 18:56:00 | 000,606,200 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll
MOD - [2012.12.21 16:29:52 | 000,391,600 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll
MOD - [2012.12.21 16:29:52 | 000,059,280 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll
MOD - [2012.12.21 16:29:14 | 000,110,080 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\mediaservice\dsengine.dll
MOD - [2012.11.14 01:32:50 | 003,558,400 | ---- | M] () -- C:\Users\Sabine\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2012.08.06 14:27:08 | 000,062,464 | ---- | M] () -- C:\Programme\Sony\VAIO Care\listener.exe
MOD - [2011.09.06 15:14:42 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.11.13 01:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2012.08.06 14:27:08 | 000,156,672 | ---- | M] () [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV - [2013.06.11 22:19:08 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013.02.25 16:47:33 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.02.25 16:47:19 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.01.08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.19 10:49:34 | 000,732,648 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.11.29 10:26:17 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.26 10:44:28 | 001,286,784 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Update\VUAgent.exe -- (VUAgent)
SRV - [2012.10.12 15:02:44 | 000,054,760 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Care\VCService.exe -- (VCService)
SRV - [2012.08.17 10:38:24 | 000,479,224 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent)
SRV - [2012.07.17 15:14:44 | 002,292,480 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2012.03.30 13:27:14 | 000,237,328 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\MSS\3.0.271\McCHSvc.exe -- (McComponentHostServiceSony)
SRV - [2011.08.12 17:35:30 | 000,971,704 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV - [2011.07.19 05:45:52 | 000,104,096 | ---- | M] (Atheros Communication Inc.) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe -- (DCDhcpService)
SRV - [2011.05.19 19:15:44 | 000,549,616 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2011.04.29 17:20:18 | 000,146,592 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011.04.29 17:19:22 | 000,091,296 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2011.04.24 08:02:08 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.03.29 08:13:25 | 002,361,344 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011.03.05 16:42:36 | 000,064,704 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2011.02.23 14:05:04 | 000,105,024 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2011.02.21 12:55:08 | 000,113,824 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2011.02.21 12:55:08 | 000,067,232 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2011.02.18 22:15:06 | 000,099,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV - [2011.02.18 22:02:08 | 000,385,336 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV - [2011.02.01 13:20:48 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.02.01 13:20:46 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011.01.20 12:27:18 | 000,286,936 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV - [2011.01.20 12:16:26 | 000,887,000 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2010.11.27 00:55:42 | 000,398,176 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2010.09.13 18:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010.05.20 16:15:00 | 000,110,736 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2010.03.18 23:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.03.10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.05.31 18:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 18:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013.03.06 16:13:37 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013.02.26 16:56:51 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.02.26 16:56:50 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.02.18 09:22:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.11.09 16:33:30 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2012.11.09 16:33:30 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2012.11.09 16:33:30 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2012.11.09 16:33:30 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012.10.17 14:53:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.08.17 10:30:22 | 000,027,048 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64.sys -- (vpnva)
DRV:64bit: - [2012.08.17 10:29:24 | 000,107,432 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acsock64.sys -- (acsock)
DRV:64bit: - [2012.07.28 02:15:28 | 000,057,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.09.20 17:23:40 | 000,317,776 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2011.06.21 02:03:42 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011.04.29 17:19:36 | 000,288,416 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011.04.29 17:19:36 | 000,283,296 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011.04.29 17:19:36 | 000,166,048 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011.04.29 17:19:36 | 000,109,216 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2011.04.29 17:19:36 | 000,059,040 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011.04.29 17:19:36 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011.04.29 17:19:36 | 000,029,344 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011.04.29 17:19:34 | 000,259,232 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011.04.29 17:19:34 | 000,051,872 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AthDfu.sys -- (ATHDFU)
DRV:64bit: - [2011.03.29 08:51:30 | 000,425,064 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.03.29 08:15:05 | 000,335,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011.03.29 05:57:20 | 001,581,184 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.22 17:27:05 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.11.21 05:23:48 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.11.21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.10.19 16:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.04.26 22:20:29 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:02 | 000,281,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1y60x64.sys -- (e1yexpress)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.26 14:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2007.04.17 11:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vaioportal.sony.eu
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://sony.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{43BC01C1-13FB-4588-B33D-A73B9ACCE8B0}: "URL" = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{B9BB60E4-803E-4D51-B46D-165E3ADB6371}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q311&_nkw={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7B635abd67-4fe9-1b23-4f01-e679fa7484c1%7D:2.5.1.20121012015120
FF - prefs.js..extensions.enabledAddons: %7B800b5000-a755-47e1-992b-48a1c1357f07%7D:1.5.3
FF - prefs.js..extensions.enabledAddons: %7Be001c731-5e37-4538-a5cb-8168736a2360%7D:0.9.9.119
FF - prefs.js..extensions.enabledAddons: %7BEEE6C361-6118-11DC-9C72-001320C79847%7D:1.7.0.3
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1489
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..keyword.URL: "hxxp://search.sweetim.com/search.asp?barid={396DB6CB-268F-11E2-8828-78843CF86237}&src=2&crg=3.1010000.10025&q="
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://search.sweetim.com/search.asp?barid={396DB6CB-268F-11E2-8828-78843CF86237}&src=2&crg=3.1010000.10025&q="
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.01.23 14:21:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.12.01 20:04:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.30 10:05:46 | 000,000,000 | ---D | M]
 
[2012.01.18 20:20:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sabine\AppData\Roaming\mozilla\Extensions
[2013.06.11 16:49:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sabine\AppData\Roaming\mozilla\Firefox\Profiles\mcv1w1a9.default\extensions
[2013.06.11 16:49:24 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Sabine\AppData\Roaming\mozilla\Firefox\Profiles\mcv1w1a9.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012.07.26 16:08:41 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Sabine\AppData\Roaming\mozilla\Firefox\Profiles\mcv1w1a9.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.09.19 18:43:33 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\Sabine\AppData\Roaming\mozilla\Firefox\Profiles\mcv1w1a9.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2012.08.23 15:57:51 | 000,101,871 | ---- | M] () (No name found) -- C:\Users\Sabine\AppData\Roaming\mozilla\firefox\profiles\mcv1w1a9.default\extensions\ciuvo-extension@icq.de.xpi
[2012.09.25 20:20:28 | 000,054,396 | ---- | M] () (No name found) -- C:\Users\Sabine\AppData\Roaming\mozilla\firefox\profiles\mcv1w1a9.default\extensions\pricepeep@getpricepeep.com.xpi
[2012.12.01 20:08:48 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Sabine\AppData\Roaming\mozilla\firefox\profiles\mcv1w1a9.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.06.11 16:49:20 | 000,189,128 | ---- | M] () (No name found) -- C:\Users\Sabine\AppData\Roaming\mozilla\firefox\profiles\mcv1w1a9.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
[2012.11.03 15:12:17 | 000,000,950 | ---- | M] () -- C:\Users\Sabine\AppData\Roaming\mozilla\firefox\profiles\mcv1w1a9.default\searchplugins\icqplugin-1.xml
[2012.07.13 16:21:12 | 000,000,950 | ---- | M] () -- C:\Users\Sabine\AppData\Roaming\mozilla\firefox\profiles\mcv1w1a9.default\searchplugins\icqplugin-2.xml
[2012.07.28 14:37:23 | 000,000,950 | ---- | M] () -- C:\Users\Sabine\AppData\Roaming\mozilla\firefox\profiles\mcv1w1a9.default\searchplugins\icqplugin-3.xml
[2012.08.04 15:52:50 | 000,000,950 | ---- | M] () -- C:\Users\Sabine\AppData\Roaming\mozilla\firefox\profiles\mcv1w1a9.default\searchplugins\icqplugin-4.xml
[2012.09.05 10:30:53 | 000,000,950 | ---- | M] () -- C:\Users\Sabine\AppData\Roaming\mozilla\firefox\profiles\mcv1w1a9.default\searchplugins\icqplugin-5.xml
[2012.07.24 14:48:30 | 000,000,168 | ---- | M] () -- C:\Users\Sabine\AppData\Roaming\mozilla\firefox\profiles\mcv1w1a9.default\searchplugins\icqplugin.gif
[2012.07.24 14:48:30 | 000,000,618 | ---- | M] () -- C:\Users\Sabine\AppData\Roaming\mozilla\firefox\profiles\mcv1w1a9.default\searchplugins\icqplugin.src
[2012.06.27 10:16:49 | 000,001,056 | ---- | M] () -- C:\Users\Sabine\AppData\Roaming\mozilla\firefox\profiles\mcv1w1a9.default\searchplugins\icqplugin.xml
[2012.11.04 16:52:25 | 000,003,915 | ---- | M] () -- C:\Users\Sabine\AppData\Roaming\mozilla\firefox\profiles\mcv1w1a9.default\searchplugins\sweetim.xml
[2012.12.01 20:04:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.11.02 17:18:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\updated\extensions
[2012.11.02 17:18:15 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012.01.23 14:21:40 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
File not found (No name found) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012.11.29 10:26:57 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.11.29 11:19:31 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.11.29 11:19:31 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.11.29 11:19:31 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.11.29 11:19:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.11.29 11:19:31 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.11.29 11:19:31 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: about:home
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Nokia Suite Enabler Plugin (Enabled) = C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: WOT = C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.12_0\
CHR - Extension: YouTube = C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Zotero Connector = C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc\3.0.8.1_0\
CHR - Extension: AdBlock = C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.63_0\
CHR - Extension: avast! Online Security = C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Mail = C:\Users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Programme\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\Run: [Arovax AntiSpyware] C:\Program Files (x86)\Arovax AntiSpyware\arovaxantispyware.exe (Arovax)
O4 - HKCU..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [DIMUpdate wird heruntergeladen...1338924290338] "c:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X6\PHOTO-PAINT\DIM.exe" "c:\programdata\corel\downloads\540240626_410003\1338924290338\dim_params.xml" -Launch=3 -uibase="c:\users\sabine\appdata\roaming\corel\messages\540240626_410003\de\messagecache1\workflow" File not found
O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O4 - Startup: C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Sabine\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {538793D5-659C-4639-A56C-A179AD87ED44} vpnweb.cab (Cisco AnyConnect Secure Mobility Client Web Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 193.189.244.202 193.189.244.194
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E8553E4F-EC0A-4E94-918C-DCB010C78FBE}: DhcpNameServer = 192.168.1.1 193.189.244.202 193.189.244.194
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{b87ad871-36e5-11e2-9ee1-78843cf86237}\Shell - "" = AutoRun
O33 - MountPoints2\{b87ad871-36e5-11e2-9ee1-78843cf86237}\Shell\AutoRun\command - "" = E:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{3942788D-F1D2-4201-9BF0-003753DCCEB6} - RunDLL32 IEDKCS32.DLL,BrandIE4 CUSTOM
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - 
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
 
 
MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MsConfig:64bit - StartUpReg: ICQ - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: NokiaSuite.exe - hkey= - key= - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.12 11:19:18 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Sabine\Desktop\OTL.exe
[2013.06.12 08:30:01 | 000,000,000 | ---D | C] -- C:\Users\Sabine\AppData\Roaming\Avira
[2013.06.12 08:24:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013.06.12 08:24:16 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.06.12 08:24:16 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.06.12 08:24:16 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.06.12 08:23:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2013.06.12 08:23:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2013.06.11 23:05:09 | 000,000,000 | ---D | C] -- C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\xp-AntiSpy
[2013.06.11 23:05:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\xp-AntiSpy
[2013.06.11 22:50:47 | 000,000,000 | ---D | C] -- C:\Users\Sabine\AppData\Roaming\PerformerSoft
[2013.06.11 22:50:46 | 000,019,632 | ---- | C] (PerformerSoft LLC) -- C:\Windows\SysNative\roboot64.exe
[2013.06.11 22:50:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer
[2013.06.11 22:50:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Performer
[2013.06.11 22:50:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Arovax
[2013.06.11 22:50:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arovax AntiSpyware
[2013.06.11 22:50:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Arovax AntiSpyware
[2013.06.11 22:49:55 | 003,599,329 | ---- | C] (Arovax Software) -- C:\Users\Sabine\Desktop\aas_2.1_setup_153.exe
[2013.06.11 22:37:11 | 000,000,000 | ---D | C] -- C:\Users\Sabine\AppData\Roaming\Malwarebytes
[2013.06.11 22:37:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.06.11 22:37:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.06.11 22:36:57 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.06.11 22:36:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.06.11 19:48:20 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2013.06.11 19:48:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager
[2013.06.11 19:48:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Security Task Manager
[2013.06.11 17:13:08 | 000,000,000 | ---D | C] -- C:\Users\Sabine\AppData\Local\Programs
[2013.06.08 21:09:08 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft
[2013.05.20 12:25:45 | 000,000,000 | ---D | C] -- C:\Users\Sabine\Desktop\Ausmalbilder
[2013.05.15 14:13:06 | 000,000,000 | ---D | C] -- C:\Users\Sabine\AppData\Roaming\IsolatedStorage
[2013.05.15 14:13:06 | 000,000,000 | ---D | C] -- C:\ProgramData\IsolatedStorage
[2013.05.15 14:12:53 | 000,000,000 | ---D | C] -- C:\Users\Sabine\AppData\Local\_
[2013.05.13 16:46:16 | 000,000,000 | ---D | C] -- C:\Users\Sabine\My Downloads
[2013.05.13 16:45:18 | 000,000,000 | ---D | C] -- C:\Users\Sabine\AppData\Roaming\FreeTorrentViewer
[2013.05.13 16:45:00 | 000,000,000 | ---D | C] -- C:\Users\Sabine\Local Settings
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.12 12:13:02 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.12 11:20:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.12 11:19:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sabine\Desktop\OTL.exe
[2013.06.12 11:13:15 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.12 08:41:48 | 000,020,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.12 08:41:48 | 000,020,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.12 08:33:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.12 08:33:49 | 3206,959,104 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.12 08:24:39 | 000,001,994 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.06.12 08:22:34 | 000,000,286 | ---- | M] () -- C:\Windows\tasks\PC Performer_UPDATES.job
[2013.06.12 08:22:34 | 000,000,278 | ---- | M] () -- C:\Windows\tasks\PC Performer_DEFAULT.job
[2013.06.11 23:05:10 | 000,001,917 | ---- | M] () -- C:\Users\Sabine\Desktop\xp-AntiSpy.lnk
[2013.06.11 23:04:57 | 000,427,218 | ---- | M] () -- C:\Users\Sabine\Desktop\xp-AntiSpy_setup-deutsch_3.98-2.exe
[2013.06.11 22:50:44 | 000,001,050 | ---- | M] () -- C:\Users\Public\Desktop\PC Performer.lnk
[2013.06.11 22:50:24 | 000,000,858 | ---- | M] () -- C:\Users\Public\Desktop\Arovax AntiSpyware.lnk
[2013.06.11 22:50:05 | 003,599,329 | ---- | M] (Arovax Software) -- C:\Users\Sabine\Desktop\aas_2.1_setup_153.exe
[2013.06.11 22:37:03 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.06.11 19:51:16 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.06.11 19:51:16 | 000,696,870 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.06.11 19:51:16 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.06.11 19:51:16 | 000,148,134 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.06.11 19:51:16 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.06.10 18:02:05 | 000,000,454 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Sabine.job
[2013.06.09 09:56:55 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.06.08 22:39:01 | 000,001,502 | ---- | M] () -- C:\Users\Sabine\Desktop\Registry backup.reg
[2013.06.01 11:51:25 | 000,001,053 | ---- | M] () -- C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.06.01 11:51:14 | 000,001,023 | ---- | M] () -- C:\Users\Sabine\Desktop\Dropbox.lnk
[2013.05.16 12:40:27 | 000,423,528 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.06.12 08:24:39 | 000,001,994 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.06.11 23:05:10 | 000,001,917 | ---- | C] () -- C:\Users\Sabine\Desktop\xp-AntiSpy.lnk
[2013.06.11 23:04:54 | 000,427,218 | ---- | C] () -- C:\Users\Sabine\Desktop\xp-AntiSpy_setup-deutsch_3.98-2.exe
[2013.06.11 22:50:54 | 000,000,278 | ---- | C] () -- C:\Windows\tasks\PC Performer_DEFAULT.job
[2013.06.11 22:50:53 | 000,000,286 | ---- | C] () -- C:\Windows\tasks\PC Performer_UPDATES.job
[2013.06.11 22:50:44 | 000,001,050 | ---- | C] () -- C:\Users\Public\Desktop\PC Performer.lnk
[2013.06.11 22:50:24 | 000,000,858 | ---- | C] () -- C:\Users\Public\Desktop\Arovax AntiSpyware.lnk
[2013.06.11 22:37:03 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.10 15:09:10 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll
[2013.02.06 11:48:19 | 000,000,000 | ---- | C] () -- C:\Windows\HPMProp.INI
[2013.02.06 11:48:00 | 000,323,584 | ---- | C] () -- C:\Windows\SysWow64\hpcc3130.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.06.12 09:30:25 | 000,000,000 | ---D | M] -- C:\Users\Sabine\AppData\Roaming\Dropbox
[2013.05.13 17:36:35 | 000,000,000 | ---D | M] -- C:\Users\Sabine\AppData\Roaming\FreeTorrentViewer
[2012.11.04 18:42:24 | 000,000,000 | ---D | M] -- C:\Users\Sabine\AppData\Roaming\GinyasBrowserCompanion
[2012.11.04 16:52:30 | 000,000,000 | ---D | M] -- C:\Users\Sabine\AppData\Roaming\ICQ
[2012.05.25 18:51:48 | 000,000,000 | ---D | M] -- C:\Users\Sabine\AppData\Roaming\ICQ Search
[2013.04.22 18:53:24 | 000,000,000 | ---D | M] -- C:\Users\Sabine\AppData\Roaming\iolo
[2013.05.15 14:13:06 | 000,000,000 | ---D | M] -- C:\Users\Sabine\AppData\Roaming\IsolatedStorage
[2012.07.31 22:01:04 | 000,000,000 | ---D | M] -- C:\Users\Sabine\AppData\Roaming\Nokia
[2013.01.29 20:07:54 | 000,000,000 | ---D | M] -- C:\Users\Sabine\AppData\Roaming\Notepad++
[2012.07.31 21:37:43 | 000,000,000 | ---D | M] -- C:\Users\Sabine\AppData\Roaming\PC Suite
[2013.06.11 22:50:47 | 000,000,000 | ---D | M] -- C:\Users\Sabine\AppData\Roaming\PerformerSoft
[2012.09.20 12:20:07 | 000,000,000 | ---D | M] -- C:\Users\Sabine\AppData\Roaming\QuickScan
[2013.01.02 21:01:58 | 000,000,000 | ---D | M] -- C:\Users\Sabine\AppData\Roaming\RavensburgerTipToi
[2011.12.24 21:36:17 | 000,000,000 | ---D | M] -- C:\Users\Sabine\AppData\Roaming\Windows Live Writer
[2013.01.31 12:48:23 | 000,000,000 | ---D | M] -- C:\Users\Sabine\AppData\Roaming\Zotero
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2013.03.01 10:19:20 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2013.06.12 08:33:48 | 000,000,000 | ---D | M] -- C:\avast! sandbox
[2011.09.06 05:48:51 | 000,000,000 | ---D | M] -- C:\Documentation
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011.12.24 20:16:19 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2013.02.06 11:47:29 | 000,000,000 | ---D | M] -- C:\HP Universal Print Driver
[2011.09.06 05:31:06 | 000,000,000 | ---D | M] -- C:\Intel
[2012.02.01 14:26:19 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2013.05.15 14:15:11 | 000,000,000 | R--D | M] -- C:\Program Files
[2013.06.12 08:23:58 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2013.06.12 09:09:17 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.12.24 20:16:19 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.09.06 06:18:50 | 000,000,000 | -H-D | M] -- C:\SPLASH.000
[2011.09.06 06:18:29 | 000,000,000 | -H-D | M] -- C:\SPLASH.SYS
[2013.06.12 12:12:51 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.09.06 06:23:10 | 000,000,000 | ---D | M] -- C:\temp
[2013.02.10 15:09:42 | 000,000,000 | ---D | M] -- C:\Update
[2011.12.24 21:16:03 | 000,000,000 | R--D | M] -- C:\Users
[2011.12.24 21:50:15 | 000,000,000 | ---D | M] -- C:\VAIO Entertainment
[2011.09.06 06:23:21 | 000,000,000 | ---D | M] -- C:\VAIO Sample Contents
[2013.06.12 08:36:45 | 000,000,000 | ---D | M] -- C:\Windows
[2012.12.18 10:13:56 | 000,000,000 | ---D | M] -- C:\Wow
[2011.09.06 05:48:54 | 000,000,000 | ---D | M] -- C:\_FS_SWRINFO
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009.07.14 03:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2010.11.21 05:23:55 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,640 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.10.11 19:30:28 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.11.04 18:58:06 | 000,001,106 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.11.04 18:58:07 | 000,001,110 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.02.25 15:46:44 | 000,000,454 | -H-- | C] () -- C:\Windows\Tasks\Norton Security Scan for Sabine.job
[2013.06.11 22:50:53 | 000,000,286 | ---- | C] () -- C:\Windows\Tasks\PC Performer_UPDATES.job
[2013.06.11 22:50:54 | 000,000,278 | ---- | C] () -- C:\Windows\Tasks\PC Performer_DEFAULT.job
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2011.07.13 03:21:47 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.07.13 03:21:47 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.07.13 03:21:47 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.07.13 03:21:47 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.07.13 03:21:47 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.07.13 03:21:47 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
 
< MD5 for: IASTOR.SYS  >
[2011.02.22 17:27:05 | 000,437,272 | ---- | M] (Intel Corporation) MD5=F7CE9BE72EDAC499B713ECA6DAE5D26F -- C:\Windows\SysNative\drivers\iaStor.sys
[2011.02.22 17:27:05 | 000,437,272 | ---- | M] (Intel Corporation) MD5=F7CE9BE72EDAC499B713ECA6DAE5D26F -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_2b0c50dc63f09dae\iaStor.sys
[2011.02.22 17:27:05 | 000,437,272 | ---- | M] (Intel Corporation) MD5=F7CE9BE72EDAC499B713ECA6DAE5D26F -- C:\Windows\SysNative\DriverStore\FileRepository\iastor.inf_amd64_neutral_5b314ccea0aa569d\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %USERPROFILE%\*.* >
[2013.06.12 12:26:26 | 003,145,728 | -HS- | M] () -- C:\Users\Sabine\ntuser.dat
[2013.06.12 12:26:26 | 000,262,144 | -HS- | M] () -- C:\Users\Sabine\ntuser.dat.LOG1
[2011.12.24 21:16:09 | 000,000,000 | -HS- | M] () -- C:\Users\Sabine\ntuser.dat.LOG2
[2011.12.24 23:46:33 | 000,065,536 | -HS- | M] () -- C:\Users\Sabine\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2011.12.24 23:46:33 | 000,524,288 | -HS- | M] () -- C:\Users\Sabine\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2011.12.24 23:46:33 | 000,524,288 | -HS- | M] () -- C:\Users\Sabine\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2013.05.24 00:15:36 | 000,065,536 | -HS- | M] () -- C:\Users\Sabine\ntuser.dat{7a7e6ac9-c3d3-11e2-a8ba-78843cf86237}.TM.blf
[2013.05.24 00:15:36 | 000,524,288 | -HS- | M] () -- C:\Users\Sabine\ntuser.dat{7a7e6ac9-c3d3-11e2-a8ba-78843cf86237}.TMContainer00000000000000000001.regtrans-ms
[2013.05.24 00:15:36 | 000,524,288 | -HS- | M] () -- C:\Users\Sabine\ntuser.dat{7a7e6ac9-c3d3-11e2-a8ba-78843cf86237}.TMContainer00000000000000000002.regtrans-ms
[2012.09.30 22:43:18 | 000,065,536 | -HS- | M] () -- C:\Users\Sabine\ntuser.dat{8cb5d579-0ac8-11e2-b2c0-8d853a3bb30c}.TM.blf
[2012.09.30 22:43:18 | 000,524,288 | -HS- | M] () -- C:\Users\Sabine\ntuser.dat{8cb5d579-0ac8-11e2-b2c0-8d853a3bb30c}.TMContainer00000000000000000001.regtrans-ms
[2012.09.30 22:43:18 | 000,524,288 | -HS- | M] () -- C:\Users\Sabine\ntuser.dat{8cb5d579-0ac8-11e2-b2c0-8d853a3bb30c}.TMContainer00000000000000000002.regtrans-ms
[2013.06.08 22:21:37 | 000,065,536 | -HS- | M] () -- C:\Users\Sabine\ntuser.dat{a48e2328-d077-11e2-a6ef-78843cf86237}.TM.blf
[2013.06.08 22:21:37 | 000,524,288 | -HS- | M] () -- C:\Users\Sabine\ntuser.dat{a48e2328-d077-11e2-a6ef-78843cf86237}.TMContainer00000000000000000001.regtrans-ms
[2013.06.08 22:21:37 | 000,524,288 | -HS- | M] () -- C:\Users\Sabine\ntuser.dat{a48e2328-d077-11e2-a6ef-78843cf86237}.TMContainer00000000000000000002.regtrans-ms
[2011.12.24 21:16:09 | 000,000,020 | -HS- | M] () -- C:\Users\Sabine\ntuser.ini
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

< End of report >
         


Alt 12.06.2013, 11:42   #6
tam
 
Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen? - Standard

Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen?



und Extra.txt
Code:
ATTFilter
OTL Extras logfile created on: 12.06.2013 12:09:27 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Sabine\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,98 Gb Total Physical Memory | 2,14 Gb Available Physical Memory | 53,80% Memory free
7,96 Gb Paging File | 5,62 Gb Available in Paging File | 70,59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 582,06 Gb Total Space | 471,05 Gb Free Space | 80,93% Space Free | Partition Type: NTFS
Drive E: | 3,80 Gb Total Space | 3,79 Gb Free Space | 99,92% Space Free | Partition Type: FAT32
 
Computer Name: SABINE-VAIO | User Name: Sabine | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~4\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~4\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04682D6E-9194-4FDA-9CED-C87C0F7CCF19}" = lport=445 | protocol=6 | dir=in | app=system | 
"{16F0596C-472A-44F1-987D-991CB4C5704A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{1C3B0A23-9AEF-4F7D-B939-0347EEE5A7DE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{1E32D978-D26B-4F08-A7C5-278195962C59}" = lport=139 | protocol=6 | dir=in | app=system | 
"{2534EA55-25B3-4193-9C43-F2611A43FA43}" = rport=139 | protocol=6 | dir=out | app=system | 
"{2910F519-DBD6-4310-A4EF-D33CFD18D322}" = rport=445 | protocol=6 | dir=out | app=system | 
"{2EEAAE20-0887-4E3E-9ECB-4F6CFCDBD55D}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | 
"{335906CC-594E-44F2-9036-EEA7D2A62C3D}" = lport=138 | protocol=17 | dir=in | app=system | 
"{3B903B89-2F76-4226-A92A-4CDDB14353E3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{3E990AC8-F0A0-4DB6-8A25-2C7412221E6F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{4571A56D-5D3A-4256-91F9-9CA0956747F4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{481822C5-645F-46F9-A79B-4A03FFE03646}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{4A6A4CDF-93A9-4EE0-9127-CC484F30B757}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{5C17FFA3-4F2F-4955-859B-1FD905AF82EE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{64171365-47CF-4EBE-8E65-073B65939F5A}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{67ACA84A-233B-43BE-B917-9683D48B289E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{6E4E76A3-0AF6-4F82-B220-E6888E4B70D6}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{6E87BCC5-FBEC-4D14-B6A6-5635ABB28B92}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{77798BD3-F205-44F0-AB19-C3B0808CD1AF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{7A53A647-F6B1-40F9-83DF-DADA96AB26A5}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{7E868C80-0B91-4196-B086-56519816D5E9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{82580085-E221-4DC3-9CEA-6CAB85CE0A17}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{82A2796D-2DCD-486A-B09F-474BFB794F66}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{8A54D234-7EED-43F0-8A4F-F06AECFEAF06}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{99FB0A36-851C-4CFB-BA09-183C2EC6305D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{9A47ADE1-740D-45BA-BFEE-1ED9A037E5BE}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{9A6DB67B-ED5B-4FF4-992A-D4902920EC73}" = rport=138 | protocol=17 | dir=out | app=system | 
"{A02684E4-A2DD-47D2-B635-889CC94A752F}" = rport=137 | protocol=17 | dir=out | app=system | 
"{A0C04190-186E-40CE-B66E-BC025A1E0036}" = lport=53 | protocol=17 | dir=in | app=c:\program files\sony\vaio smart network\wfda\dcdhcpservice.exe | 
"{A62E850F-E341-44E2-B58E-217C422DC8C9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{B647D308-7B96-4994-BD1B-49533AD41B4B}" = lport=137 | protocol=17 | dir=in | app=system | 
"{C25578EE-244F-4F45-9BAD-995588A14324}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{D087F2A3-E773-4838-A5FD-920B035CBF62}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{E1524197-B757-4C26-90F1-F44FD8476602}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{E59CBEA6-6DF0-4DC3-B4F3-08907F3DAE79}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{EECE1108-CC19-4DEB-8271-62647E9ED74C}" = lport=80 | protocol=6 | dir=in | app=c:\program files\sony\vaio smart network\wfda\wifidirectapplication.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00AB2AD7-43CD-48EC-BE59-152BBF6C1BD0}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe | 
"{04472324-8E70-47CC-8F98-AB09F1FEC774}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe | 
"{0B85A101-48F9-488F-A859-A6447EE50004}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{0DFBEBC6-101A-43DF-9679-54C92486F48A}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{123CFC11-786E-4009-B3C9-8546ACE88458}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | 
"{14F0C115-A5D8-4582-AE6D-9C7D747A03F6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{1FFA75DF-FA66-4953-8B80-07FF1CB89A5A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{211B1048-A1D1-4CD8-8159-E294095B7E12}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | 
"{275BF839-24E2-4322-A6F3-209642CC89D2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{2957A0A7-B7CC-484E-B714-6909BBE54A4E}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe | 
"{2BD54C05-69AA-4E91-A386-97A8D17A12A7}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohds.exe | 
"{2D0F0A68-C183-436C-99BC-E9B06169B216}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{31698AA8-8C2C-4895-B605-8885EC75F4FB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{370B4999-494F-4B0E-9FC9-1975ED33675A}" = dir=in | app=c:\users\sabine\appdata\local\microsoft\skydrive\skydrive.exe | 
"{3E1AE3DE-5B4E-4436-B4B0-6788CC1184AC}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{3F8A9F7A-9DD2-448D-A367-72B41079CA9E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{4074E7B4-6CBC-4B1E-A5A6-04665762A117}" = protocol=17 | dir=in | app=c:\users\sabine\appdata\roaming\dropbox\bin\dropbox.exe | 
"{44706F2A-543E-400F-B59E-11BAF966DE88}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe | 
"{521CB336-8FED-4664-8260-21D17AF3981E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{545D28AF-5F6D-418A-869C-F90450ADF7DA}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe | 
"{57EA5446-A278-416E-8DA9-5E7216E36471}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{59B81B48-D1C7-4AA2-BCCD-57D467CC1788}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohcimp.exe | 
"{60260034-B243-44EA-A4A3-AB26CE525987}" = protocol=6 | dir=in | app=c:\users\sabine\appdata\roaming\dropbox\bin\dropbox.exe | 
"{69D23672-828B-4C4A-AE7A-E499F17AC5DC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{6DE7209F-3ACE-4826-A354-271C2122FCF5}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{7084F836-0347-4324-B032-098AA1DC745B}" = protocol=6 | dir=in | app=c:\program files\sony\vaio smart network\wfda\wifidirectapplication.exe | 
"{75225A1B-61FE-4B48-9E06-11DA85033CAA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{7540E8A2-A39C-43E0-9BA7-30C50F119DEA}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{7607F973-0BDC-4DEC-9459-E22A35E7EB76}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe | 
"{838A3C19-78EB-48F5-B83F-C13A311F5948}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{898B8231-8552-4E9D-9F0D-22E94CB88411}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{8A5A7ED2-6373-41D0-AC88-9733DBA77415}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{9EF564B1-EBEC-4657-9147-2187349EE3B6}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{9FBC7748-AEA6-4224-B7A7-631C0A70C4F3}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{AB4892DA-C13C-4521-8968-E930ED53C3E5}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{B10F69BD-6C2D-44B3-9A62-C70AD611C430}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{B3C76FEC-D662-47A1-ACEB-DA5834DED091}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{C18D8F0C-9DAE-431D-8F26-466D40DDA613}" = protocol=6 | dir=out | app=system | 
"{C5FC26D6-4F80-42CF-AF2C-949B2FF3E08E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{C88C0057-5B13-434E-B005-1B4601669E34}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{C9C0C8F5-7379-422E-8FFB-D2C6553FFA9B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe | 
"{CB06E252-368B-4804-8107-168BFBA91E02}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{DA150018-CEAD-417C-886C-BD21E55BD827}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{DB2DE0D9-372D-42A1-8444-A5E4EAF4A916}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{DCE2A952-C6D2-453C-89CE-393D7DBEA360}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | 
"{E52BBD90-5192-400F-8997-A871BEE19A87}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{E53430C4-3E47-4E41-A134-C9DFF1FF38C2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{E7BD1861-FA50-4422-B4EC-8BDE67240054}" = protocol=17 | dir=in | app=c:\program files\sony\vaio smart network\wfda\wifidirectapplication.exe | 
"{F067753A-E306-4E4F-8E4C-438741474237}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{F4D9338A-9A0A-4320-8FB0-33F8B980768D}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe | 
"{F63C0FB0-C211-4FFF-AC0F-77A14FD8C20C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{FBAA8F1C-EFD3-410B-9A3C-09B41022FC59}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{FF0E7364-BE0B-4B34-B80C-5F9C09B73EB7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"TCP Query User{2A157CAE-4044-4CEA-8BEC-8BD116ACE237}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"TCP Query User{8B036BA8-5B36-49B5-AF88-6A2D161B9D21}C:\users\sabine\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\sabine\appdata\roaming\dropbox\bin\dropbox.exe | 
"TCP Query User{AE7A5BDF-EF56-41DB-8F87-1E4A6B475BBE}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe | 
"TCP Query User{AF33B544-EF43-4E58-A9BB-BE8CD8CB0E46}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"TCP Query User{D698731A-B55E-4F9F-AEC0-F81EF0A1C193}C:\program files (x86)\freetorrentviewer\freetorrentviewer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\freetorrentviewer\freetorrentviewer.exe | 
"UDP Query User{0CB05E65-D14F-411F-8F4D-87E2DB822612}C:\users\sabine\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\sabine\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{3811CD56-881F-4CBE-82F5-4D2058F32ED7}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe | 
"UDP Query User{8CDE4B91-1496-47E1-984A-60C33A79C4F5}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"UDP Query User{B4274E35-2013-4F84-9D01-DC748809FD97}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"UDP Query User{FFAE85F8-0F25-4CD1-B644-F95D3B9C213D}C:\program files (x86)\freetorrentviewer\freetorrentviewer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\freetorrentviewer\freetorrentviewer.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{115B60D5-BBDB-490E-AF2E-064D37A3CE01}" = Media Gallery
"{133D3F07-D558-46CE-80E8-F4D75DBBAD63}" = PMB VAIO Edition Plug-in
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java(TM) 6 Update 22 (64-bit)
"{312395BC-7CC2-434C-A660-30250276A926}" = SSLx64
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{4F31AC31-0A28-4F5A-8416-513972DA1F79}" = Sony Corporation
"{5F611ADA-B98C-4DBB-ADDE-414F08457ECF}" = Windows Live Family Safety
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6B7DE186-374B-4873-AEC1-7464DA337DD6}" = VU5x64
"{75C95C84-264F-4CC7-8A7E-346444E6C7C1}" = VAIO Improvement Validation
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99E6C2F3-59B2-4308-B1CD-4928B55B7E30}" = VGClientX64
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 268.31
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 268.31
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 268.31
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240D3}" = WinZip 16.5
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D55EAC07-7207-44BD-B524-0F063F327743}" = VIx64
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EC635BC0-0D7C-4CA2-9B87-2A330C298CB2}" = VAIO Care
"{F1DC5C16-9B1F-467B-85E3-CB48C27AC50D}" = VESx64
"{F2611404-06BF-4E67-A5B7-8DB2FFC1CBF6}" = VSNx64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"{FD868C71-6CCF-42E2-B90D-0504AB0036FE}" = 64 Bit HP CIO Components Installer
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0)
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00476F3E-3C4D-4E02-B8BB-125350157EB9}" = Windows Live Mail
"{0125DB4D-98A0-4DBF-B68A-23BF08FFA6A3}" = Windows Live Messenger
"{03426ED9-9D9C-4F71-B293-BBE6493367A2}" = Windows Live Mail
"{03CC9D58-B132-4CC0-A521-4F3660AA43C7}" = Movie Maker
"{03E2EED4-368D-49EA-B1AC-8B615E37E16D}" = Windows Live Messenger
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{046885A1-B4AE-4459-A0D1-8C93706698D6}" = 
"{048C8498-C20B-4AF7-9978-7A79E567D74C}" = Photo Common
"{058EDEC8-1873-4B49-9A08-54ADE9CC129B}" = Movie Maker
"{06EED60F-7FFC-43A7-936E-AA4A8BD948B4}" = Windows Live Writer
"{07441A52-E208-478A-92B7-5C337CA8C131}" = VAIO - Remote Play mit PlayStation®3
"{087D261B-73AE-4B8A-8F18-2EE80DD2ED8B}" = Фотоальбом
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08D7BC86-7358-464C-8AD0-0D84B5F0A0C9}" = Remote Keyboard
"{0AD576A7-EDCE-469E-ADD7-1AC9DB200C6B}" = Windows Live Mail
"{0B783100-6F04-4E2F-B83D-0A9B4EEDE47A}" = Windows Live Writer Resources
"{0BC39E89-506A-4ADA-8924-27AEE2C97618}" = Windows Live Writer
"{0BFF2188-2D8E-4BE2-95D0-B3CCD4C6A0C9}" = Photo Common
"{0DF95460-2887-4011-9344-1959CDF18ADC}" = Photo Common
"{0E1BB4B4-00FF-45B1-914B-AB8D8B9862B3}" = Windows Live UX Platform Language Pack
"{1026DF85-1C0F-4839-888E-EB9D5B73CF46}" = Windows Live Writer
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{115356B4-8E81-43DB-BB2A-19E5ED95FBAF}" = Фотоколекція
"{15F32CAE-4504-4F33-89F8-182FF38CA036}" = Windows Live Family Safety
"{15F3A6F5-06AE-4332-AE3E-21CD0416827A}" = Windows Live Mail
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{182D3167-FE80-4DF6-96C2-84AC0ABA20D8}" = Windows Live Writer Resources
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19AFD9A4-B584-41C8-91EA-38EB2FC1BD50}" = Windows Live Messenger
"{1A79A578-4277-48AF-98A6-F9E48CF1B6D8}" = Windows Live Writer
"{1C3DA126-D523-4089-BCCA-FA46FE34D6F8}" = Google Drive
"{1D6F9A9A-DCF3-45A7-9B14-46DDA778313F}" = Windows Liven sähköposti
"{1EA7C505-E6DA-4B85-9432-EBD3C70D510D}" = Windows Live Messenger
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{207E9B4C-48A9-47CE-BBC8-ACF0B2006351}" = Windows Live Mail
"{21DD6041-7251-40FA-9D06-C5EB30268E0F}" = Qualcomm Atheros Direct Connect
"{23A3E560-069F-4CFC-8F6C-1B526EC735FC}" = Windows Live Writer Resources
"{241F87F6-CEA4-4493-B4EE-0973C6088FEC}" = Windows Live Family Safety
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{254F7574-53A7-43D1-BC4D-B1E894AEE175}" = Windows Live Writer
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{262E7632-72F9-4CBE-9461-937F24106EF2}" = Windows Live Essentials
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{270380EB-8812-42E1-8289-53700DB840D2}" = PMB VAIO Edition Plug-in
"{28B2947F-FC0B-4450-80E3-6DF698E824A6}" = Windows Liven peruspaketti
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2A078A2B-E2C8-43A3-862C-DC57090AB7C2}" = Movie Maker
"{2AC4C6D7-512D-4B78-A85B-2C16E748AB8E}" = Movie Maker
"{2B068A64-F867-44E9-8827-A795647C8730}" = Фотографии (общедоступная версия)
"{2B919309-7052-45A4-B1C8-5B4894E8648B}" = Windows Live Writer
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{306C7AEF-16C7-428D-93AA-99D4A4090243}" = Movie Maker
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{31846283-C955-4CE1-9297-8670BD0C9A7E}" = Windows Live Messenger
"{32AA7594-09A9-437F-9541-5F760509B752}" = Фотогалерия
"{330BBA5F-4A63-4545-900F-8446F205BA52}" = Windows Live Writer Resources
"{34C5AD54-3CCD-4935-AB8D-8527058B96F7}" = Windows Live UX Platform Language Pack
"{35CB7C2D-B421-46FC-89CF-3B630628876F}" = Windows Live Writer Resources
"{36BEC461-B58A-414D-993E-E2BDD1F1A14B}" = Movie Maker
"{373EF285-A2DC-44EB-8D79-18918F33CB3A}" = Windows Live Messenger
"{37FDD121-C443-4FD3-A213-2449B397C068}" = Windows Live Messenger
"{381AAE35-6FB5-437E-8DD9-9C5C733943ED}" = Windows Live Family Safety
"{38911305-6616-4D26-91DB-AD83B1F2DCF0}" = Windows Live Mail
"{3A26D9BD-0F73-432D-B522-2BA18138F7EF}" = VAIO Improvement
"{3A94F54D-A8A4-4B82-B346-92B4D56A2708}" = VESx86
"{3A9ECD64-DE00-4779-A89E-C878513B2B37}" = Windows Live Writer Resources
"{3C3DCD2B-6FC7-41BF-BB80-40A936E1A785}" = Windows Live Writer
"{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}" = Fotogalerie
"{3D44D783-D027-4135-AC39-81E320ED2D3A}" = Windows Live Family Safety
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F459DA9-0D88-452E-97A4-5B69C8C8C6B5}" = Windows Live Family Safety
"{3FD0036E-236A-4EDD-894D-4374BEE64464}" = Windows Live UX Platform Language Pack
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{42B6C7E0-0DAE-488D-8DAF-838898102F19}" = Windows Live Writer
"{446CC8CE-0E90-44F7-ADD0-774B243EF090}" = Galerie de photos
"{46A648D2-C097-41A3-A517-E709F045B6CD}" = Movie Maker
"{49B666FA-917B-48D7-B81D-E7F829CFC713}" = Windows Live Family Safety
"{49F068F2-4323-417B-AFC8-1E43F479D46C}" = Windows Live Essentials
"{49F8A207-E3A3-4DAF-A0CC-9A787F1D8424}" = Windows Live Family Safety
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA2A466-8031-403A-8236-5301B4E391FB}" = Windows Live UX Platform Language Pack
"{4AF53C99-315D-4536-873F-029D2D274AE2}" = Photo Common
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4E55905B-849D-4633-9267-3EC77E24221A}" = Poczta usługi Windows Live
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{5078CEC3-A56F-4080-8CD4-ED7BCBE5686B}" = Photo Common
"{50849B2C-097E-47A5-A076-6F11A939E093}" = Windows Live Mail
"{51449A7F-4820-4757-9236-87A3BE7B6F27}" = Windows Live Writer
"{51EF51B6-0D9F-4977-8F9D-A1E15017D2B7}" = Windows Live Mail
"{537B16E0-A39F-47CB-9C1E-50978862B108}" = Windows Live UX Platform Language Pack
"{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}" = VAIO Sample Contents
"{55268806-FC27-4CA2-9CCA-1269FD4831FE}" = Windows Live Writer
"{56232E3D-7EA9-45E0-A371-26CD80510AF7}" = Windows Live UX Platform Language Pack
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5917D694-AFC3-46BF-8CAB-0DABAF9D6FCB}" = Windows Live UX Platform Language Pack
"{5A30E103-9FA6-4A23-A107-E1F5F174BB62}" = Windows Live Temel Parçalar
"{5A92468F-3ED8-4F96-A9E1-4F176C80EC29}" = VAIO Quick Web Access
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{5FA51AAF-23FE-42F4-A724-D79F85F41D4B}" = Remote Play with PlayStation 3
"{5FE3BC4E-2BD5-4D6B-8BC4-640A42626AAD}" = Почта Windows Live
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61438020-DDD4-42FA-99A2-50225441980A}" = ArcSoft Magic-i Visual Effects 2
"{6209125A-46C5-4099-96DC-72FD55B07C1C}" = Windows Live Writer Resources
"{62BBCDDC-4979-4E59-9D97-5B8E874C3191}" = Movie Maker
"{62CC9AF4-EDD9-43C8-9856-FFD60362CFA9}" = Windows Live Messenger
"{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{66081CDD-C1FE-415F-BB3A-F2622BA27461}" = PMB VAIO Edition Guide
"{66DB6D91-BF91-480B-933D-7CB8B1E64D74}" = Windows Live Messenger
"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6B722793-E77B-41F5-BAB3-6C9832274E75}" = PC Connectivity Solution
"{6B8F13E2-F02B-445C-9A31-3C0E5D547CBA}" = Photo Common
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6DA675F3-B549-4BDE-90FA-BEF8C3B87F00}" = Windows Live Mail
"{6EED9925-813E-4E4A-ABAA-9A8744C49510}" = Cisco AnyConnect Secure Mobility Client
"{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}" = Nokia Connectivity Cable Driver
"{701FE1BC-834A-4857-AF62-6EBA50CFBC78}" = Movie Maker
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{70991E0A-1108-437E-BA7D-085702C670C0}" = 
"{70BF63A5-DE6A-417C-AB93-5E31D0DA994E}" = Windows Live Writer
"{70EED410-697B-4193-A2CB-2F790F82B420}" = VAIO Data Restore Tool
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7211F448-F865-4D37-B905-24D84E6C3E5E}" = Windows Live Writer Resources
"{72DFDA9F-C07B-40B6-BA5C-C4C04AFF883D}" = Windows Live Family Safety
"{73669388-1011-4B57-A90F-8B0415093AB2}" = Windows Live Writer
"{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}" = VAIO - Remote-Tastatur 
"{73D8886A-D416-4687-B609-0D3836BA410C}" = VAIO Event Service
"{743FD554-A73F-4FE8-BE7B-C283D16297F9}" = Photo Common
"{7595CAD2-87D0-4D01-AC02-3FDD3A891BB8}" = Galeria fotografii
"{7607440C-FDCA-4210-9CD9-13D8F0DDAD0C}" = Windows Live Writer Resources
"{76DAEC83-AF7B-333C-8A53-83D7C7D39199}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU
"{76E62ACD-1536-4AC7-9A2E-B7DB4F2ACE5E}" = Windows Live Family Safety
"{794D971F-7EC1-4F71-A51C-773074CAB8DA}" = Windows Live Writer
"{797DC296-ADC5-4A08-8CBC-AEB0D6F4B249}" = Windows Live Essentials
"{7A83618D-879A-4258-8B5E-5AD8B5F3EDD0}" = Windows Live Writer
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7B0C5EF6-DE4C-4E20-8889-C17604FFE5CD}" = Windows Live Family Safety
"{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"{7D916FA5-DAE9-4A25-B089-655C70EAF607}" = Atheros WiFi Driver Installation
"{7E41F42B-7ED8-4E15-A492-B93B287C027F}" = Windows Live Writer Resources
"{7E63F102-A9E9-4F4C-8004-BC62974736BF}" = Movie Maker
"{7E9A63B3-8572-4A4B-9F87-3C2A873BBC55}" = Windows Live UX Platform Language Pack
"{8146445E-B14D-4CBA-AB9A-728CF166DAC9}" = Windows Live Messenger
"{8176B9CA-F037-49C0-BD77-661B1DDCA6F3}" = Movie Maker
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" = 
"{8356CB97-A48F-44CB-837A-A12838DC4669}" = PMB VAIO Edition Plug-in
"{83C9377F-5ED1-4AD8-B113-7C876AEAF3AB}" = Windows Live Messenger
"{8502F597-4852-48BB-99E5-824AC4C057F0}" = Windows Live Family Safety
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" = 
"{857BC375-BCFB-474E-9BD9-7EBB18EC55E0}" = Windows Live Essentials
"{85CE9026-C02A-46B4-B08C-4C77CCCC54FF}" = Windows Live Family Safety
"{86C40513-B5A4-476E-9EAB-EC118DCF4502}" = Windows Live Writer
"{87425773-10F4-4858-8CBF-465093FA43DE}" = Windows Live Mail
"{88809C3E-8C92-4454-AEB7-B26166E3D6CD}" = Windows Live UX Platform Language Pack
"{8913AC02-67B8-4B52-91B2-BBA7B9C265B5}" = Windows Live Writer Resources
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8AAEB5A5-A397-46B6-8AF3-B6DC790C4E48}" = Windows Live Messenger
"{8B583EF5-FA7B-4AE2-9008-51B7FD505886}" = VGClientX86
"{8D813AFF-D91D-4EE0-821F-B901FC2E89FA}" = Windows Live
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E241C05-52BF-4862-AD1F-AAE465C0075B}" = Windows Live Mail
"{8E87B944-4815-3C5E-947F-5035C9F64362}" = Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{902C4E0E-89CE-43B9-BCC0-F3A91E987F99}" = Windows Live Writer
"{9038E0C6-9CB9-4380-8FA3-B6B30FA304CF}" = Основи Windows Live
"{9093B0D5-EA59-4C9E-A2E3-CC130138DFCD}" = Fotogaléria
"{90993BD9-C7D9-4C2F-B56C-2F7AFEBD4CD0}" = Windows Live UX Platform Language Pack
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95D78710-DEE9-4577-9FC6-35BE431898DC}" = Windows Live Family Safety
"{96361BC7-B7C8-4594-AD89-813C371F4246}" = Windows Live Writer Resources
"{9636FF74-65AF-4714-90A4-08982C368100}" = Windows Live Family Safety
"{968B8056-7631-4204-9BFB-CF7E0965C31F}" = Windows Live Messenger
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{989889A7-D13D-4DA4-B059-B250784DFABC}" = Photo Common
"{9939B8FF-7D2D-4258-B5B9-B6BA8DD59905}" = Windows Live Mail
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B088046-8A01-4355-99DD-8530C022F682}" = VCCx86
"{9B4D3AFE-8679-4704-AA4C-BAB0E41870EF}" = Windows Live Essentials
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C60D080-84E7-43A5-8ECA-28253D253BD7}" = Windows Live Essentials
"{9D12A8B5-9D41-4465-BF11-70719EB0CD02}" = VU5x86
"{9D3B7B6C-1493-441C-99B6-26A419354812}" = Windows Live Writer
"{9EDF46F0-2D4E-4C00-B2B6-0660666E9F60}" = Movie Maker
"{9F470E17-4FC3-4091-A508-D5347A16A2B9}" = Fotogalleriet
"{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}" = VAIO Update
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A035950F-15BA-41C0-9D8F-165FC0536012}" = Movie Maker
"{A0E4C4A6-1CC7-4442-8CAE-2D825B7BC1C1}" = Windows Live Writer Resources
"{A17946CA-18E5-4CF0-8D55-A56D804718F8}" = Movie Maker
"{A17D2142-6D09-4C3D-AD24-FDF9EF3198C3}" = Windows Live Writer Resources
"{A19A8C25-272A-4CD6-8BA8-3772321A021B}" = Συλλογή φωτογραφιών
"{A1FBD2B3-6768-472D-BA46-C00EACBCE16C}" = Fotogalerie
"{A37F2060-813A-4325-9456-272B10EE75EF}" = Windows Live Essentials
"{A3D995FA-C9A0-4E7D-B430-3F7A6731B4D5}" = Windows Live UX Platform Language Pack
"{A412D7BD-FD86-461D-B385-CD8062F34131}" = Windows Live Messenger
"{A47EA9D4-BB87-415E-9239-28860434E5A0}" = Movie Maker
"{A49A517F-5332-4665-922C-6D9AD31ADD4F}" = VSNx86
"{A58FCEF4-3191-466C-8949-0FFFFFB7631D}" = Windows Live Writer Resources
"{A5DC64EE-2FC4-4C35-9975-639DD8499369}" = Windows Live Family Safety
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7E73DE5-E5FD-4923-9D88-E09ECD1F3545}" = Podstawowe programy Windows Live
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AA82E5EF-70C2-41CB-8432-309078304CBB}" = Photo Common
"{ABAF6F07-0D84-4700-948E-EC5042B9D978}" = Windows Live Mail
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{ADE1F206-1365-4B14-9A24-4B1A7DD58BAC}" = Windows Live UX Platform Language Pack
"{AE364ACC-B9DF-466B-B4EA-AEECD0CD581E}" = Windows Live Messenger
"{AE8044B5-FCA3-4EBE-AC78-0FB3A6E8DC76}" = Movie Maker
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B096A0E4-26A1-4E9F-8548-577964B9434B}" = Windows Live Essentials
"{B306F739-A414-4698-BFAD-0AB23F73D14F}" = Windows Live Messenger
"{B474FC1C-4619-4C99-8ECE-382D71627CCA}" = Windows Live Family Safety
"{B625668D-34AA-462D-AA32-44BFA70F08E7}" = Windows Live Messenger
"{B67B2671-2981-466B-BA14-25538AA871DC}" = Windows Live Messenger
"{B693A4C3-B708-4F25-978E-56CA2517914C}" = Windows Live UX Platform Language Pack
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B77D2795-23C0-4DBD-B7B5-CFB542D1FA3F}" = Windows Live Writer Resources
"{B7F31B9C-8775-4500-8E9D-6ABE9AE17CF4}" = Windows Live Essentials
"{B80D3EA9-A252-4AE5-AC51-81729F5C586F}" = Windows Live Mail
"{B8991D99-88FD-41F2-8C32-DB70278D5C30}" = VWSTx86
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BA068968-594F-40BE-8EE8-99119123C991}" = Windows Live UX Platform Language Pack
"{BAD4B8FA-4BDA-4A59-BE64-9741031680C7}" = Movie Maker
"{BE5FFB4F-FA58-48DF-BDA9-E7AE79DA9C3E}" = Windows Live Family Safety
"{BFA6D5AD-25EA-475F-AD80-ECD408C674AB}" = Movie Maker
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C0AA1615-49F8-4580-A329-63693C7C5127}" = Windows Live Family Safety
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C2F1EBBF-9AC4-4E0B-A7F4-74C9C7AD4813}" = Galerie foto
"{C32F4F5A-C9FB-427C-9F6F-9DB157611FFF}" = Valokuvavalikoima
"{C346ACB1-BD21-402E-8F2D-E08E58AD1105}" = Windows Live Family Safety
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C4D82144-B2D5-4A0E-A470-16F13EBC5BCB}" = Windows Live Essentials
"{C595F480-788A-4F8F-8277-1A91F32CA879}" = Windows Live Writer
"{C67BC332-A59A-4D40-977F-664F60AB21D8}" = Photo Common
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO-Handbuch
"{C72E35E5-C5C6-4328-AD9A-BBCCC816A2E6}" = VAIO Hardware Diagnostics
"{C7929038-EDFB-416D-A2C9-CC65416DA0DF}" = Photo Common
"{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}" = ArcSoft WebCam Companion 4
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{C9D08433-5FDD-43C6-8482-7AFA7D891D98}" = Windows Live UX Platform Language Pack
"{CAEDA0C9-8B41-4D69-B4D6-5AC66AAF44FB}" = Photo Common
"{CD239A50-AD95-4A72-9D5F-D4FBD4B89417}" = Movie Maker
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CE44687E-BC21-4B69-B0AE-6BDFD6B5C327}" = Windows Live Messenger
"{CE542E0D-E056-4426-9F98-084C13E18641}" = Windows Live UX Platform Language Pack
"{D04EBB49-C985-4A38-8695-62000861293A}" = Raccolta foto
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D16E0F0C-5D10-45CF-A585-CE3689B5A913}" = Windows Live Writer
"{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}" = VIx86
"{D1952E4A-9F67-4693-A06D-DA8E0FB2B00D}" = Windows Live Essentials
"{D1F5A388-09C9-4998-A793-B15DCDEB3B42}" = Photo Common
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D4EA8070-20E0-4BAF-BC44-D166C292FEBE}" = Windows Live Writer Resources
"{D824AFCC-3408-4FB2-A6C9-28C660700DD4}" = Photo Common
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{DAD85607-2C8E-43D5-B068-4B218F1A7DB8}" = Windows Live Mail
"{DB7B6508-2AAB-4F26-99D4-74559A2F5E42}" = Fotoğraf Galerisi
"{DFB0E1FE-B5DE-42D7-97A9-2A69FB530A73}" = Windows Live Messenger
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0E0FB88-D570-463E-A98E-733B7B656867}" = Photo Gallery
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{E18F981B-401C-4D90-BC57-D8903564D558}" = Windows Live UX Platform Language Pack
"{E22E95E7-0A26-4AEC-A907-390C568C5BC1}" = Windows Live Messenger
"{E354D495-5DA4-4CCF-AB39-080F6A4141BE}" = Fotogalleri
"{E3A0C45A-7EDB-48EB-AB86-2445E74FBFBB}" = Nokia Suite
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E50E3DBC-46AA-4827-B2A6-F995D81DF526}" = Fotótár
"{E570053D-8ABC-4938-9E23-C634E08E7490}" = Windows Live Mail
"{E800ADC4-F459-42F5-89A2-E754634B010A}" = Windows Live Writer Resources
"{EB91007A-0110-42A6-B869-2709955A9B2A}" = Photo Common
"{EC33D375-5164-4374-9061-43F5C6073219}" = Photo Common
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{F009AAA8-7735-4A95-A87D-09DF838282E3}" = Windows Live Family Safety
"{F09DD76B-D3D3-4558-B5BC-F1EEA6E00162}" = Windows Live UX Platform Language Pack
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F1CA7DAE-F998-499C-8CA5-FC58CA2416EC}" = Windows Live Essentials
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F29C9CFE-350A-42AC-A7C8-04154D5FE8A9}" = Windows Live Writer
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F54030F3-14B6-432D-9361-78DCB1473920}" = Photo Common
"{F54A07A9-9716-4094-9E79-F5E929679FFF}" = Windows Live Writer Resources
"{F5E338CE-E1C6-4F7D-8300-44DBD05B9F14}" = Galeria de Fotografias
"{F67CA22C-C11F-4573-8406-57F75BA06B51}" = Photo Gallery
"{F7304CCF-B4A0-49C7-88A8-CD3F28FFBF9A}" = Основные компоненты Windows Live
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FA75723A-BF4A-40A2-BFCB-BBC320C27DC9}" = Windows Live Mail
"{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}" = VAIO - Media Gallery
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FEFD91C5-A25D-48D9-89DA-0FB7BB8B3EF7}" = Windows Live Writer Resources
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Arovax AntiSpyware" = Arovax AntiSpyware 2.1.153
"Avira AntiVir Desktop" = Avira Free Antivirus
"Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client 
"DivX Setup" = DivX-Setup
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}" = VAIO - PMB VAIO Edition Plug-in
"InstallShield_{66081CDD-C1FE-415F-BB3A-F2622BA27461}" = VAIO - PMB VAIO Edition Guide
"InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nokia Suite" = Nokia Suite
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PC Performer_is1" = PC Performer
"Ravensburger tiptoi" = Ravensburger tiptoi
"Security Task Manager" = Security Task Manager 1.8g
"splashtop" = VAIO Quick Web Access
"VAIO Help and Support" = 
"VAIO Hero Screensaver - Summer 2011 Screensaver" = VAIO Hero Screensaver - Summer 2011 Screensaver
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-Bit)
"xp-AntiSpy" = xp-AntiSpy 3.98-2
"Zotero Standalone 4.0.8 (x86 en-US)" = Zotero Standalone 4.0.8 (x86 en-US)
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"SkyDriveSetup.exe" = Microsoft SkyDrive
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 31.12.2012 06:58:05 | Computer Name = Sabine-VAIO | Source = WinMgmt | ID = 10
Description = 
 
Error - 01.01.2013 13:01:35 | Computer Name = Sabine-VAIO | Source = WinMgmt | ID = 10
Description = 
 
Error - 02.01.2013 04:39:56 | Computer Name = Sabine-VAIO | Source = WinMgmt | ID = 10
Description = 
 
Error - 02.01.2013 18:25:38 | Computer Name = Sabine-VAIO | Source = WinMgmt | ID = 10
Description = 
 
Error - 04.01.2013 05:18:30 | Computer Name = Sabine-VAIO | Source = WinMgmt | ID = 10
Description = 
 
Error - 05.01.2013 09:08:53 | Computer Name = Sabine-VAIO | Source = WinMgmt | ID = 10
Description = 
 
Error - 06.01.2013 10:25:27 | Computer Name = Sabine-VAIO | Source = WinMgmt | ID = 10
Description = 
 
Error - 07.01.2013 06:16:15 | Computer Name = Sabine-VAIO | Source = WinMgmt | ID = 10
Description = 
 
Error - 08.01.2013 06:33:31 | Computer Name = Sabine-VAIO | Source = WinMgmt | ID = 10
Description = 
 
Error - 10.01.2013 06:54:18 | Computer Name = Sabine-VAIO | Source = WinMgmt | ID = 10
Description = 
 
[ Cisco AnyConnect Secure Mobility Client Events ]
Error - 12.06.2013 02:32:14 | Computer Name = Sabine-VAIO | Source = acvpnagent | ID = 67108866
Description = Function: CMainThread::applyHostConfigForNoVpn File: .\MainThread.cpp
Line:
 8285 Invoked Function: CHostConfigMgr::DeterminePublicInterface Return Code: -32571377
 (0xFE0F000F) Description: NETINTERFACE_ERROR_INTERFACE_NOT_AVAILABLE 
 
Error - 12.06.2013 02:32:14 | Computer Name = Sabine-VAIO | Source = acvpnagent | ID = 67108866
Description = Function: CMainThread::OnTimerExpired File: .\MainThread.cpp Line: 4556
Invoked
 Function: CMainThread::applyHostConfigForNoVpn Return Code: -32571377 (0xFE0F000F)
Description:
 NETINTERFACE_ERROR_INTERFACE_NOT_AVAILABLE 
 
Error - 12.06.2013 02:32:15 | Computer Name = Sabine-VAIO | Source = acvpnagent | ID = 67108866
Description = Function: CIPv4ChangeRouteHelper::FindBestRoute File: .\IPv4ChangeRouteHelper.cpp
Line:
 2660 Invoked Function: CIPv4RouteTable::FindMatchingRoute Return Code: -33095647 
(0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
Error - 12.06.2013 02:32:15 | Computer Name = Sabine-VAIO | Source = acvpnagent | ID = 67108866
Description = Function: CRouteMgr::UpdatePublicAddress File: .\RouteMgr.cpp Line: 
2169 Invoked Function: CChangeRouteTable::FindBestRouteInterface Return Code: -33095647
 (0xFE070021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED 
 
Error - 12.06.2013 02:34:09 | Computer Name = Sabine-VAIO | Source = acvpnagent | ID = 67108866
Description = Function: CChangeRouteHelper::ClearRouteTable File: .\ChangeRouteHelper.cpp
Line:
 633 Invoked Function: AddRoute Return Code: -33095642 (0xFE070026) Description: ROUTETABLE_ERROR_CREATEIPFORWARDENTRY_ALREADY_EXISTS
the
 interface appears to be available
 
Error - 12.06.2013 02:34:09 | Computer Name = Sabine-VAIO | Source = acvpnagent | ID = 67108866
Description = Function: CChangeRouteHelper::ClearRouteTable File: .\ChangeRouteHelper.cpp
Line:
 617 Invoked Function: DeleteRoute Return Code: -33095666 (0xFE07000E) Description:
 ROUTETABLE_ERROR_DELETEIPFORWARDENTRY_FAILED the interface appears to be available
 
Error - 12.06.2013 02:34:09 | Computer Name = Sabine-VAIO | Source = acvpnagent | ID = 67108866
Description = Function: CChangeRouteHelper::ClearRouteTable File: .\ChangeRouteHelper.cpp
Line:
 617 Invoked Function: DeleteRoute Return Code: -33095666 (0xFE07000E) Description:
 ROUTETABLE_ERROR_DELETEIPFORWARDENTRY_FAILED the interface appears to be available
 
Error - 12.06.2013 02:34:16 | Computer Name = Sabine-VAIO | Source = acvpnagent | ID = 67108866
Description = Function: CThread::invokeRun File: .\Utility\Thread.cpp Line: 376 Invoked
 Function: IRunnable::Run Return Code: -32047093 (0xFE17000B) Description: BROWSERPROXY_ERROR_NO_PROXY_FILE

 
Error - 12.06.2013 02:35:04 | Computer Name = Sabine-VAIO | Source = acvpnui | ID = 67108866
Description = Function: CMainFrame::getDARTInstallDir File: .\mainfrm.cpp Line: 4618
Invoked
 Function: MsiEnumProductsExW Return Code: 259 (0x00000103) Description: Es sind keine
 Daten mehr verfügbar.   
 
Error - 12.06.2013 02:35:06 | Computer Name = Sabine-VAIO | Source = acvpnui | ID = 67108865
Description = Function: ConnectMgr::activateConnectEvent File: .\ConnectMgr.cpp Line:
 1127 NULL object. Cannot establish a connection at this time.
 
[ OSession Events ]
Error - 13.08.2012 09:27:36 | Computer Name = Sabine-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 21561
 seconds with 13860 seconds of active time.  This session ended with a crash.
 
Error - 16.08.2012 14:31:10 | Computer Name = Sabine-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 12254
 seconds with 8340 seconds of active time.  This session ended with a crash.
 
Error - 16.08.2012 15:06:34 | Computer Name = Sabine-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2107
 seconds with 1800 seconds of active time.  This session ended with a crash.
 
Error - 22.04.2013 07:43:12 | Computer Name = Sabine-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1693
 seconds with 120 seconds of active time.  This session ended with a crash.
 
Error - 03.06.2013 10:01:05 | Computer Name = Sabine-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 14057
 seconds with 540 seconds of active time.  This session ended with a crash.
 
Error - 03.06.2013 15:24:40 | Computer Name = Sabine-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 3128
 seconds with 2400 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 11.06.2013 23:12:08 | Computer Name = Sabine-VAIO | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
 und wird nicht verwendet. Der Treiber wurde entladen.
 
Error - 11.06.2013 23:12:15 | Computer Name = Sabine-VAIO | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 12.06.2013 01:27:59 | Computer Name = Sabine-VAIO | Source = DCOM | ID = 10010
Description = 
 
Error - 12.06.2013 01:28:09 | Computer Name = Sabine-VAIO | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
 und wird nicht verwendet. Der Treiber wurde entladen.
 
Error - 12.06.2013 02:20:56 | Computer Name = Sabine-VAIO | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
 und wird nicht verwendet. Der Treiber wurde entladen.
 
Error - 12.06.2013 02:21:33 | Computer Name = Sabine-VAIO | Source = DCOM | ID = 10010
Description = 
 
Error - 12.06.2013 02:21:36 | Computer Name = Sabine-VAIO | Source = Service Control Manager | ID = 7031
Description = Der Dienst "avast! Antivirus" wurde unerwartet beendet. Dies ist bereits
 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt:
 Neustart des Diensts.
 
Error - 12.06.2013 02:22:34 | Computer Name = Sabine-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 avast! Firewall erreicht.
 
Error - 12.06.2013 02:22:34 | Computer Name = Sabine-VAIO | Source = Service Control Manager | ID = 7000
Description = Der Dienst "avast! Firewall" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%1053
 
Error - 12.06.2013 04:35:31 | Computer Name = Sabine-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Windows-Fehlerberichterstattungsdienst erreicht.
 
 
< End of report >
         

Alt 12.06.2013, 14:07   #7
markusg
/// Malware-holic
 
Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen? - Standard

Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen?



Hi,
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 12.06.2013, 14:20   #8
tam
 
Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen? - Standard

Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen?



Hi, hier das Ergebnis:
Code:
ATTFilter
15:12:41.0928 3004  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:12:42.0368 3004  ============================================================
15:12:42.0368 3004  Current date / time: 2013/06/12 15:12:42.0368
15:12:42.0368 3004  SystemInfo:
15:12:42.0368 3004  
15:12:42.0368 3004  OS Version: 6.1.7601 ServicePack: 1.0
15:12:42.0368 3004  Product type: Workstation
15:12:42.0368 3004  ComputerName: SABINE-VAIO
15:12:42.0369 3004  UserName: Sabine
15:12:42.0369 3004  Windows directory: C:\Windows
15:12:42.0369 3004  System windows directory: C:\Windows
15:12:42.0369 3004  Running under WOW64
15:12:42.0369 3004  Processor architecture: Intel x64
15:12:42.0369 3004  Number of processors: 4
15:12:42.0369 3004  Page size: 0x1000
15:12:42.0369 3004  Boot type: Normal boot
15:12:42.0369 3004  ============================================================
15:12:43.0277 3004  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:12:43.0285 3004  Drive \Device\Harddisk1\DR1 - Size: 0xF3630000 (3.80 Gb), SectorSize: 0x200, Cylinders: 0x1F0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:12:43.0288 3004  ============================================================
15:12:43.0288 3004  \Device\Harddisk0\DR0:
15:12:43.0288 3004  MBR partitions:
15:12:43.0288 3004  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C06800, BlocksNum 0x32000
15:12:43.0288 3004  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1C38800, BlocksNum 0x48C1FAB0
15:12:43.0288 3004  \Device\Harddisk1\DR1:
15:12:43.0289 3004  MBR partitions:
15:12:43.0289 3004  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x38, BlocksNum 0x79B148
15:12:43.0289 3004  ============================================================
15:12:43.0312 3004  C: <-> \Device\Harddisk0\DR0\Partition2
15:12:43.0313 3004  ============================================================
15:12:43.0313 3004  Initialize success
15:12:43.0313 3004  ============================================================
15:16:01.0677 8628  ============================================================
15:16:01.0677 8628  Scan started
15:16:01.0677 8628  Mode: Manual; SigCheck; TDLFS; 
15:16:01.0677 8628  ============================================================
15:16:02.0270 8628  ================ Scan system memory ========================
15:16:02.0270 8628  System memory - ok
15:16:02.0271 8628  ================ Scan services =============================
15:16:02.0505 8628  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:16:02.0840 8628  1394ohci - ok
15:16:02.0936 8628  [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
15:16:03.0051 8628  ACDaemon - ok
15:16:03.0099 8628  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:16:03.0156 8628  ACPI - ok
15:16:03.0173 8628  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:16:03.0261 8628  AcpiPmi - ok
15:16:03.0329 8628  [ E5568164C070A4988BD79C896920B3C6 ] acsock          C:\Windows\system32\DRIVERS\acsock64.sys
15:16:03.0370 8628  acsock - ok
15:16:03.0443 8628  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:16:03.0482 8628  AdobeARMservice - ok
15:16:03.0606 8628  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:16:03.0658 8628  AdobeFlashPlayerUpdateSvc - ok
15:16:03.0726 8628  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:16:03.0786 8628  adp94xx - ok
15:16:03.0826 8628  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:16:03.0878 8628  adpahci - ok
15:16:03.0900 8628  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:16:03.0946 8628  adpu320 - ok
15:16:03.0985 8628  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:16:04.0298 8628  AeLookupSvc - ok
15:16:04.0340 8628  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
15:16:04.0434 8628  AFD - ok
15:16:04.0491 8628  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:16:04.0528 8628  agp440 - ok
15:16:04.0576 8628  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
15:16:04.0645 8628  ALG - ok
15:16:04.0678 8628  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:16:04.0712 8628  aliide - ok
15:16:04.0733 8628  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
15:16:04.0766 8628  amdide - ok
15:16:04.0800 8628  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:16:04.0850 8628  AmdK8 - ok
15:16:04.0869 8628  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
15:16:04.0924 8628  AmdPPM - ok
15:16:05.0010 8628  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:16:05.0050 8628  amdsata - ok
15:16:05.0083 8628  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
15:16:05.0129 8628  amdsbs - ok
15:16:05.0160 8628  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:16:05.0196 8628  amdxata - ok
15:16:05.0373 8628  [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:16:05.0413 8628  AntiVirSchedulerService - ok
15:16:05.0491 8628  [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:16:05.0516 8628  AntiVirService - ok
15:16:05.0573 8628  [ 12BFA9EC4B03CC16BB7D19BAA308AEF2 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
15:16:05.0624 8628  ApfiltrService - ok
15:16:05.0666 8628  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
15:16:05.0923 8628  AppID - ok
15:16:05.0969 8628  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:16:06.0086 8628  AppIDSvc - ok
15:16:06.0140 8628  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
15:16:06.0213 8628  Appinfo - ok
15:16:06.0263 8628  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
15:16:06.0302 8628  arc - ok
15:16:06.0336 8628  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:16:06.0376 8628  arcsas - ok
15:16:06.0398 8628  [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
15:16:06.0425 8628  ArcSoftKsUFilter - ok
15:16:06.0518 8628  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:16:06.0554 8628  aspnet_state - ok
15:16:06.0587 8628  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:16:06.0696 8628  AsyncMac - ok
15:16:06.0744 8628  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
15:16:06.0777 8628  atapi - ok
15:16:06.0813 8628  [ 50F257E19554421B6891E3F998EDCA90 ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
15:16:06.0877 8628  AthBTPort - ok
15:16:06.0929 8628  [ 4119870B90E1B5E7797D6433D21F9216 ] ATHDFU          C:\Windows\System32\Drivers\AthDfu.sys
15:16:06.0997 8628  ATHDFU - ok
15:16:07.0099 8628  [ 650F111D5CDA64C10AE4B9D1BA9D4FFF ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
15:16:07.0152 8628  Atheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - warning
15:16:07.0152 8628  Atheros Bt&Wlan Coex Agent - detected UnsignedFile.Multi.Generic (1)
15:16:07.0174 8628  [ EBC3119394C9074A9CD87578A435050D ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
15:16:07.0202 8628  AtherosSvc ( UnsignedFile.Multi.Generic ) - warning
15:16:07.0202 8628  AtherosSvc - detected UnsignedFile.Multi.Generic (1)
15:16:07.0323 8628  [ A5E770426D18F8EF332A593F3289DA91 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
15:16:07.0504 8628  athr - ok
15:16:07.0602 8628  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:16:07.0751 8628  AudioEndpointBuilder - ok
15:16:07.0770 8628  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:16:07.0877 8628  AudioSrv - ok
15:16:07.0962 8628  [ 09E6069EF94B345061B4BD3CEBD974C8 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
15:16:08.0004 8628  avgntflt - ok
15:16:08.0042 8628  [ 488486DAD09A5B6C6DBB8B990A8B2307 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
15:16:08.0084 8628  avipbb - ok
15:16:08.0102 8628  [ 490FA25161BF3E51993EB724ECF0ACEB ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
15:16:08.0136 8628  avkmgr - ok
15:16:08.0175 8628  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:16:08.0287 8628  AxInstSV - ok
15:16:08.0340 8628  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
15:16:08.0419 8628  b06bdrv - ok
15:16:08.0476 8628  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:16:08.0534 8628  b57nd60a - ok
15:16:08.0580 8628  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:16:08.0650 8628  BDESVC - ok
15:16:08.0686 8628  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:16:08.0814 8628  Beep - ok
15:16:08.0879 8628  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
15:16:09.0029 8628  BFE - ok
15:16:09.0093 8628  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
15:16:09.0247 8628  BITS - ok
15:16:09.0287 8628  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
15:16:09.0339 8628  blbdrive - ok
15:16:09.0373 8628  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:16:09.0454 8628  bowser - ok
15:16:09.0499 8628  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
15:16:09.0562 8628  BrFiltLo - ok
15:16:09.0592 8628  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
15:16:09.0633 8628  BrFiltUp - ok
15:16:09.0702 8628  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
15:16:09.0782 8628  Browser - ok
15:16:09.0836 8628  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:16:09.0923 8628  Brserid - ok
15:16:09.0985 8628  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:16:10.0057 8628  BrSerWdm - ok
15:16:10.0110 8628  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:16:10.0168 8628  BrUsbMdm - ok
15:16:10.0201 8628  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:16:10.0245 8628  BrUsbSer - ok
15:16:10.0297 8628  [ B3BCD755FA9A359D10208CC9F09847CC ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
15:16:10.0378 8628  BTATH_A2DP - ok
15:16:10.0404 8628  [ 9BBBA9D6DBDEFC8A6542BC7A6EBAF710 ] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys
15:16:10.0460 8628  btath_avdt - ok
15:16:10.0496 8628  [ D838DD1BCB328EFCFAD7A52DE9E3CAFD ] BTATH_BUS       C:\Windows\system32\drivers\btath_bus.sys
15:16:10.0555 8628  BTATH_BUS - ok
15:16:10.0593 8628  [ A441B800E04CF8443FAF519207563ABB ] BTATH_HCRP      C:\Windows\system32\drivers\btath_hcrp.sys
15:16:10.0677 8628  BTATH_HCRP - ok
15:16:10.0716 8628  [ B16F8429A35BBA2A8EF9DB2E08675B97 ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
15:16:10.0778 8628  BTATH_LWFLT - ok
15:16:10.0815 8628  [ C24231C6BDFE21735930084A22089AAB ] BTATH_RCP       C:\Windows\system32\drivers\btath_rcp.sys
15:16:10.0890 8628  BTATH_RCP - ok
15:16:10.0937 8628  [ 3632FA4C6B3CE9EC827690DEAC266D8C ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
15:16:11.0019 8628  BtFilter - ok
15:16:11.0066 8628  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
15:16:11.0129 8628  BthEnum - ok
15:16:11.0159 8628  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:16:11.0208 8628  BTHMODEM - ok
15:16:11.0243 8628  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
15:16:11.0307 8628  BthPan - ok
15:16:11.0359 8628  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
15:16:11.0435 8628  BTHPORT - ok
15:16:11.0481 8628  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
15:16:11.0586 8628  bthserv - ok
15:16:11.0622 8628  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
15:16:11.0672 8628  BTHUSB - ok
15:16:11.0707 8628  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:16:11.0824 8628  cdfs - ok
15:16:11.0860 8628  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:16:11.0915 8628  cdrom - ok
15:16:11.0952 8628  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
15:16:12.0066 8628  CertPropSvc - ok
15:16:12.0098 8628  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
15:16:12.0144 8628  circlass - ok
15:16:12.0175 8628  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
15:16:12.0230 8628  CLFS - ok
15:16:12.0287 8628  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:16:12.0325 8628  clr_optimization_v2.0.50727_32 - ok
15:16:12.0359 8628  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:16:12.0396 8628  clr_optimization_v2.0.50727_64 - ok
15:16:12.0446 8628  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:16:12.0486 8628  clr_optimization_v4.0.30319_32 - ok
15:16:12.0505 8628  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:16:12.0546 8628  clr_optimization_v4.0.30319_64 - ok
15:16:12.0588 8628  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
15:16:12.0642 8628  CmBatt - ok
15:16:12.0674 8628  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:16:12.0706 8628  cmdide - ok
15:16:12.0759 8628  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
15:16:12.0840 8628  CNG - ok
15:16:12.0931 8628  [ 1F394DF3714ED4280047810790E6DF69 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
15:16:13.0050 8628  CnxtHdAudService - ok
15:16:13.0095 8628  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
15:16:13.0128 8628  Compbatt - ok
15:16:13.0163 8628  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
15:16:13.0221 8628  CompositeBus - ok
15:16:13.0243 8628  COMSysApp - ok
15:16:13.0277 8628  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:16:13.0312 8628  crcdisk - ok
15:16:13.0354 8628  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:16:13.0438 8628  CryptSvc - ok
15:16:13.0561 8628  [ 75E3C4BB1ED032310EDCF5691A452B4B ] DCDhcpService   C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
15:16:13.0608 8628  DCDhcpService ( UnsignedFile.Multi.Generic ) - warning
15:16:13.0608 8628  DCDhcpService - detected UnsignedFile.Multi.Generic (1)
15:16:13.0670 8628  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:16:13.0794 8628  DcomLaunch - ok
15:16:13.0834 8628  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
15:16:13.0967 8628  defragsvc - ok
15:16:14.0001 8628  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:16:14.0118 8628  DfsC - ok
15:16:14.0173 8628  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:16:14.0257 8628  Dhcp - ok
15:16:14.0286 8628  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
15:16:14.0401 8628  discache - ok
15:16:14.0444 8628  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
15:16:14.0483 8628  Disk - ok
15:16:14.0518 8628  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:16:14.0587 8628  Dnscache - ok
15:16:14.0612 8628  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:16:14.0733 8628  dot3svc - ok
15:16:14.0756 8628  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
15:16:14.0864 8628  DPS - ok
15:16:14.0900 8628  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:16:14.0949 8628  drmkaud - ok
15:16:15.0005 8628  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:16:15.0089 8628  DXGKrnl - ok
15:16:15.0125 8628  [ 50AD8FC1DC800FF36087994C8F7FDFF2 ] e1yexpress      C:\Windows\system32\DRIVERS\e1y60x64.sys
15:16:15.0192 8628  e1yexpress - ok
15:16:15.0237 8628  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
15:16:15.0353 8628  EapHost - ok
15:16:15.0461 8628  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
15:16:15.0620 8628  ebdrv - ok
15:16:15.0651 8628  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
15:16:15.0716 8628  EFS - ok
15:16:15.0778 8628  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:16:15.0893 8628  ehRecvr - ok
15:16:15.0910 8628  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
15:16:15.0957 8628  ehSched - ok
15:16:16.0017 8628  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:16:16.0078 8628  elxstor - ok
15:16:16.0096 8628  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:16:16.0146 8628  ErrDev - ok
15:16:16.0212 8628  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
15:16:16.0337 8628  EventSystem - ok
15:16:16.0386 8628  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
15:16:16.0493 8628  exfat - ok
15:16:16.0505 8628  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:16:16.0625 8628  fastfat - ok
15:16:16.0687 8628  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
15:16:16.0772 8628  Fax - ok
15:16:16.0814 8628  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
15:16:16.0863 8628  fdc - ok
15:16:16.0905 8628  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
15:16:17.0005 8628  fdPHost - ok
15:16:17.0020 8628  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:16:17.0132 8628  FDResPub - ok
15:16:17.0164 8628  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:16:17.0201 8628  FileInfo - ok
15:16:17.0220 8628  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:16:17.0333 8628  Filetrace - ok
15:16:17.0357 8628  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
15:16:17.0409 8628  flpydisk - ok
15:16:17.0448 8628  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:16:17.0502 8628  FltMgr - ok
15:16:17.0572 8628  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
15:16:17.0680 8628  FontCache - ok
15:16:17.0720 8628  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:16:17.0753 8628  FontCache3.0.0.0 - ok
15:16:17.0776 8628  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:16:17.0814 8628  FsDepends - ok
15:16:17.0837 8628  [ C2E475625F2C6F7DCDE4E920523A0573 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
15:16:17.0881 8628  fssfltr - ok
15:16:17.0986 8628  [ 812E1BA5C52A78F13EA6AA10DF708B1D ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
15:16:18.0114 8628  fsssvc - ok
15:16:18.0151 8628  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:16:18.0185 8628  Fs_Rec - ok
15:16:18.0226 8628  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:16:18.0289 8628  fvevol - ok
15:16:18.0328 8628  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:16:18.0365 8628  gagp30kx - ok
15:16:18.0430 8628  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
15:16:18.0564 8628  gpsvc - ok
15:16:18.0634 8628  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:16:18.0660 8628  gupdate - ok
15:16:18.0679 8628  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:16:18.0703 8628  gupdatem - ok
15:16:18.0737 8628  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:16:18.0800 8628  hcw85cir - ok
15:16:18.0831 8628  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:16:18.0906 8628  HdAudAddService - ok
15:16:18.0936 8628  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
15:16:19.0000 8628  HDAudBus - ok
15:16:19.0036 8628  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
15:16:19.0085 8628  HidBatt - ok
15:16:19.0120 8628  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:16:19.0182 8628  HidBth - ok
15:16:19.0206 8628  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:16:19.0252 8628  HidIr - ok
15:16:19.0286 8628  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
15:16:19.0401 8628  hidserv - ok
15:16:19.0438 8628  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:16:19.0475 8628  HidUsb - ok
15:16:19.0503 8628  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:16:19.0621 8628  hkmsvc - ok
15:16:19.0661 8628  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:16:19.0751 8628  HomeGroupListener - ok
15:16:19.0779 8628  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:16:19.0848 8628  HomeGroupProvider - ok
15:16:19.0882 8628  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:16:19.0921 8628  HpSAMD - ok
15:16:19.0958 8628  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:16:20.0101 8628  HTTP - ok
15:16:20.0131 8628  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:16:20.0164 8628  hwpolicy - ok
15:16:20.0190 8628  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
15:16:20.0234 8628  i8042prt - ok
15:16:20.0263 8628  [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] iaStor          C:\Windows\system32\drivers\iaStor.sys
15:16:20.0301 8628  iaStor - ok
15:16:20.0399 8628  [ B25F192EA1F84A316EB7C19EFCCCF33D ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
15:16:20.0427 8628  IAStorDataMgrSvc - ok
15:16:20.0475 8628  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:16:20.0526 8628  iaStorV - ok
15:16:20.0657 8628  [ 6F3909A3D40CC9F4B28E03B027F918D8 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
15:16:20.0791 8628  IconMan_R ( UnsignedFile.Multi.Generic ) - warning
15:16:20.0791 8628  IconMan_R - detected UnsignedFile.Multi.Generic (1)
15:16:20.0854 8628  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:16:20.0950 8628  idsvc - ok
15:16:20.0983 8628  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:16:21.0020 8628  iirsp - ok
15:16:21.0068 8628  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
15:16:21.0214 8628  IKEEXT - ok
15:16:21.0243 8628  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
15:16:21.0277 8628  intelide - ok
15:16:21.0316 8628  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
15:16:21.0376 8628  intelppm - ok
15:16:21.0422 8628  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:16:21.0544 8628  IPBusEnum - ok
15:16:21.0578 8628  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:16:21.0681 8628  IpFilterDriver - ok
15:16:21.0727 8628  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:16:21.0812 8628  iphlpsvc - ok
15:16:21.0843 8628  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:16:21.0898 8628  IPMIDRV - ok
15:16:21.0934 8628  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:16:22.0057 8628  IPNAT - ok
15:16:22.0080 8628  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:16:22.0146 8628  IRENUM - ok
15:16:22.0181 8628  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:16:22.0214 8628  isapnp - ok
15:16:22.0258 8628  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:16:22.0309 8628  iScsiPrt - ok
15:16:22.0354 8628  [ F415A88162D23977B5EDAE4F0410E903 ] IviRegMgr       C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
15:16:22.0393 8628  IviRegMgr - ok
15:16:22.0425 8628  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
15:16:22.0462 8628  kbdclass - ok
15:16:22.0482 8628  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
15:16:22.0533 8628  kbdhid - ok
15:16:22.0563 8628  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
15:16:22.0594 8628  KeyIso - ok
15:16:22.0631 8628  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:16:22.0673 8628  KSecDD - ok
15:16:22.0712 8628  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:16:22.0756 8628  KSecPkg - ok
15:16:22.0792 8628  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:16:22.0903 8628  ksthunk - ok
15:16:22.0947 8628  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:16:23.0070 8628  KtmRm - ok
15:16:23.0121 8628  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:16:23.0255 8628  LanmanServer - ok
15:16:23.0281 8628  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:16:23.0402 8628  LanmanWorkstation - ok
15:16:23.0445 8628  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:16:23.0562 8628  lltdio - ok
15:16:23.0598 8628  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:16:23.0723 8628  lltdsvc - ok
15:16:23.0747 8628  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:16:23.0860 8628  lmhosts - ok
15:16:23.0916 8628  [ 98B16E756243BEA9410E32025B19C06F ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:16:23.0969 8628  LMS - ok
15:16:24.0001 8628  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:16:24.0040 8628  LSI_FC - ok
15:16:24.0063 8628  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:16:24.0103 8628  LSI_SAS - ok
15:16:24.0118 8628  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
15:16:24.0156 8628  LSI_SAS2 - ok
15:16:24.0176 8628  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:16:24.0216 8628  LSI_SCSI - ok
15:16:24.0263 8628  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
15:16:24.0386 8628  luafv - ok
15:16:24.0432 8628  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
15:16:24.0466 8628  MBAMProtector - ok
15:16:24.0555 8628  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
15:16:24.0615 8628  MBAMScheduler - ok
15:16:24.0670 8628  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:16:24.0743 8628  MBAMService - ok
15:16:24.0834 8628  [ 85B847819DAB74EFC23D5D3A8AC15A11 ] McComponentHostServiceSony C:\Program Files (x86)\Sony\MSS\3.0.271\McCHSvc.exe
15:16:24.0885 8628  McComponentHostServiceSony - ok
15:16:24.0921 8628  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:16:24.0979 8628  Mcx2Svc - ok
15:16:25.0018 8628  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
15:16:25.0053 8628  megasas - ok
15:16:25.0091 8628  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
15:16:25.0144 8628  MegaSR - ok
15:16:25.0182 8628  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\drivers\HECIx64.sys
15:16:25.0211 8628  MEIx64 - ok
15:16:25.0251 8628  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
15:16:25.0368 8628  MMCSS - ok
15:16:25.0386 8628  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
15:16:25.0493 8628  Modem - ok
15:16:25.0517 8628  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:16:25.0580 8628  monitor - ok
15:16:25.0628 8628  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:16:25.0666 8628  mouclass - ok
15:16:25.0697 8628  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:16:25.0742 8628  mouhid - ok
15:16:25.0763 8628  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:16:25.0804 8628  mountmgr - ok
15:16:25.0865 8628  [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:16:25.0904 8628  MozillaMaintenance - ok
15:16:25.0941 8628  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:16:25.0986 8628  mpio - ok
15:16:26.0000 8628  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:16:26.0111 8628  mpsdrv - ok
15:16:26.0156 8628  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:16:26.0291 8628  MpsSvc - ok
15:16:26.0309 8628  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:16:26.0386 8628  MRxDAV - ok
15:16:26.0417 8628  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:16:26.0478 8628  mrxsmb - ok
15:16:26.0504 8628  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:16:26.0552 8628  mrxsmb10 - ok
15:16:26.0586 8628  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:16:26.0649 8628  mrxsmb20 - ok
15:16:26.0685 8628  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:16:26.0713 8628  msahci - ok
15:16:26.0748 8628  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:16:26.0789 8628  msdsm - ok
15:16:26.0807 8628  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
15:16:26.0869 8628  MSDTC - ok
15:16:26.0902 8628  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:16:27.0013 8628  Msfs - ok
15:16:27.0029 8628  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:16:27.0124 8628  mshidkmdf - ok
15:16:27.0162 8628  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:16:27.0195 8628  msisadrv - ok
15:16:27.0226 8628  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:16:27.0349 8628  MSiSCSI - ok
15:16:27.0356 8628  msiserver - ok
15:16:27.0399 8628  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:16:27.0511 8628  MSKSSRV - ok
15:16:27.0531 8628  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:16:27.0623 8628  MSPCLOCK - ok
15:16:27.0646 8628  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:16:27.0735 8628  MSPQM - ok
15:16:27.0767 8628  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:16:27.0810 8628  MsRPC - ok
15:16:27.0843 8628  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
15:16:27.0872 8628  mssmbios - ok
15:16:27.0907 8628  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:16:27.0996 8628  MSTEE - ok
15:16:28.0020 8628  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
15:16:28.0049 8628  MTConfig - ok
15:16:28.0067 8628  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:16:28.0098 8628  Mup - ok
15:16:28.0132 8628  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
15:16:28.0245 8628  napagent - ok
15:16:28.0294 8628  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:16:28.0366 8628  NativeWifiP - ok
15:16:28.0432 8628  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:16:28.0512 8628  NDIS - ok
15:16:28.0554 8628  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:16:28.0634 8628  NdisCap - ok
15:16:28.0659 8628  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:16:28.0739 8628  NdisTapi - ok
15:16:28.0768 8628  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:16:28.0864 8628  Ndisuio - ok
15:16:28.0882 8628  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:16:28.0983 8628  NdisWan - ok
15:16:29.0007 8628  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:16:29.0094 8628  NDProxy - ok
15:16:29.0146 8628  [ 76C4D5C98A808D8C8E0C46280036FAF8 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
15:16:29.0175 8628  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:16:29.0176 8628  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:16:29.0204 8628  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:16:29.0297 8628  NetBIOS - ok
15:16:29.0327 8628  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:16:29.0417 8628  NetBT - ok
15:16:29.0439 8628  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
15:16:29.0465 8628  Netlogon - ok
15:16:29.0509 8628  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
15:16:29.0641 8628  Netman - ok
15:16:29.0678 8628  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:16:29.0723 8628  NetMsmqActivator - ok
15:16:29.0733 8628  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:16:29.0759 8628  NetPipeActivator - ok
15:16:29.0788 8628  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
15:16:29.0940 8628  netprofm - ok
15:16:29.0949 8628  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:16:29.0977 8628  NetTcpActivator - ok
15:16:29.0985 8628  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:16:30.0012 8628  NetTcpPortSharing - ok
15:16:30.0058 8628  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:16:30.0095 8628  nfrd960 - ok
15:16:30.0149 8628  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:16:30.0203 8628  NlaSvc - ok
15:16:30.0239 8628  [ 4903177FC90E77ABEB19021451E9475E ] nmwcd           C:\Windows\system32\drivers\ccdcmbx64.sys
15:16:30.0337 8628  nmwcd - ok
15:16:30.0378 8628  [ E6844A4C97E5409BBE24BB4ED000320D ] nmwcdc          C:\Windows\system32\drivers\ccdcmbox64.sys
15:16:30.0465 8628  nmwcdc - ok
15:16:30.0496 8628  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:16:30.0595 8628  Npfs - ok
15:16:30.0619 8628  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
15:16:30.0720 8628  nsi - ok
15:16:30.0733 8628  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:16:30.0846 8628  nsiproxy - ok
15:16:30.0928 8628  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:16:31.0050 8628  Ntfs - ok
15:16:31.0080 8628  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
15:16:31.0183 8628  Null - ok
15:16:31.0231 8628  [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
15:16:31.0276 8628  NVHDA - ok
15:16:31.0666 8628  [ 08D56435647BE1102C186F8F4819374D ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:16:32.0370 8628  nvlddmkm - ok
15:16:32.0433 8628  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:16:32.0467 8628  nvraid - ok
15:16:32.0489 8628  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:16:32.0522 8628  nvstor - ok
15:16:32.0567 8628  [ 98542102645308E9F5ADC61EBBBBFCFC ] NVSvc           C:\Windows\system32\nvvsvc.exe
15:16:32.0662 8628  NVSvc - ok
15:16:32.0687 8628  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:16:32.0730 8628  nv_agp - ok
15:16:32.0812 8628  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:16:32.0877 8628  odserv - ok
15:16:32.0900 8628  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:16:32.0956 8628  ohci1394 - ok
15:16:33.0021 8628  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:16:33.0067 8628  ose - ok
15:16:33.0105 8628  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:16:33.0165 8628  p2pimsvc - ok
15:16:33.0198 8628  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:16:33.0256 8628  p2psvc - ok
15:16:33.0276 8628  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
15:16:33.0318 8628  Parport - ok
15:16:33.0359 8628  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:16:33.0397 8628  partmgr - ok
15:16:33.0438 8628  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:16:33.0521 8628  PcaSvc - ok
15:16:33.0575 8628  [ 3FDE033DFB0D07F8B7D5C9A3044AA121 ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
15:16:33.0643 8628  pccsmcfd - ok
15:16:33.0684 8628  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
15:16:33.0732 8628  pci - ok
15:16:33.0756 8628  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
15:16:33.0789 8628  pciide - ok
15:16:33.0808 8628  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:16:33.0857 8628  pcmcia - ok
15:16:33.0879 8628  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:16:33.0915 8628  pcw - ok
15:16:33.0948 8628  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:16:34.0084 8628  PEAUTH - ok
15:16:34.0179 8628  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:16:34.0221 8628  PerfHost - ok
15:16:34.0297 8628  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
15:16:34.0466 8628  pla - ok
15:16:34.0517 8628  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:16:34.0585 8628  PlugPlay - ok
15:16:34.0650 8628  [ 63694C307273062A2167AE4CE80730EF ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
15:16:34.0705 8628  PMBDeviceInfoProvider - ok
15:16:34.0749 8628  [ D1A4DBB8A29F7FFC78378F47F9EA6B91 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:16:34.0790 8628  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:16:34.0790 8628  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:16:34.0818 8628  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:16:34.0875 8628  PNRPAutoReg - ok
15:16:34.0905 8628  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:16:34.0943 8628  PNRPsvc - ok
15:16:34.0979 8628  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:16:35.0121 8628  PolicyAgent - ok
15:16:35.0166 8628  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
15:16:35.0288 8628  Power - ok
15:16:35.0332 8628  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:16:35.0447 8628  PptpMiniport - ok
15:16:35.0477 8628  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
15:16:35.0529 8628  Processor - ok
15:16:35.0575 8628  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:16:35.0652 8628  ProfSvc - ok
15:16:35.0673 8628  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:16:35.0704 8628  ProtectedStorage - ok
15:16:35.0735 8628  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:16:35.0851 8628  Psched - ok
15:16:35.0906 8628  [ 543A4EF0923BF70D126625B034EF25AF ] PSI_SVC_2       C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
15:16:35.0947 8628  PSI_SVC_2 - ok
15:16:36.0014 8628  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:16:36.0120 8628  ql2300 - ok
15:16:36.0148 8628  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:16:36.0191 8628  ql40xx - ok
15:16:36.0232 8628  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
15:16:36.0300 8628  QWAVE - ok
15:16:36.0316 8628  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:16:36.0384 8628  QWAVEdrv - ok
15:16:36.0444 8628  [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
15:16:36.0488 8628  RapiMgr - ok
15:16:36.0505 8628  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:16:36.0620 8628  RasAcd - ok
15:16:36.0657 8628  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:16:36.0758 8628  RasAgileVpn - ok
15:16:36.0788 8628  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
15:16:36.0904 8628  RasAuto - ok
15:16:36.0928 8628  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:16:37.0034 8628  Rasl2tp - ok
15:16:37.0067 8628  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
15:16:37.0185 8628  RasMan - ok
15:16:37.0210 8628  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:16:37.0334 8628  RasPppoe - ok
15:16:37.0357 8628  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:16:37.0474 8628  RasSstp - ok
15:16:37.0505 8628  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:16:37.0636 8628  rdbss - ok
15:16:37.0661 8628  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
15:16:37.0706 8628  rdpbus - ok
15:16:37.0737 8628  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:16:37.0832 8628  RDPCDD - ok
15:16:37.0853 8628  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:16:37.0966 8628  RDPENCDD - ok
15:16:37.0977 8628  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:16:38.0075 8628  RDPREFMP - ok
15:16:38.0136 8628  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:16:38.0204 8628  RdpVideoMiniport - ok
15:16:38.0240 8628  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:16:38.0311 8628  RDPWD - ok
15:16:38.0353 8628  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:16:38.0401 8628  rdyboost - ok
15:16:38.0432 8628  [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi            C:\Windows\system32\drivers\regi.sys
15:16:38.0460 8628  regi - ok
15:16:38.0496 8628  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:16:38.0620 8628  RemoteAccess - ok
15:16:38.0668 8628  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:16:38.0790 8628  RemoteRegistry - ok
15:16:38.0829 8628  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
15:16:38.0898 8628  RFCOMM - ok
15:16:38.0933 8628  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:16:39.0058 8628  RpcEptMapper - ok
15:16:39.0093 8628  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
15:16:39.0144 8628  RpcLocator - ok
15:16:39.0180 8628  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
15:16:39.0285 8628  RpcSs - ok
15:16:39.0331 8628  [ 546D7F426776090B90EF5F195B6AE662 ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
15:16:39.0377 8628  RSPCIESTOR - ok
15:16:39.0410 8628  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:16:39.0512 8628  rspndr - ok
15:16:39.0547 8628  [ EA5532868BA76923D75BCB2A1448D810 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
15:16:39.0597 8628  RTL8167 - ok
15:16:39.0639 8628  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
15:16:39.0670 8628  SamSs - ok
15:16:39.0703 8628  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:16:39.0743 8628  sbp2port - ok
15:16:39.0775 8628  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:16:39.0885 8628  SCardSvr - ok
15:16:39.0902 8628  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:16:40.0013 8628  scfilter - ok
15:16:40.0063 8628  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
15:16:40.0236 8628  Schedule - ok
15:16:40.0263 8628  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:16:40.0354 8628  SCPolicySvc - ok
15:16:40.0385 8628  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
15:16:40.0445 8628  sdbus - ok
15:16:40.0481 8628  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:16:40.0558 8628  SDRSVC - ok
15:16:40.0578 8628  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:16:40.0694 8628  secdrv - ok
15:16:40.0710 8628  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
15:16:40.0810 8628  seclogon - ok
15:16:40.0844 8628  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
15:16:40.0950 8628  SENS - ok
15:16:40.0992 8628  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:16:41.0064 8628  SensrSvc - ok
15:16:41.0118 8628  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
15:16:41.0171 8628  Serenum - ok
15:16:41.0194 8628  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
15:16:41.0254 8628  Serial - ok
15:16:41.0295 8628  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:16:41.0344 8628  sermouse - ok
15:16:41.0445 8628  [ 289E853881E688286AD24299FCC485D8 ] ServiceLayer    C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
15:16:41.0527 8628  ServiceLayer - ok
15:16:41.0569 8628  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:16:41.0692 8628  SessionEnv - ok
15:16:41.0717 8628  [ 286D3889E6AB5589646FF8A63CB928AE ] SFEP            C:\Windows\system32\drivers\SFEP.sys
15:16:41.0780 8628  SFEP - ok
15:16:41.0817 8628  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:16:41.0873 8628  sffdisk - ok
15:16:41.0896 8628  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:16:41.0959 8628  sffp_mmc - ok
15:16:41.0977 8628  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:16:42.0040 8628  sffp_sd - ok
15:16:42.0068 8628  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:16:42.0103 8628  sfloppy - ok
15:16:42.0149 8628  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:16:42.0276 8628  SharedAccess - ok
15:16:42.0314 8628  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:16:42.0449 8628  ShellHWDetection - ok
15:16:42.0484 8628  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
15:16:42.0521 8628  SiSRaid2 - ok
15:16:42.0552 8628  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:16:42.0592 8628  SiSRaid4 - ok
15:16:42.0648 8628  [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
15:16:42.0794 8628  SkypeUpdate - ok
15:16:42.0833 8628  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:16:42.0955 8628  Smb - ok
15:16:42.0996 8628  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:16:43.0038 8628  SNMPTRAP - ok
15:16:43.0102 8628  [ DDF2EC98AF6FC70608A4F9CE4DB52758 ] SOHCImp         C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
15:16:43.0139 8628  SOHCImp - ok
15:16:43.0154 8628  [ 5FA03F5EA6EFEF6D17B4A1A48C40A23C ] SOHDs           C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
15:16:43.0188 8628  SOHDs - ok
15:16:43.0255 8628  [ 65E5659E9C2A0762D05657C0E22A7CA2 ] SpfService      C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
15:16:43.0306 8628  SpfService - ok
15:16:43.0327 8628  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:16:43.0363 8628  spldr - ok
15:16:43.0415 8628  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
15:16:43.0493 8628  Spooler - ok
15:16:43.0618 8628  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
15:16:43.0869 8628  sppsvc - ok
15:16:43.0892 8628  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:16:44.0000 8628  sppuinotify - ok
15:16:44.0041 8628  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:16:44.0122 8628  srv - ok
15:16:44.0162 8628  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:16:44.0239 8628  srv2 - ok
15:16:44.0273 8628  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:16:44.0316 8628  srvnet - ok
15:16:44.0358 8628  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:16:44.0474 8628  SSDPSRV - ok
15:16:44.0541 8628  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:16:44.0635 8628  SstpSvc - ok
15:16:44.0718 8628  [ 5C2EE5A4CA1E782A9A23C620DAF5F223 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:16:44.0777 8628  Stereo Service - ok
15:16:44.0799 8628  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
15:16:44.0828 8628  stexstor - ok
15:16:44.0864 8628  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
15:16:44.0945 8628  stisvc - ok
15:16:44.0983 8628  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
15:16:45.0010 8628  swenum - ok
15:16:45.0049 8628  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
15:16:45.0165 8628  swprv - ok
15:16:45.0224 8628  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
15:16:45.0325 8628  SysMain - ok
15:16:45.0348 8628  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:16:45.0407 8628  TabletInputService - ok
15:16:45.0431 8628  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:16:45.0524 8628  TapiSrv - ok
15:16:45.0540 8628  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
15:16:45.0624 8628  TBS - ok
15:16:45.0713 8628  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:16:45.0828 8628  Tcpip - ok
15:16:45.0874 8628  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:16:45.0956 8628  TCPIP6 - ok
15:16:46.0016 8628  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:16:46.0047 8628  tcpipreg - ok
15:16:46.0082 8628  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:16:46.0133 8628  TDPIPE - ok
15:16:46.0161 8628  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:16:46.0195 8628  TDTCP - ok
15:16:46.0225 8628  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:16:46.0344 8628  tdx - ok
15:16:46.0375 8628  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
15:16:46.0413 8628  TermDD - ok
15:16:46.0450 8628  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
15:16:46.0578 8628  TermService - ok
15:16:46.0603 8628  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
15:16:46.0661 8628  Themes - ok
15:16:46.0696 8628  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
15:16:46.0793 8628  THREADORDER - ok
15:16:46.0812 8628  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
15:16:46.0933 8628  TrkWks - ok
15:16:46.0993 8628  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:16:47.0092 8628  TrustedInstaller - ok
15:16:47.0112 8628  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:16:47.0226 8628  tssecsrv - ok
15:16:47.0257 8628  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:16:47.0329 8628  TsUsbFlt - ok
15:16:47.0365 8628  [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
15:16:47.0417 8628  TsUsbGD - ok
15:16:47.0465 8628  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:16:47.0581 8628  tunnel - ok
15:16:47.0611 8628  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:16:47.0648 8628  uagp35 - ok
15:16:47.0699 8628  [ 1FE69F3C1CA1CF4B7EC7E2E9090FFFDC ] uCamMonitor     C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
15:16:47.0748 8628  uCamMonitor - ok
15:16:47.0770 8628  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:16:47.0889 8628  udfs - ok
15:16:47.0928 8628  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:16:47.0985 8628  UI0Detect - ok
15:16:48.0016 8628  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:16:48.0054 8628  uliagpkx - ok
15:16:48.0092 8628  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:16:48.0142 8628  umbus - ok
15:16:48.0169 8628  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
15:16:48.0220 8628  UmPass - ok
15:16:48.0380 8628  [ 7A78ED1088890114DFDE2C4AB038D6B6 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:16:48.0543 8628  UNS - ok
15:16:48.0606 8628  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
15:16:48.0740 8628  upnphost - ok
15:16:48.0778 8628  [ 907F50B8695DAA65A9445D27AD306E65 ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
15:16:48.0843 8628  upperdev - ok
15:16:48.0869 8628  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:16:48.0943 8628  usbccgp - ok
15:16:48.0969 8628  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:16:49.0021 8628  usbcir - ok
15:16:49.0042 8628  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
15:16:49.0088 8628  usbehci - ok
15:16:49.0126 8628  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
15:16:49.0193 8628  usbhub - ok
15:16:49.0224 8628  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:16:49.0269 8628  usbohci - ok
15:16:49.0307 8628  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:16:49.0369 8628  usbprint - ok
15:16:49.0406 8628  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:16:49.0457 8628  usbscan - ok
15:16:49.0508 8628  [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser          C:\Windows\system32\drivers\usbser.sys
15:16:49.0545 8628  usbser - ok
15:16:49.0590 8628  [ 3F7498527B48657091C355F683BEB0DD ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
15:16:49.0665 8628  UsbserFilt - ok
15:16:49.0702 8628  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:16:49.0757 8628  USBSTOR - ok
15:16:49.0776 8628  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:16:49.0822 8628  usbuhci - ok
15:16:49.0854 8628  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
15:16:49.0917 8628  usbvideo - ok
15:16:49.0956 8628  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
15:16:50.0075 8628  UxSms - ok
15:16:50.0141 8628  [ DCB1F83AD167D16D263CE57C94E9EEDF ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
15:16:50.0177 8628  VAIO Event Service - ok
15:16:50.0196 8628  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
15:16:50.0227 8628  VaultSvc - ok
15:16:50.0289 8628  [ D00058C1FFF3F3DE990444A5734E9639 ] VCFw            C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
15:16:50.0370 8628  VCFw - ok
15:16:50.0450 8628  [ F19275655B42086C884ABCDAE2C659AE ] VcmIAlzMgr      C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
15:16:50.0537 8628  VcmIAlzMgr - ok
15:16:50.0581 8628  [ 2F06D134554BA84FE253DBC481DCFE6D ] VcmINSMgr       C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
15:16:50.0653 8628  VcmINSMgr - ok
15:16:50.0674 8628  [ 32A3735F6874B7783C6209ED5CA36D9D ] VcmXmlIfHelper  C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
15:16:50.0716 8628  VcmXmlIfHelper - ok
15:16:50.0775 8628  [ 8F0840FF3A11D6B3F767AD6C79AC2A40 ] VCService       C:\Program Files\Sony\VAIO Care\VCService.exe
15:16:50.0810 8628  VCService - ok
15:16:50.0842 8628  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:16:50.0877 8628  vdrvroot - ok
15:16:50.0925 8628  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
15:16:51.0065 8628  vds - ok
15:16:51.0099 8628  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:16:51.0142 8628  vga - ok
15:16:51.0160 8628  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:16:51.0273 8628  VgaSave - ok
15:16:51.0298 8628  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:16:51.0347 8628  vhdmp - ok
15:16:51.0369 8628  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:16:51.0403 8628  viaide - ok
15:16:51.0433 8628  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:16:51.0472 8628  volmgr - ok
15:16:51.0495 8628  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:16:51.0550 8628  volmgrx - ok
15:16:51.0584 8628  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:16:51.0637 8628  volsnap - ok
15:16:51.0711 8628  [ FADF60FF9C5E9B4C985E0EEB66170798 ] vpnagent        C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
15:16:51.0776 8628  vpnagent - ok
15:16:51.0791 8628  [ BE7FE15AC90B9F02CBE011AE2426DD0F ] vpnva           C:\Windows\system32\DRIVERS\vpnva64.sys
15:16:51.0824 8628  vpnva - ok
15:16:51.0864 8628  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:16:51.0907 8628  vsmraid - ok
15:16:51.0979 8628  [ 03F6F618367CB16A2176B8DB4215D1F9 ] VSNService      C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
15:16:52.0092 8628  VSNService - ok
15:16:52.0158 8628  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
15:16:52.0328 8628  VSS - ok
15:16:52.0435 8628  [ D2D646D4D686C6996BA1FF96E11BE570 ] VUAgent         C:\Program Files\Sony\VAIO Update\VUAgent.exe
15:16:52.0511 8628  VUAgent - ok
15:16:52.0526 8628  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
15:16:52.0588 8628  vwifibus - ok
15:16:52.0622 8628  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:16:52.0681 8628  vwififlt - ok
15:16:52.0728 8628  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
15:16:52.0791 8628  vwifimp - ok
15:16:52.0834 8628  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
15:16:52.0958 8628  W32Time - ok
15:16:52.0990 8628  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:16:53.0035 8628  WacomPen - ok
15:16:53.0080 8628  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:16:53.0191 8628  WANARP - ok
15:16:53.0198 8628  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:16:53.0290 8628  Wanarpv6 - ok
15:16:53.0358 8628  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
15:16:53.0484 8628  wbengine - ok
15:16:53.0506 8628  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:16:53.0569 8628  WbioSrvc - ok
15:16:53.0624 8628  [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
15:16:53.0682 8628  WcesComm - ok
15:16:53.0706 8628  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:16:53.0783 8628  wcncsvc - ok
15:16:53.0817 8628  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:16:53.0890 8628  WcsPlugInService - ok
15:16:53.0925 8628  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
15:16:53.0960 8628  Wd - ok
15:16:54.0007 8628  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:16:54.0093 8628  Wdf01000 - ok
15:16:54.0124 8628  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:16:54.0245 8628  WdiServiceHost - ok
15:16:54.0252 8628  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:16:54.0300 8628  WdiSystemHost - ok
15:16:54.0334 8628  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
15:16:54.0412 8628  WebClient - ok
15:16:54.0441 8628  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:16:54.0566 8628  Wecsvc - ok
15:16:54.0587 8628  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:16:54.0694 8628  wercplsupport - ok
15:16:54.0722 8628  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:16:54.0831 8628  WerSvc - ok
15:16:54.0875 8628  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:16:54.0971 8628  WfpLwf - ok
15:16:55.0000 8628  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:16:55.0036 8628  WIMMount - ok
15:16:55.0051 8628  WinDefend - ok
15:16:55.0075 8628  WinHttpAutoProxySvc - ok
15:16:55.0125 8628  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:16:55.0254 8628  Winmgmt - ok
15:16:55.0342 8628  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
15:16:55.0519 8628  WinRM - ok
15:16:55.0586 8628  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
15:16:55.0634 8628  WinUsb - ok
15:16:55.0689 8628  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:16:55.0784 8628  Wlansvc - ok
15:16:55.0903 8628  [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:16:56.0045 8628  wlidsvc - ok
15:16:56.0074 8628  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:16:56.0118 8628  WmiAcpi - ok
15:16:56.0155 8628  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:16:56.0222 8628  wmiApSrv - ok
15:16:56.0255 8628  WMPNetworkSvc - ok
15:16:56.0285 8628  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:16:56.0337 8628  WPCSvc - ok
15:16:56.0351 8628  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:16:56.0423 8628  WPDBusEnum - ok
15:16:56.0438 8628  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
15:16:56.0517 8628  wscsvc - ok
15:16:56.0523 8628  WSearch - ok
15:16:56.0635 8628  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:16:56.0802 8628  wuauserv - ok
15:16:56.0830 8628  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:16:56.0894 8628  WudfPf - ok
15:16:56.0927 8628  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:16:56.0987 8628  WUDFRd - ok
15:16:57.0021 8628  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:16:57.0083 8628  wudfsvc - ok
15:16:57.0118 8628  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:16:57.0204 8628  WwanSvc - ok
15:16:57.0254 8628  ================ Scan global ===============================
15:16:57.0279 8628  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:16:57.0324 8628  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:16:57.0339 8628  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:16:57.0377 8628  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:16:57.0411 8628  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:16:57.0420 8628  [Global] - ok
15:16:57.0421 8628  ================ Scan MBR ==================================
15:16:57.0435 8628  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:16:58.0329 8628  \Device\Harddisk0\DR0 - ok
15:16:58.0335 8628  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
15:16:58.0495 8628  \Device\Harddisk1\DR1 - ok
15:16:58.0497 8628  ================ Scan VBR ==================================
15:16:58.0528 8628  [ C41D70D3054607C2F0C3E9E3E076F3A3 ] \Device\Harddisk0\DR0\Partition1
15:16:58.0531 8628  \Device\Harddisk0\DR0\Partition1 - ok
15:16:58.0544 8628  [ 84D1982ADACA25232B77B37EAE63D6DB ] \Device\Harddisk0\DR0\Partition2
15:16:58.0547 8628  \Device\Harddisk0\DR0\Partition2 - ok
15:16:58.0555 8628  [ 5D5514715898B49C67AEB90DE886E527 ] \Device\Harddisk1\DR1\Partition1
15:16:58.0557 8628  \Device\Harddisk1\DR1\Partition1 - ok
15:16:58.0558 8628  ============================================================
15:16:58.0558 8628  Scan finished
15:16:58.0558 8628  ============================================================
15:16:58.0578 5160  Detected object count: 6
15:16:58.0578 5160  Actual detected object count: 6
15:17:21.0185 5160  Atheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:21.0185 5160  Atheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:21.0185 5160  AtherosSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:21.0186 5160  AtherosSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:21.0186 5160  DCDhcpService ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:21.0187 5160  DCDhcpService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:21.0188 5160  IconMan_R ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:21.0188 5160  IconMan_R ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:21.0191 5160  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:21.0191 5160  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:17:21.0192 5160  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
15:17:21.0192 5160  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 12.06.2013, 14:33   #9
markusg
/// Malware-holic
 
Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen? - Standard

Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen?



Hi,
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 12.06.2013, 15:03   #10
tam
 
Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen? - Standard

Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen?



hab Combofix gestartet, aber mein Laptop geht immer ziemlich schnell in den "Ruhemodus", sprich schwarzer Bildschirm, wenn ich den Cursor nicht bewege. ich nehme an, dass Combofix sich jetzt aufgehängt hat. Er steht bei Stufe 4 und es geht nicht weiter...

Alt 12.06.2013, 15:10   #11
markusg
/// Malware-holic
 
Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen? - Standard

Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen?



lass es noch mal 20 min laufen, wenn das nnichts passiert starte es noch mal
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 12.06.2013, 15:30   #12
tam
 
Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen? - Standard

Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen?



das Resultat
Code:
ATTFilter
ComboFix 13-06-08.02 - Sabine 12.06.2013  16:16:37.2.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4078.2130 [GMT 2:00]
ausgeführt von:: c:\users\Sabine\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\xp-AntiSpy
c:\program files (x86)\xp-AntiSpy\Uninstall.exe
c:\program files (x86)\xp-AntiSpy\xp-AntiSpy.chm
c:\program files (x86)\xp-AntiSpy\xp-AntiSpy.exe
c:\program files (x86)\xp-AntiSpy\xp-AntiSpy.url
c:\users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\mcv1w1a9.default\extensions\pricepeep@getpricepeep.com.xpi
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-05-12 bis 2013-06-12  ))))))))))))))))))))))))))))))
.
.
2013-06-12 14:23 . 2013-06-12 14:23	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-06-12 12:26 . 2013-06-12 12:26	83160	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2013-06-12 06:30 . 2013-06-12 06:30	--------	d-----w-	c:\users\Sabine\AppData\Roaming\Avira
2013-06-12 06:24 . 2013-03-06 14:13	28600	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2013-06-12 06:24 . 2013-02-26 14:56	130016	----a-w-	c:\windows\system32\drivers\avipbb.sys
2013-06-12 06:24 . 2013-02-26 14:56	100712	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2013-06-12 06:23 . 2013-06-12 06:23	--------	d-----w-	c:\programdata\Avira
2013-06-12 06:23 . 2013-06-12 06:23	--------	d-----w-	c:\program files (x86)\Avira
2013-06-11 20:50 . 2013-06-11 20:50	--------	d-----w-	c:\users\Sabine\AppData\Roaming\PerformerSoft
2013-06-11 20:50 . 2012-12-19 13:53	19632	----a-w-	c:\windows\system32\roboot64.exe
2013-06-11 20:50 . 2013-06-11 20:50	--------	d-----w-	c:\program files (x86)\PC Performer
2013-06-11 20:50 . 2013-06-11 20:50	--------	d-----w-	c:\programdata\Arovax
2013-06-11 20:50 . 2013-06-11 20:50	--------	d-----w-	c:\program files (x86)\Arovax AntiSpyware
2013-06-11 20:37 . 2013-06-11 20:37	--------	d-----w-	c:\users\Sabine\AppData\Roaming\Malwarebytes
2013-06-11 20:37 . 2013-06-11 20:37	--------	d-----w-	c:\programdata\Malwarebytes
2013-06-11 20:36 . 2013-06-11 20:37	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2013-06-11 20:36 . 2013-04-04 12:50	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-06-11 18:12 . 2013-06-12 13:48	76232	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{B442372B-7140-4F24-8D70-8D88C6FB91C4}\offreg.dll
2013-06-11 17:48 . 2013-06-11 19:54	--------	d-----w-	c:\programdata\SecTaskMan
2013-06-11 17:48 . 2013-06-11 17:48	--------	d-----w-	c:\program files (x86)\Security Task Manager
2013-06-11 15:13 . 2013-06-11 15:13	--------	d-----w-	c:\users\Sabine\AppData\Local\Programs
2013-06-11 10:06 . 2013-05-13 06:37	9460464	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{B442372B-7140-4F24-8D70-8D88C6FB91C4}\mpengine.dll
2013-06-08 19:09 . 2013-06-08 19:09	--------	d-s---w-	c:\windows\SysWow64\Microsoft
2013-05-16 09:07 . 2013-04-05 06:50	19231232	----a-w-	c:\windows\system32\mshtml.dll
2013-05-16 09:07 . 2013-04-05 06:50	15404032	----a-w-	c:\windows\system32\ieframe.dll
2013-05-16 06:45 . 2013-04-10 06:01	265064	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2013-05-16 06:45 . 2013-04-10 06:01	983400	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2013-05-16 06:45 . 2011-02-03 11:25	144384	----a-w-	c:\windows\system32\cdd.dll
2013-05-16 06:45 . 2013-02-27 05:52	14172672	----a-w-	c:\windows\system32\shell32.dll
2013-05-16 06:45 . 2013-02-27 05:48	1930752	----a-w-	c:\windows\system32\authui.dll
2013-05-16 06:45 . 2013-02-27 06:02	111448	----a-w-	c:\windows\system32\consent.exe
2013-05-16 06:45 . 2013-02-27 05:52	197120	----a-w-	c:\windows\system32\shdocvw.dll
2013-05-16 06:45 . 2013-02-27 05:47	70144	----a-w-	c:\windows\system32\appinfo.dll
2013-05-16 06:45 . 2013-02-27 04:49	1796096	----a-w-	c:\windows\SysWow64\authui.dll
2013-05-16 06:44 . 2013-04-10 03:30	3153920	----a-w-	c:\windows\system32\win32k.sys
2013-05-16 06:44 . 2013-03-19 05:53	48640	----a-w-	c:\windows\system32\wwanprotdim.dll
2013-05-16 06:44 . 2013-03-19 05:53	230400	----a-w-	c:\windows\system32\wwansvc.dll
2013-05-15 12:13 . 2013-05-15 12:13	--------	d-----w-	c:\users\Sabine\AppData\Roaming\IsolatedStorage
2013-05-15 12:13 . 2013-05-15 12:13	--------	d-----w-	c:\programdata\IsolatedStorage
2013-05-15 12:12 . 2013-05-15 12:12	--------	d-----w-	c:\users\Sabine\AppData\Local\_
2013-05-13 14:46 . 2013-05-20 18:31	--------	d-----w-	c:\users\Sabine\My Downloads
2013-05-13 14:45 . 2013-05-13 15:36	--------	d-----w-	c:\users\Sabine\AppData\Roaming\FreeTorrentViewer
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-11 20:19 . 2012-05-02 11:28	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-11 20:19 . 2012-01-18 11:34	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-17 08:03 . 2012-07-17 12:37	22240	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-16 09:13 . 2012-01-18 16:58	75016696	----a-w-	c:\windows\system32\MRT.exe
2013-05-09 08:58 . 2012-02-05 15:39	287840	----a-w-	c:\windows\system32\aswBoot.exe
2013-05-02 00:06 . 2010-11-21 03:27	278800	------w-	c:\windows\system32\MpSigStub.exe
2013-04-22 07:10 . 2013-04-22 07:10	73728	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-04-22 07:10 . 2013-04-22 07:10	719360	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-04-22 07:10 . 2013-04-22 07:10	61952	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-04-22 07:10 . 2013-04-22 07:10	523264	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-04-22 07:10 . 2013-04-22 07:10	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-04-22 07:10 . 2013-04-22 07:10	38400	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-04-22 07:10 . 2013-04-22 07:10	361984	----a-w-	c:\windows\SysWow64\html.iec
2013-04-22 07:10 . 2013-04-22 07:10	23040	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-04-22 07:10 . 2013-04-22 07:10	226304	----a-w-	c:\windows\system32\elshyph.dll
2013-04-22 07:10 . 2013-04-22 07:10	185344	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-04-22 07:10 . 2013-04-22 07:10	158720	----a-w-	c:\windows\SysWow64\msls31.dll
2013-04-22 07:10 . 2013-04-22 07:10	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-04-22 07:10 . 2013-04-22 07:10	1441280	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2013-04-22 07:10 . 2013-04-22 07:10	138752	----a-w-	c:\windows\SysWow64\wextract.exe
2013-04-22 07:10 . 2013-04-22 07:10	137216	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-04-22 07:10 . 2013-04-22 07:10	12800	----a-w-	c:\windows\SysWow64\mshta.exe
2013-04-22 07:10 . 2013-04-22 07:10	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-04-22 07:10 . 2013-04-22 07:10	1054720	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-04-22 07:10 . 2013-04-22 07:10	97280	----a-w-	c:\windows\system32\mshtmled.dll
2013-04-22 07:10 . 2013-04-22 07:10	92160	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-04-22 07:10 . 2013-04-22 07:10	905728	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-04-22 07:10 . 2013-04-22 07:10	81408	----a-w-	c:\windows\system32\icardie.dll
2013-04-22 07:10 . 2013-04-22 07:10	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-04-22 07:10 . 2013-04-22 07:10	762368	----a-w-	c:\windows\system32\ieapfltr.dll
2013-04-22 07:10 . 2013-04-22 07:10	62976	----a-w-	c:\windows\system32\pngfilt.dll
2013-04-22 07:10 . 2013-04-22 07:10	599552	----a-w-	c:\windows\system32\vbscript.dll
2013-04-22 07:10 . 2013-04-22 07:10	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-04-22 07:10 . 2013-04-22 07:10	51200	----a-w-	c:\windows\system32\imgutil.dll
2013-04-22 07:10 . 2013-04-22 07:10	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-04-22 07:10 . 2013-04-22 07:10	452096	----a-w-	c:\windows\system32\dxtmsft.dll
2013-04-22 07:10 . 2013-04-22 07:10	441856	----a-w-	c:\windows\system32\html.iec
2013-04-22 07:10 . 2013-04-22 07:10	281600	----a-w-	c:\windows\system32\dxtrans.dll
2013-04-22 07:10 . 2013-04-22 07:10	27648	----a-w-	c:\windows\system32\licmgr10.dll
2013-04-22 07:10 . 2013-04-22 07:10	270848	----a-w-	c:\windows\system32\iedkcs32.dll
2013-04-22 07:10 . 2013-04-22 07:10	247296	----a-w-	c:\windows\system32\webcheck.dll
2013-04-22 07:10 . 2013-04-22 07:10	235008	----a-w-	c:\windows\system32\url.dll
2013-04-22 07:10 . 2013-04-22 07:10	216064	----a-w-	c:\windows\system32\msls31.dll
2013-04-22 07:10 . 2013-04-22 07:10	197120	----a-w-	c:\windows\system32\msrating.dll
2013-04-22 07:10 . 2013-04-22 07:10	173568	----a-w-	c:\windows\system32\ieUnatt.exe
2013-04-22 07:10 . 2013-04-22 07:10	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-04-22 07:10 . 2013-04-22 07:10	1509376	----a-w-	c:\windows\system32\inetcpl.cpl
2013-04-22 07:10 . 2013-04-22 07:10	149504	----a-w-	c:\windows\system32\occache.dll
2013-04-22 07:10 . 2013-04-22 07:10	144896	----a-w-	c:\windows\system32\wextract.exe
2013-04-22 07:10 . 2013-04-22 07:10	1400416	----a-w-	c:\windows\system32\ieapfltr.dat
2013-04-22 07:10 . 2013-04-22 07:10	13824	----a-w-	c:\windows\system32\mshta.exe
2013-04-22 07:10 . 2013-04-22 07:10	136192	----a-w-	c:\windows\system32\iepeers.dll
2013-04-22 07:10 . 2013-04-22 07:10	135680	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-04-22 07:10 . 2013-04-22 07:10	12800	----a-w-	c:\windows\system32\msfeedssync.exe
2013-04-22 07:10 . 2013-04-22 07:10	102912	----a-w-	c:\windows\system32\inseng.dll
2013-04-13 05:49 . 2013-05-16 06:45	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-16 06:45	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-16 06:45	308736	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-16 06:45	111104	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-16 06:45	474624	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-16 06:45	2176512	----a-w-	c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 06:56	1656680	----a-w-	c:\windows\system32\drivers\ntfs.sys
2013-04-04 03:35 . 2013-04-18 12:15	95648	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-19 06:04 . 2013-04-10 15:21	5550424	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 15:21	43520	----a-w-	c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 15:21	3968856	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 15:21	3913560	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 15:21	6656	----a-w-	c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 15:21	112640	----a-w-	c:\windows\system32\smss.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-11-08 12:30	220632	----a-w-	c:\users\Sabine\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-11-08 12:30	220632	----a-w-	c:\users\Sabine\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-11-08 12:30	220632	----a-w-	c:\users\Sabine\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12	130736	----a-w-	c:\users\Sabine\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12	130736	----a-w-	c:\users\Sabine\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12	130736	----a-w-	c:\users\Sabine\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccleaner"="c:\program files\CCleaner\CCleaner64.exe" [2012-08-22 5352288]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"NokiaSuite.exe"="c:\program files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" [2012-12-21 1090040]
"Arovax AntiSpyware"="c:\program files (x86)\Arovax AntiSpyware\arovaxantispyware.exe" [2007-09-21 1966080]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-02-15 2757312]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-26 648032]
"Cisco AnyConnect Secure Mobility Agent for Windows"="c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" [2012-08-17 522232]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-04-04 345312]
.
c:\users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Sabine\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-5-25 27776968]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Sony MSS.lnk - c:\program files (x86)\Sony\MSS\3.0.271\SSScheduler.exe [2012-3-13 274328]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 DCDhcpService;DCDhcpService;c:\program files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe;c:\program files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [x]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony;c:\program files (x86)\Sony\MSS\3.0.271\McCHSvc.exe;c:\program files (x86)\Sony\MSS\3.0.271\McCHSvc.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
S2 regi;regi;c:\windows\system32\drivers\regi.sys;c:\windows\SYSNATIVE\drivers\regi.sys [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x]
S2 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]
S2 vpnagent;Cisco AnyConnect Secure Mobility Agent;c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe;c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [x]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
S3 acsock;acsock;c:\windows\system32\DRIVERS\acsock64.sys;c:\windows\SYSNATIVE\DRIVERS\acsock64.sys [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x]
S3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
S3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\VUAgent.exe;c:\program files\Sony\VAIO Update\VUAgent.exe [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 23209725
*Deregistered* - 23209725
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-06 15:13	1165776	----a-w-	c:\program files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-02 20:19]
.
2013-06-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-04 16:58]
.
2013-06-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-04 16:58]
.
2013-06-12 c:\windows\Tasks\PC Performer_DEFAULT.job
- c:\program files (x86)\PC Performer\PCPerformer.exe [2013-06-11 13:53]
.
2013-06-12 c:\windows\Tasks\PC Performer_UPDATES.job
- c:\program files (x86)\PC Performer\PCPerformer.exe [2013-06-11 13:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-11-08 12:30	244696	----a-w-	c:\users\Sabine\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-11-08 12:30	244696	----a-w-	c:\users\Sabine\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-11-08 12:30	244696	----a-w-	c:\users\Sabine\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12	164016	----a-w-	c:\users\Sabine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12	164016	----a-w-	c:\users\Sabine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12	164016	----a-w-	c:\users\Sabine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12	164016	----a-w-	c:\users\Sabine\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-04-16 14:10	776144	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-04-16 14:10	776144	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-04-16 14:10	776144	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-04-16 14:10	776144	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-03-29 518784]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-04-29 790688]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-04-29 657568]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://start.icq.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 193.189.244.202 193.189.244.194
DPF: {538793D5-659C-4639-A56C-A179AD87ED44} - vpnweb.cab
FF - ProfilePath - c:\users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\mcv1w1a9.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?barid={396DB6CB-268F-11E2-8828-78843CF86237}&src=2&crg=3.1010000.10025&q=
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-06-09 09:56; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-06-11 16:49; {EEE6C361-6118-11DC-9C72-001320C79847}; c:\users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\mcv1w1a9.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
FF - ExtSQL: 2013-06-11 16:49; {635abd67-4fe9-1b23-4f01-e679fa7484c1}; c:\users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\mcv1w1a9.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
pref('extensions.shownSelectionUI',true);
FF - user.js: extensions.autoDisableScopes - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-DIMUpdate wird heruntergeladen...1338924290338 - c:\program files (x86)\Corel\CorelDRAW Graphics Suite X6\PHOTO-PAINT\DIM.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
AddRemove-xp-AntiSpy - c:\program files (x86)\xp-AntiSpy\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=10000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"&\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 & Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1617116259-3097247958-731268824-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1617116259-3097247958-731268824-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-06-12  16:27:28
ComboFix-quarantined-files.txt  2013-06-12 14:27
.
Vor Suchlauf: 16 Verzeichnis(se), 505.992.736.768 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 505.806.725.120 Bytes frei
.
- - End Of File - - FFC52A4E3EC3D32BB783B6D198104BAF
D41D8CD98F00B204E9800998ECF8427E
         

Alt 12.06.2013, 18:03   #13
markusg
/// Malware-holic
 
Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen? - Standard

Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen?



hi,

lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 12.06.2013, 21:12   #14
tam
 
Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen? - Standard

Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen?



hi, hier die Liste
Code:
ATTFilter
Adobe AIR	Adobe Systems Incorporated	23.04.2013		3.7.0.1530			Unnötig
Adobe Flash Player 11 ActiveX	Adobe Systems Incorporated	11.06.2013	6,00MB	11.7.700.224	Unnötig
Adobe Flash Player 11 Plugin	Adobe Systems Incorporated	15.05.2013	6,00MB	11.7.700.202	Notwendig
Adobe Reader XI (11.0.03) - Deutsch	Adobe Systems Incorporated	30.05.2013	133MB	11.0.03	Notwendig
Adobe Shockwave Player 12.0	Adobe Systems, Inc.	25.02.2013		12.0.0.112		Notwendig
Alps Pointing-device for VAIO	ALPS ELECTRIC CO., LTD.	06.09.2011					Notwendig		
ArcSoft Magic-i Visual Effects 2	ArcSoft	24.12.2011	69,5MB	2.0.1.142			Unnötig
ArcSoft WebCam Companion 4	ArcSoft	24.12.2011	81,3MB	4.0.21.392				Unbekannt
Arovax AntiSpyware 2.1.153	Arovax Software	11.06.2013		2.1.153				Notwendig
Atheros WiFi Driver Installation	Atheros	18.01.2012		3.0				Notwendig
Avira Free Antivirus	Avira	12.06.2013	130MB	13.0.0.3640					Notwendig
Bluetooth Win7 Suite (64)	Atheros Communications	06.09.2011	74,5MB	7.3.0.100		Notwendig
CCleaner	Piriform	22.08.2012		3.22						Notwendig
Cisco AnyConnect Secure Mobility Client	Cisco Systems, Inc.	26.01.2013		3.0.10055       Nowendig
Conexant HD Audio	Conexant	06.09.2011		8.54.0.53				Notwendig
Corel WinDVD	Corel Inc.	06.09.2011	256MB	10.0.5.800					Unnötig
DivX-Setup	DivX, LLC	27.06.2012		2.6.1.9						Unnötig
Dropbox	Dropbox, Inc.	01.06.2013		2.0.22							Notwendig
Google Chrome	Google Inc.	04.11.2012		27.0.1453.110					Notwendig
Google Drive	Google, Inc.	06.05.2013	32,0MB	1.9.4536.8202					Notwendig
Intel(R) Control Center	Intel Corporation	06.09.2011		1.2.1.1007			Notwendig
Intel(R) Management Engine Components	Intel Corporation	06.09.2011		7.0.0.1144	Notwendig
Intel(R) Rapid Storage Technology	Intel Corporation	06.09.2011		10.0.0.1046	Notwendig
Java 7 Update 21	Oracle	07.03.2013	129MB	7.0.210						Notwendig
Java(TM) 6 Update 22	Oracle	06.09.2011	97,0MB	6.0.220						Notwendig
Java(TM) 6 Update 22 (64-bit)	Oracle	06.09.2011	90,6MB	6.0.220					Notwendig
JavaFX 2.1.1	Oracle Corporation	25.06.2012	20,8MB	2.1.1					Notwendig
Malwarebytes Anti-Malware Version 1.75.0.1300	Malwarebytes Corporation	11.06.2013	19,2MB	1.75.0.1300 notwendig
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	11.02.2011	38,8MB	4.0.30319  ?unnötig
Microsoft .NET Framework 4 Client Profile DEU Language Pack	Microsoft Corporation	06.09.2011	2,93MB	4.0.30319 ?unnötig
Microsoft .NET Framework 4 Extended	Microsoft Corporation	11.02.2011	51,9MB	4.0.30319       ? unnötig
Microsoft .NET Framework 4 Extended DEU Language Pack	Microsoft Corporation	06.09.2011	10,6MB	4.0.30319  ?unnötig
Microsoft Office 2010	Microsoft Corporation	06.09.2011	6,31MB	14.0.4763.1000			Unnötig
Microsoft Office File Validation Add-In	Microsoft Corporation	06.02.2012	7,95MB	14.0.5130.5003	Unnötig
Microsoft Office Home and Student 2007	Microsoft Corporation	03.03.2012		12.0.6612.1000	Notwendig
Microsoft Office Live Add-in 1.5	Microsoft Corporation	20.06.2012	508KB	2.0.4024.1	Unbekannt
Microsoft Silverlight	Microsoft Corporation	13.03.2013	100MB	5.1.20125.0			? Notwendig
Microsoft SkyDrive	Microsoft Corporation	08.11.2012	25,1MB	16.4.6013.0910			Notwendig
Microsoft SQL Server 2005 Compact Edition [ENU]	Microsoft Corporation	06.09.2011	1,69MB	3.1.0000 Unbekannt
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	26.01.2012	298KB	8.0.61001 Unbekannt
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17	Microsoft Corporation	18.01.2012	788KB	9.0.30729 Unbekannt
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161	Microsoft Corporation	26.01.2012	788KB	9.0.30729.6161 Unbekannt
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	18.01.2012	596KB	9.0.30729 Unbekannt
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148	Microsoft Corporation	05.02.2012	224KB	9.0.30729.4148  Unbekannt
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161	Microsoft Corporation	26.01.2012	600KB	9.0.30729.6161 Unbekannt
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219	Microsoft Corporation	11.06.2013	1,28MB	10.0.40219  Unbekannt
Microsoft Visual Studio Tools for Applications 2.0 - ENU	Microsoft Corporation	20.12.2012	211MB	9.0.30729  Unbekannt
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU	Microsoft Corporation	18.12.2012	96,0MB	9.0.30729  Unbekannt
Microsoft Visual Studio Tools for Applications 2.0 Runtime	Microsoft Corporation	18.12.2012	158KB	9.0.30729  Unbekannt
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU	Microsoft Corporation	18.12.2012	226KB	9.0.30729  Unbekannt
Mozilla Firefox 17.0.1 (x86 de)	Mozilla	01.12.2012	80,6MB	17.0.1  Notwendig
Mozilla Maintenance Service	Mozilla	01.12.2012	216KB	17.0.1  Notwendig
MSXML 4.0 SP3 Parser	Microsoft Corporation	06.09.2011	1,47MB	4.30.2100.0                         Unbekannt
MSXML 4.0 SP3 Parser (KB2721691)	Microsoft Corporation	12.07.2012	1,53MB	4.30.2114.0         Unbekannt
MSXML 4.0 SP3 Parser (KB2758694)	Microsoft Corporation	09.01.2013	1,54MB	4.30.2117.0	    Unbekannt	
MSXML 4.0 SP3 Parser (KB973685)	Microsoft Corporation	18.01.2012	1,53MB	4.30.2107.0  		    Unbekannt
Nokia Connectivity Cable Driver	Nokia	03.02.2013	3,96MB	7.1.101.0				Notwendig
Nokia Suite	Nokia	04.02.2013		3.7.22.0						Notwendig
Notepad++		29.01.2013		6.2.3							Notwendig
NVIDIA 3D Vision Treiber 268.31	NVIDIA Corporation	18.01.2012		268.31			Notwendig
NVIDIA Grafiktreiber 268.31	NVIDIA Corporation	18.01.2012		268.31			Notwendig
NVIDIA HD-Audiotreiber 1.3.18.0	NVIDIA Corporation	22.04.2013		1.3.18.0		Notwendig
NVIDIA PhysX-Systemsoftware 9.10.0514	NVIDIA Corporation	18.01.2012		9.10.0514	Notwendig
PC Connectivity Solution	Nokia	03.02.2013	21,2MB	12.0.76.0				Notwendig
PC Performer	PerformerSoft LLC	11.06.2013	11,8MB	11.10					? Notwendig
PMB	Sony Corporation	06.09.2011	282MB	5.5.02.12220					Unbekannt
Ravensburger tiptoi		01.12.2012								Notwendig
Realtek PCIE Card Reader	Realtek Semiconductor Corp.	06.09.2011		6.1.7600.77	Notwendig
Security Task Manager 1.8g	Neuber Software	11.06.2013		1.8g				Unnötig
Skype™ 6.1	Skype Technologies S.A.	09.03.2013	21,1MB	6.1.129					Notwendig
VAIO - Media Gallery	Sony Corporation	06.09.2011		1.5.0.16020			Unnötig
VAIO - PMB VAIO Edition Guide	Sony Corporation	06.09.2011	72,3MB	1.6.00.06030		? Unnötig
VAIO - PMB VAIO Edition Plug-in	Sony Corporation	06.09.2011	193MB	1.6.00.06140		? Unnötig
VAIO - Remote Play mit PlayStation®3	Sony Corporation	06.09.2011		1.1.0.15070	Unnötig
VAIO - Remote-Tastatur	Sony Corporation	06.09.2011		1.0.1.03020			Unbekannt
VAIO Care	Sony Corporation	10.02.2013	139MB	8.1.0.10120				?
VAIO Control Center	Sony Corporation	06.09.2011		4.5.0.03040			?	
VAIO Data Restore Tool	Sony Corporation	06.09.2011		1.6.0.13140			?
VAIO Easy Connect	Sony Corporation	14.03.2012	14,6MB	1.1.2.01120			?
VAIO Event Service	Sony Corporation	06.09.2011		5.5.0.03040			?
VAIO Gate	Sony Corporation	17.09.2012		2.4.2.02200				?
VAIO Gate Default	Sony Corporation	06.09.2011		2.4.0.03240			?
VAIO Hero Screensaver - Summer 2011 Screensaver		24.12.2011					?
VAIO Improvement	Sony Corporation	06.09.2011		1.0.0.14150			?
VAIO Improvement Validation	Sony Corporation	06.09.2011	496KB	1.0.4.01190		?
VAIO Quick Web Access	Sony Corporation	06.09.2011	334MB	1.4.5.3				?
VAIO Sample Contents	Sony Corporation	06.09.2011		1.4.2.09010			?
VAIO Smart Network	Sony Corporation	18.01.2012		3.8.0.08120			?
VAIO Update	Sony Corporation	07.02.2013		6.1.1.10250				?
VAIO-Handbuch	Sony Corporation	06.09.2011		2.0.0.02250				?
VAIO-Support für Übertragungen	Sony Corporation	06.09.2011		1.4.0.14230		?
Windows Live Essentials	Microsoft Corporation	06.09.2011		16.4.3505.0912			Notwendig
Windows Media Player Firefox Plugin	Microsoft Corp	19.01.2012	296KB	1.0.0.8			Notwendig
Windows Mobile-Gerätecenter	Microsoft Corporation	31.01.2012	27,4MB	6.1.6965.0		Unbekannt
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0)	Nokia	04.02.2013		05/31/2012 7.1.2.0  ?Notwendig
WinRAR 4.20 (32-Bit)	win.rar GmbH	23.07.2012		4.20.0					Notwendig
WinZip 16.5	WinZip Computing, S.L. 	26.05.2012	70,5MB	16.5.10095				Notwendig
xp-AntiSpy 3.98-2	Christian Taubenheim	11.06.2013						Notwendig
Zotero Standalone 4.0.8 (x86 en-US)	Zotero	07.05.2013	55,4MB	4.0.8					Notwendig
         

Alt 12.06.2013, 21:19   #15
markusg
/// Malware-holic
 
Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen? - Standard

Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen?



deinstaliere:
Adobe AIR
deinstaliere:
Adobe Flash Player alle
Adobe - Adobe Flash Player installieren
neueste version laden, instalieren.
adobe reader öffnen, bearbeiten, voreinstellungen.
allgemein:
nur zertifizierte zusatz module verwenden, anhaken.
Sicherheit (erweitert)
Erweiterte Sicherheit anhaken
und alle Dateien auswählen.
internet:
hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc.
es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht.
bei javascript den haken bei java script verwenden raus nehmen
bei updater, automatisch instalieren wählen.
übernehmen /ok

deinstaliere:

ArcSoft : alle
Arovax kann man drauf verzichten
orel
DivX
Java(TM) 6
PC Performer weg mit dem misst, erstens bringen solche "optimierungstools" nichts,
2. wird der hier noch als adware angeprangert
Security Task
Öffne CCleaner, analysieren, starten, pc neustarten
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen?
anderen, ccleaner, deinstallieren, eingefangen, exp/2012-1723.es, exp/4681.ag, exp/dldr.java.o, fehlermeldung, java/agent.mt, java/agent.ns, java/agent.nt, java/agent.nu, java/agent.nv, java/agent.nw, java/agent.nx, java/dldr.lamar.ky, keine verbindung, malwarebytes, nicht mehr, pup.installbrain, verbindung, webseiten



Ähnliche Themen: Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen?


  1. Windows 8 (.1 ?) - Erst Werbung, dann Programme mit angeblich gefundene Probleme - Mittlerweile geht nichts mehr!
    Log-Analyse und Auswertung - 09.05.2015 (7)
  2. Windows 7 - Zuerst immer neue Tabs mit "BKA Trojaner", dann immer S*xseiten in Browser Adressleiste
    Log-Analyse und Auswertung - 03.01.2015 (13)
  3. Zuerst QVO6 eingefangen, danach Buildt 7601-Meldung
    Log-Analyse und Auswertung - 21.08.2013 (17)
  4. Bluescreen beim Anmelden, dann Neustart, dann ist Avast deaktiviert
    Log-Analyse und Auswertung - 09.08.2013 (7)
  5. Zuerst avast Warnung wegen win32:evo-gen susp, dann hat Malwarebytes 2 infizierte Dateien gefunden
    Plagegeister aller Art und deren Bekämpfung - 06.08.2013 (9)
  6. Zuerst Malware per Avira gefunden und dann PUP.Blabbers - was tun?
    Plagegeister aller Art und deren Bekämpfung - 09.04.2013 (32)
  7. Zuerst Avira Trojaner-Meldung, dann PUP.Blabbers - was tun?
    Plagegeister aller Art und deren Bekämpfung - 05.04.2013 (1)
  8. Zuerst Polizei/Österreich Trojaner dann SpyHunter4
    Plagegeister aller Art und deren Bekämpfung - 12.02.2013 (13)
  9. Avast bösartige Webseite geblockt! URL:Mal
    Plagegeister aller Art und deren Bekämpfung - 02.11.2012 (2)
  10. Suisa Virus eingefangen, avast lässt sich nicht mehr starten, alles versucht ausser euer Vorgehen
    Plagegeister aller Art und deren Bekämpfung - 02.09.2012 (3)
  11. Zuerst Live Security Platinum, dann TR/ATRAPS.GEN2
    Log-Analyse und Auswertung - 18.08.2012 (25)
  12. Mit Hijack gefixed, und dann traten mehr Probleme auf
    Log-Analyse und Auswertung - 29.01.2012 (1)
  13. Zuerst unzählige Trojaner-Warnungen dann Festplatte nicht erkannt, dann schwarzer bildschirm
    Log-Analyse und Auswertung - 13.05.2011 (9)
  14. Zunächst Vista Antispyware auf dem Rechner, dann nach Neustart keine Programme mehr zu öffnen
    Plagegeister aller Art und deren Bekämpfung - 25.04.2011 (27)
  15. dhm.scr geladen, dann ausgeführt ("Testen"), Norton SONAR stoppt und löscht, was nun?
    Mülltonne - 24.05.2010 (2)
  16. Zuerst Virenmeldung ... danach nur mehr schwarzer Bildschirm!
    Plagegeister aller Art und deren Bekämpfung - 05.02.2010 (1)
  17. erst Probleme mit Wlan, dann Firefox, jetzt kann ich keinen VIrencaner mehr... hmmmm
    Mülltonne - 19.09.2007 (1)

Zum Thema Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen? - Hallo, seit gestern nachmittag habe ich Probleme mit meinem Laptop. Zuvor funktionierte alles ganz normal, nach dem ich ihn auf der Arbeit heruntergefahren habe und zu Hause wieder angeschaltet hab, - Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen?...
Archiv
Du betrachtest: Zuerst keine Webseite mehr geladen, dann Probleme mit Avast - hab ich mir was eingefangen? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.