Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Windows 8: Datenträger 0 (C:) ständig auf 100% Leistung und Laptop sehr langsam. (https://www.trojaner-board.de/166672-windows-8-datentraeger-0-c-staendig-100-leistung-laptop-sehr-langsam.html)

dan4550 05.05.2015 02:33
Windows 8: Datenträger 0 (C:) ständig auf 100% Leistung und Laptop sehr langsam.
 
liebe Foren-Mitglieder,
seitdem jemand meinen Laptop für you**rn genutzt und dabei "adblock" ausgeschaltet hat, ist mein Laptop sehr langsam. Er braucht z.B. plötzlich ewig, um den Task-Mananger oder diverse Internet-Seiten zu öffnen.
Und wenn ich im Task-Manager auf "Leistung" klicke, sehe ich, dass die Festplatten-Leistung ständig bei 100% liegt und dass ein Schreibvorgang auf die Festplatte im Gange ist.

Malwarebytes hat beim Scan 2 Bedrohungen entdeckt.
Jetzt gerade im Moment ist die Festplatten-Leistung im Task-Manager plötzlich wieder sehr gering.

Die Log-Files habe ich alle erstellt.

Für Hilfe wäre ich sehr dankbar.
Grüße Daniel

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 05.05.2015
Suchlauf-Zeit: 12:13:32 AM
Logdatei: hjhj.txt
Administrator: Ja

Version: 2.01.4.1018
Malware Datenbank: v2015.05.04.06
Rootkit Datenbank: v2015.04.21.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: dd

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 426046
Verstrichene Zeit: 26 Min, 47 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 1
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-1182488276-301210562-3317401335-1004\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SearchProtect, In Quarantäne, [d3d3bad5d6b4c17582d5065cba4be11f],

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 1
PUP.Optional.EZDownloader.A, C:\Users\dd\AppData\Local\Temp\9A60\temp\BIT3470.tmp, In Quarantäne, [5c4a8a05d9b1c37307d8170aa55b0df3],

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 02:44 on 05/05/2015 (dd)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2015
Ran by dd (administrator) on DOROTHEA on 05-05-2015 02:48:08
Running from C:\Users\dd\Desktop
Loaded Profiles: dd (Available profiles: Dorothea Röger & dd & Administrator)
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(McAfee, Inc.) C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-10-10] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-10-23] (Synaptics Incorporated)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-04] (Intel Corporation)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [129664 2012-12-28] (Atheros Communications)
HKU\S-1-5-21-1182488276-301210562-3317401335-1004\...\Run: [Facebook Update] => C:\Users\dd\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-12-20] (Facebook Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Parental Controls.lnk [2013-05-09]
ShortcutTarget: McAfee Parental Controls.lnk -> C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-04-18]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2015-04-10]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
Startup: C:\Users\dd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Audials One 12.lnk [2015-04-08]
ShortcutTarget: Audials One 12.lnk -> C:\ProgramData\{18cb70ed-fbb3-231a-18cb-b70edfbbc3b7}\Audials One 12.exe (No File)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1182488276-301210562-3317401335-1004\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKU\S-1-5-21-1182488276-301210562-3317401335-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2014-04-25] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2014-04-25] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\tg2jj20g.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-18] ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll [2013-05-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-05-09] (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2014-04-25] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-05-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-05-09] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2014-04-25] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-07] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1182488276-301210562-3317401335-1004: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\dd\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Extension: Adblock Plus - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\tg2jj20g.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-10]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-05-09]
FF HKU\S-1-5-21-1182488276-301210562-3317401335-1004\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Translate) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-05-02]
CHR Extension: (Google Slides) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-07]
CHR Extension: (Google Docs) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-07]
CHR Extension: (Google Drive) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-07]
CHR Extension: (YouTube) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-07]
CHR Extension: (Adblock Plus) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-04-07]
CHR Extension: (Google Search) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-07]
CHR Extension: (Grooveshark Germany unlocker) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejcnhmeicafddjdaeecddemnhnomiaai [2015-04-07]
CHR Extension: (Disable Youtube™ HTML5 Player) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\enmofgaijnbjpblfljopnpdogpldapoc [2015-04-18]
CHR Extension: (Google Sheets) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-07]
CHR Extension: (Hola Better Internet) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-04-25]
CHR Extension: (Bookmark Manager) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-17]
CHR Extension: (New Tab Redirect) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2015-04-07]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-17]
CHR Extension: (Google Wallet) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-07]
CHR Extension: (Gmail) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-07]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros Commnucations) [File not signed]
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.)
S2 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McSchedulerSvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
S3 mfeicfcoreocp; C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe [2782392 2013-12-31] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [639576 2013-05-10] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16024 2015-01-31] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-28] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-28] (Qualcomm Atheros)
R3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [428008 2012-12-28] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-23] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-05 02:48 - 2015-05-05 02:48 - 00024172 _____ () C:\Users\dd\Desktop\FRST.txt
2015-05-05 02:47 - 2015-05-05 02:48 - 00000000 ____D () C:\FRST
2015-05-05 02:46 - 2015-05-05 02:46 - 02101248 _____ (Farbar) C:\Users\dd\Desktop\FRST64.exe
2015-05-05 02:43 - 2015-05-05 02:44 - 00000466 _____ () C:\Users\dd\Desktop\defogger_disable.log
2015-05-05 02:43 - 2015-05-05 02:43 - 00000000 _____ () C:\Users\dd\defogger_reenable
2015-05-05 02:41 - 2015-05-05 02:41 - 00050477 _____ () C:\Users\dd\Desktop\Defogger.exe
2015-05-05 00:54 - 2015-05-05 00:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-05-05 00:47 - 2015-05-05 00:47 - 00001456 _____ () C:\Users\dd\Desktop\hjhj.txt
2015-05-02 14:46 - 2015-05-02 14:46 - 00037000 _____ () C:\Users\dd\Desktop\stop-looking-at-my-ass-pervert_o_243487.webp
2015-04-30 06:00 - 2015-04-30 06:00 - 00002401 _____ () C:\Users\dd\Desktop\Market Leader Upper-Intermediate 3rd Edition.lnk
2015-04-30 06:00 - 2015-04-30 06:00 - 00000000 __SHD () C:\Windows\ftpcache
2015-04-30 06:00 - 2015-04-30 06:00 - 00000000 ___HD () C:\Program Files (x86)\InstallJammer Registry
2015-04-30 05:58 - 2015-04-30 05:58 - 00000000 ____D () C:\Users\dd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pearson
2015-04-30 05:47 - 2015-04-30 05:47 - 00000000 ____D () C:\Program Files (x86)\Pearson
2015-04-27 20:30 - 2015-04-27 20:30 - 00000252 _____ () C:\Users\dd\Downloads\150424_kraftklub_kw18.mp3.pls
2015-04-24 20:20 - 2015-04-24 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-04-24 20:20 - 2015-04-24 20:20 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2015-04-24 17:09 - 2015-04-24 17:09 - 00264705 _____ () C:\Users\dd\Desktop\photo (2).htm
2015-04-24 17:08 - 2015-04-24 17:08 - 00299318 _____ () C:\Users\dd\Desktop\photo (1).htm
2015-04-24 17:07 - 2015-04-24 17:07 - 00290525 _____ () C:\Users\dd\Desktop\photo.htm
2015-04-23 20:19 - 2015-04-23 20:19 - 00000000 ____D () C:\Program Files\Sony Corporation
2015-04-23 20:15 - 2015-04-23 20:15 - 00003124 _____ () C:\Windows\System32\Tasks\USER_ESRV_SVC
2015-04-23 20:15 - 2015-04-23 20:15 - 00000000 ____D () C:\Users\dd\AppData\Roaming\iolo
2015-04-23 20:15 - 2015-04-23 20:11 - 00013792 _____ () C:\Windows\system32\Drivers\semav6thermal64ro.sys
2015-04-23 20:14 - 2015-04-23 20:14 - 00002044 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care (Desktop).lnk
2015-04-23 20:14 - 2015-04-23 20:14 - 00000000 __RHD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
2015-04-23 19:54 - 2015-04-23 19:54 - 00000982 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2015-04-21 20:05 - 2015-04-21 20:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-18 13:07 - 2015-04-18 13:07 - 00000000 ____D () C:\Users\dd\AppData\Local\Macromedia
2015-04-18 13:05 - 2015-05-05 01:03 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-18 13:05 - 2015-04-24 20:20 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2015-04-18 13:05 - 2015-04-18 13:05 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-16 18:51 - 2015-03-23 07:19 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-16 18:51 - 2015-03-23 07:17 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-16 18:51 - 2015-03-23 07:17 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-16 18:51 - 2015-03-23 07:17 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-16 18:51 - 2015-03-23 07:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-16 18:51 - 2015-03-23 07:17 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-16 18:51 - 2015-03-23 00:04 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-16 18:51 - 2015-03-14 10:07 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-16 18:51 - 2015-03-14 08:33 - 00891904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-04-16 17:03 - 2015-02-24 09:58 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-16 17:02 - 2015-03-17 09:00 - 06971712 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-16 17:02 - 2015-03-17 08:52 - 01822696 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-16 17:02 - 2015-03-17 06:45 - 01409496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-16 17:02 - 2015-03-10 07:28 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-16 17:02 - 2015-03-10 07:28 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-16 17:02 - 2015-03-10 07:28 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-16 17:02 - 2015-03-10 07:27 - 19292672 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-16 17:02 - 2015-03-10 07:27 - 15409152 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-16 17:02 - 2015-03-10 07:27 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-16 17:02 - 2015-03-10 07:27 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-04-16 17:02 - 2015-03-10 07:27 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-16 17:02 - 2015-03-10 07:27 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-16 17:02 - 2015-03-10 05:49 - 14373376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-16 17:02 - 2015-03-10 05:49 - 02864640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-16 17:02 - 2015-03-10 05:49 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-16 17:02 - 2015-03-10 05:49 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-16 17:02 - 2015-03-10 05:49 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-04-16 17:02 - 2015-03-10 05:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-16 17:02 - 2015-03-10 05:49 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-16 17:02 - 2015-03-10 05:49 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-16 17:02 - 2015-03-10 05:48 - 13767680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-16 17:02 - 2015-03-04 09:29 - 00361280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-04-16 17:02 - 2015-03-04 08:39 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-16 17:02 - 2015-03-04 06:52 - 00057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-16 12:02 - 2015-04-16 12:04 - 00000000 ____D () C:\Users\dd\Desktop\Buchführung
2015-04-14 11:14 - 2015-04-14 11:14 - 00410945 _____ () C:\Users\dd\Downloads\Tut_UMV_SS10.zip
2015-04-13 08:29 - 2015-04-13 08:29 - 00046759 _____ () C:\Users\dd\Downloads\data.xml
2015-04-13 08:29 - 2015-04-13 08:29 - 00015492 _____ () C:\Users\dd\Downloads\form
2015-04-10 09:12 - 2015-04-10 09:12 - 00561677 _____ () C:\Users\dd\Desktop\bookmark.htm
2015-04-10 09:01 - 2015-04-10 09:01 - 00000403 _____ () C:\Windows\ODBC.INI
2015-04-10 09:01 - 2015-04-10 09:01 - 00000035 _____ () C:\Windows\vbaddin.ini
2015-04-10 09:01 - 2015-04-10 09:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verwaltung
2015-04-10 09:00 - 2015-04-10 09:00 - 00002715 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Excel.lnk
2015-04-10 09:00 - 2015-04-10 09:00 - 00002703 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft PowerPoint.lnk
2015-04-10 09:00 - 2015-04-10 09:00 - 00002687 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft FrontPage.lnk
2015-04-10 09:00 - 2015-04-10 09:00 - 00002675 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Word.lnk
2015-04-10 09:00 - 2015-04-10 09:00 - 00002635 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Access.lnk
2015-04-10 09:00 - 2015-04-10 09:00 - 00002619 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Office-Dokument öffnen.lnk
2015-04-10 09:00 - 2015-04-10 09:00 - 00002615 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Neues Office-Dokument.lnk
2015-04-10 09:00 - 2015-04-10 09:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2015-04-10 08:59 - 2015-04-10 08:59 - 00000000 ____D () C:\Windows\Msagent
2015-04-10 08:59 - 2015-04-10 08:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft FrontPage
2015-04-09 23:57 - 2015-04-24 23:34 - 00000000 ____D () C:\Users\dd\Desktop\Neuer Ordner (2)
2015-04-09 23:31 - 2015-04-09 23:31 - 00000000 ____D () C:\Users\dd\AppData\Roaming\Mozilla
2015-04-09 23:31 - 2015-04-09 23:31 - 00000000 ____D () C:\Users\dd\AppData\Local\Mozilla
2015-04-09 23:28 - 2015-04-23 19:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-09 23:28 - 2015-04-09 23:28 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-09 23:28 - 2015-04-09 23:28 - 00000000 ____D () C:\ProgramData\Mozilla
2015-04-09 21:03 - 2015-04-09 21:03 - 00000000 ____D () C:\Users\dd\Neuer Ordner
2015-04-09 21:02 - 2015-04-09 21:02 - 00000000 ____D () C:\Users\dd\Documents\Scripts
2015-04-09 21:02 - 2015-04-09 21:02 - 00000000 ____D () C:\Users\dd\Documents\images
2015-04-09 21:02 - 2015-04-09 21:02 - 00000000 ____D () C:\Users\dd\Documents\css
2015-04-09 21:02 - 2015-04-09 21:02 - 00000000 ____D () C:\Users\dd\Documents\_locales
2015-04-09 21:02 - 2015-03-16 20:30 - 00001293 _____ () C:\Users\dd\Documents\manifest.json
2015-04-09 21:01 - 2015-04-09 21:01 - 01376768 _____ () C:\Users\dd\Downloads\7z920-x64.msi
2015-04-09 21:01 - 2015-04-09 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-04-09 21:00 - 2015-04-09 21:00 - 00180982 _____ () C:\Users\dd\Downloads\GroovesharkDownloader.zip
2015-04-09 20:38 - 2015-04-09 20:38 - 01203488 _____ () C:\Users\dd\Downloads\Firefox - CHIP-Installer.exe
2015-04-09 20:19 - 2015-04-09 20:20 - 16567520 _____ (Philipp Schmieder Medien ) C:\Users\dd\Downloads\clipgrab-3.4.9.exe
2015-04-09 20:06 - 2015-04-09 20:07 - 01203488 _____ () C:\Users\dd\Downloads\Classic Shell - CHIP-Installer.exe
2015-04-09 19:53 - 2015-04-09 19:53 - 00278488 _____ () C:\Windows\Minidump\040915-32500-01.dmp
2015-04-09 19:40 - 2015-04-09 19:40 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2015-04-09 19:05 - 2015-04-09 19:46 - 00000000 _____ () C:\Windows\Model.log
2015-04-09 18:46 - 2015-04-09 18:46 - 00000000 ____D () C:\Users\dd\AppData\Roaming\Spotify
2015-04-09 18:29 - 2015-04-09 20:11 - 00000000 ____D () C:\ProgramData\ClassicShell
2015-04-09 18:29 - 2015-04-09 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2015-04-09 17:58 - 2015-04-09 20:51 - 00000000 ____D () C:\AudacityPortable
2015-04-09 16:04 - 2015-04-09 16:04 - 00000000 ____D () C:\Users\dd\Documents\Neuer Ordner
2015-04-09 15:53 - 2015-04-09 21:01 - 00000000 ____D () C:\Program Files\7-Zip
2015-04-09 14:58 - 2015-05-05 00:48 - 00000000 ____D () C:\Users\dd\AppData\Roaming\ClassicShell
2015-04-09 14:57 - 2015-04-09 20:08 - 00000000 ____D () C:\Program Files\Classic Shell
2015-04-09 12:53 - 2015-04-09 19:19 - 00000000 ____D () C:\Program Files (x86)\bestadblocker
2015-04-09 12:52 - 2015-04-09 19:19 - 00000000 ____D () C:\ProgramData\dpjmahebnogcclmemjfpppkoebfbnjnp
2015-04-09 12:52 - 2015-04-09 19:19 - 00000000 ____D () C:\Program Files (x86)\SaulePlus
2015-04-09 12:43 - 2015-04-09 19:19 - 00000000 ____D () C:\ProgramData\{4d1e6255-623a-349b-4d1e-e62556238955}
2015-04-09 12:40 - 2015-04-09 20:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClipGrab
2015-04-09 12:40 - 2015-04-09 20:21 - 00000000 ____D () C:\Program Files (x86)\ClipGrab
2015-04-09 12:36 - 2015-04-09 12:36 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio
2015-04-09 12:33 - 2015-04-09 12:33 - 00000000 ____D () C:\Users\dd\AppData\Roaming\Microsoft Web Folders
2015-04-08 15:54 - 2015-04-24 01:18 - 00000000 ____D () C:\Users\dd\AppData\Roaming\vlc
2015-04-08 15:53 - 2015-04-09 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-04-08 15:53 - 2015-04-08 15:53 - 00000000 ____D () C:\Program Files\VideoLAN
2015-04-08 14:25 - 2015-05-05 00:13 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-08 14:25 - 2015-04-09 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-08 14:25 - 2015-04-08 14:25 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-08 14:25 - 2015-04-08 14:25 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-08 14:25 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-08 14:25 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-08 14:25 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-08 14:05 - 2015-04-09 20:52 - 00000000 ____D () C:\ProgramData\18061483429812477594
2015-04-08 14:05 - 2015-04-08 15:07 - 00000000 ____D () C:\Program Files (x86)\SalePelus
2015-04-08 14:04 - 2015-04-08 15:07 - 00000000 ____D () C:\ProgramData\{18cb70ed-fbb3-231a-18cb-b70edfbbc3b7}
2015-04-08 13:40 - 2015-04-08 13:40 - 00000000 ____D () C:\Users\dd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No23 Recorder
2015-04-08 13:40 - 2015-04-08 13:40 - 00000000 ____D () C:\Users\dd\AppData\Local\No23 Recorder
2015-04-08 02:34 - 2015-04-08 02:34 - 00000000 ____D () C:\Users\dd\AppData\Roaming\Apowersoft
2015-04-08 02:24 - 2015-04-08 02:24 - 00000000 ____D () C:\Users\dd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AudioSuite
2015-04-08 02:24 - 2015-04-08 02:24 - 00000000 ____D () C:\AudioSuite
2015-04-08 02:13 - 2015-04-08 02:13 - 00000000 ____D () C:\Users\dd\Documents\Streaming Audio Recorder
2015-04-08 01:05 - 2015-04-09 20:17 - 00001489 _____ () C:\Users\dd\AppData\Local\RecConfig.xml
2015-04-08 00:11 - 2015-04-08 00:11 - 00000000 ____D () C:\Users\dd\.cache
2015-04-08 00:06 - 2015-04-08 00:06 - 00002989 _____ () C:\Users\dd\Desktop\MP3 - Verknüpfung.lnk
2015-04-07 23:43 - 2015-04-07 23:43 - 00000000 ____D () C:\Users\dd\Documents\Any Video Converter
2015-04-07 23:43 - 2015-04-07 23:43 - 00000000 ____D () C:\Users\dd\AppData\Roaming\Anvsoft
2015-04-07 23:42 - 2015-04-07 23:42 - 00000000 ____D () C:\Program Files (x86)\Anvsoft
2015-04-07 23:02 - 2015-04-09 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-04-07 23:02 - 2015-04-07 23:02 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-04-07 23:02 - 2015-04-07 23:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-04-07 22:44 - 2015-04-09 20:51 - 00000000 ____D () C:\Program Files\Adblock Plus for IE
2015-04-07 18:39 - 2015-04-09 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-07 18:34 - 2015-05-05 02:39 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-07 18:34 - 2015-05-05 00:49 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-07 18:34 - 2015-04-07 18:39 - 00000000 ____D () C:\Program Files (x86)\Google
2015-04-07 18:34 - 2015-04-07 18:34 - 00003880 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-04-07 18:34 - 2015-04-07 18:34 - 00003644 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-04-07 17:44 - 2015-04-09 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GrabIt
2015-04-07 17:44 - 2015-04-07 17:44 - 00000979 _____ () C:\Users\dd\Desktop\GrabIt.lnk
2015-04-07 17:44 - 2015-04-07 17:44 - 00000000 ____D () C:\Program Files (x86)\GrabIt
2015-04-07 17:33 - 2015-04-07 17:43 - 01387407 _____ () C:\Users\dd\Desktop\NEUQ1-2015 MN78.nzb
2015-04-07 16:19 - 2015-04-07 19:04 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-04-07 16:18 - 2015-04-09 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NAVIGON
2015-04-07 16:18 - 2015-04-07 16:18 - 00001333 _____ () C:\Users\Public\Desktop\NAVIGON Fresh.lnk
2015-04-07 16:17 - 2015-04-07 16:17 - 00000000 ____D () C:\Program Files (x86)\NAVIGON

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-05 02:48 - 2013-05-09 00:38 - 00000000 ____D () C:\ProgramData\MOCP
2015-05-05 02:43 - 2014-09-05 00:47 - 00000000 ____D () C:\Users\dd
2015-05-05 02:34 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2015-05-05 02:32 - 2013-05-08 23:24 - 01811926 _____ () C:\Windows\WindowsUpdate.log
2015-05-05 01:30 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2015-05-05 01:00 - 2014-09-05 13:18 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1182488276-301210562-3317401335-1004
2015-05-05 00:49 - 2012-08-03 04:22 - 00025214 _____ () C:\Windows\PFRO.log
2015-05-05 00:49 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-05 00:04 - 2012-07-26 07:26 - 00524288 ___SH () C:\Windows\system32\config\BBI
2015-05-04 23:33 - 2013-09-16 22:59 - 00000000 ____D () C:\Update
2015-05-04 23:32 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-05-04 23:22 - 2014-12-20 00:17 - 00000934 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1182488276-301210562-3317401335-1004UA.job
2015-05-04 23:22 - 2014-12-20 00:17 - 00000912 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1182488276-301210562-3317401335-1004Core.job
2015-05-03 07:26 - 2015-03-22 21:38 - 00000000 ____D () C:\Users\dd\Desktop\Neuer Ordner
2015-05-01 13:14 - 2013-05-09 00:14 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2015-05-01 13:14 - 2013-05-09 00:14 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2015-05-01 13:14 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-01 09:32 - 2014-09-08 09:49 - 00000000 ____D () C:\Users\dd\AppData\Local\CrashDumps
2015-04-24 00:00 - 2013-05-09 01:31 - 00000000 ____D () C:\ProgramData\iolo
2015-04-23 20:24 - 2013-05-09 00:26 - 00000000 ____D () C:\Documentation
2015-04-23 20:19 - 2013-05-08 23:58 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-04-23 20:14 - 2013-05-09 00:15 - 00000000 ____D () C:\Program Files (x86)\Sony
2015-04-23 19:54 - 2013-05-09 00:15 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation
2015-04-23 19:54 - 2013-05-09 00:15 - 00000000 ____D () C:\Program Files\Sony
2015-04-23 19:54 - 2013-05-09 00:12 - 00000000 ____D () C:\ProgramData\Sony Corporation
2015-04-19 14:26 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AppCompat
2015-04-18 13:06 - 2014-09-08 08:04 - 00000000 ____D () C:\Users\dd\AppData\Local\Adobe
2015-04-17 22:05 - 2015-03-18 09:29 - 00319720 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-17 12:28 - 2014-12-11 17:08 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-17 12:28 - 2014-09-09 11:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-17 12:28 - 2014-09-05 23:05 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-17 12:13 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2015-04-17 12:01 - 2014-09-05 23:05 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-14 00:07 - 2015-02-06 16:20 - 00791520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 00:07 - 2015-02-06 16:20 - 00177632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-10 09:01 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\Help
2015-04-10 09:00 - 2012-07-26 10:12 - 00000000 __RSD () C:\Windows\Media
2015-04-10 08:59 - 2012-07-26 09:52 - 00000000 ____D () C:\Windows\ShellNew
2015-04-10 08:57 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\System
2015-04-09 20:52 - 2014-09-05 00:47 - 00000000 ____D () C:\Users\Dorothea Röger
2015-04-09 20:52 - 2013-05-09 00:49 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-04-09 20:52 - 2013-05-09 00:42 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 8
2015-04-09 20:52 - 2013-05-09 00:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Parental Controls
2015-04-09 20:52 - 2013-05-09 00:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel AppUp(R) center
2015-04-09 20:52 - 2013-05-09 00:35 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
2015-04-09 20:52 - 2013-05-09 00:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home
2015-04-09 20:52 - 2013-05-09 00:04 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-04-09 20:52 - 2013-05-08 23:58 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-04-09 20:52 - 2012-08-03 04:24 - 00000000 ____D () C:\Users\Administrator
2015-04-09 20:52 - 2012-07-26 10:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-09 20:52 - 2012-07-26 10:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-09 20:52 - 2012-07-26 10:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-04-09 20:52 - 2012-07-26 10:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-04-09 20:51 - 2013-05-08 23:58 - 00000000 ___HD () C:\Program Files (x86)\Temp
2015-04-09 20:51 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\registration
2015-04-09 20:50 - 2012-07-26 07:38 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-04-09 19:53 - 2015-02-23 19:30 - 00000000 ____D () C:\Windows\Minidump
2015-04-09 19:53 - 2015-02-23 19:29 - 313708124 _____ () C:\Windows\MEMORY.DMP
2015-04-08 02:13 - 2014-09-05 00:49 - 00000000 ____D () C:\Users\dd\AppData\Local\VirtualStore
2015-04-07 18:39 - 2014-12-13 09:58 - 00000000 ____D () C:\Users\dd\AppData\Local\Google
2015-04-07 18:34 - 2014-12-13 09:58 - 00000000 ____D () C:\Users\dd\AppData\Local\Deployment
2015-04-07 16:21 - 2012-07-26 09:21 - 00356228 _____ () C:\Windows\setupact.log
2015-04-07 15:51 - 2013-05-09 00:34 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-04-07 10:06 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\NDF

==================== Files in the root of some directories =======

2006-12-11 19:13 - 2006-12-11 19:13 - 0097336 _____ (Un4seen Developments) C:\Users\dd\AppData\Local\bass.dll
2006-12-11 19:13 - 2006-12-11 19:13 - 0013872 _____ (Un4seen Developments) C:\Users\dd\AppData\Local\basscd.dll
2007-08-13 17:46 - 2007-08-13 17:46 - 0102912 _____ (Albert L Faber) C:\Users\dd\AppData\Local\CDRip.dll
2007-08-13 17:46 - 2007-08-13 17:46 - 0155136 _____ () C:\Users\dd\AppData\Local\lame_enc.dll
2007-01-18 21:09 - 2007-01-18 21:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\dd\AppData\Local\No23 Recorder.exe
2005-08-23 22:34 - 2005-08-23 22:34 - 0029184 _____ () C:\Users\dd\AppData\Local\no23xwrapper.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 0015872 _____ () C:\Users\dd\AppData\Local\ogg.dll
2015-04-08 01:05 - 2015-04-09 20:17 - 0001489 _____ () C:\Users\dd\AppData\Local\RecConfig.xml
2015-04-08 14:14 - 2015-04-08 14:14 - 0011772 _____ () C:\Users\dd\AppData\Local\Temp-log.txt
2006-10-26 01:06 - 2006-10-26 01:06 - 0143872 _____ () C:\Users\dd\AppData\Local\vorbis.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 0064000 _____ () C:\Users\dd\AppData\Local\vorbisenc.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 0019456 _____ () C:\Users\dd\AppData\Local\vorbisfile.dll
2015-04-09 19:40 - 2015-04-09 19:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\dd\AppData\Local\Temp\tmpA2FB.tmp.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-28 11:27

==================== End Of Log ============================

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2015
Ran by dd at 2015-05-05 02:49:07
Running from C:\Users\dd\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1182488276-301210562-3317401335-500 - Administrator - Disabled) => C:\Users\Administrator
dd (S-1-5-21-1182488276-301210562-3317401335-1004 - Administrator - Enabled) => C:\Users\dd
Dorothea Röger (S-1-5-21-1182488276-301210562-3317401335-1001 - Administrator - Enabled) => C:\Users\Dorothea Röger
Gast (S-1-5-21-1182488276-301210562-3317401335-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1182488276-301210562-3317401335-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adblock Plus für IE (32-Bit- und 64-Bit) (HKLM\...\{C27EF409-FB69-451F-B996-DC853C25FCA2}) (Version: 1.4 - Eyeo GmbH)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Any Audio Converter 5.7.9 (HKLM-x32\...\Any Audio Converter) (Version: 5.7.9 - Anvsoft)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Build-a-lot: On Vacation (x32 Version: 2.2.0.110 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
ClipGrab 3.4.9 (HKLM-x32\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version:  - Philipp Schmieder Medien)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2126 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.5728.52 - CyberLink Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GrabIt 1.7.2 Beta 6 (build 1008) (HKLM-x32\...\GrabIt_is1) (Version:  - Ilan Shemes)
Heroes of Hellas 3: Athens (x32 Version: 3.0.2.32 - WildTangent) Hidden
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 41505) (Version: 3.8.0.41505.25 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2849 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 7 Update 9 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417009FF}) (Version: 7.0.90 - Oracle)
Java 7 Update 9 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217009FF}) (Version: 7.0.90 - Oracle)
KUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Luxor HD (x32 Version: 2.2.0.110 - WildTangent) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Market Leader Upper-Intermediate 3rd Edition (HKLM-x32\...\xxxxxxxxxxxxx-Pearson) (Version:  - Pearson Education)
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 12.8.988 - McAfee, Inc.)
McAfee Parental Controls (HKLM-x32\...\MOCP) (Version: 3.2.226.1 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office 2000 Premium (HKLM-x32\...\{00000407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2816 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
NAVIGON Fresh 3.5.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.5.1 - NAVIGON)
Networkx64 (Version: 1.0.0 - Sony Corporation) Hidden
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayMemories Home (HKLM-x32\...\{10DD6128-A810-4A90-9523-475D573FBB37}) (Version: 6.3.02.07270 - Sony Corporation)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.218 - Qualcomm Atheros Communications)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6695 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.28121 - Realtek Semiconductor Corp.)
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.16.2 - Synaptics Incorporated)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.3.2.07020 - Sony Corporation)
VAIO Care (HKLM\...\{EF649526-0134-46A8-8DF3-D7F9309E48DB}) (Version: 8.4.2.12046 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.1.0.10300 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.10.0.07270 - Sony Corporation)
VAIO Easy Connect (x32 Version: 8.2.0.14170 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{14AC95A2-7675-4988-A5BD-3F5B943AED08}) (Version: 3.0.0.08140 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 3.1.0.10240 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.1.0.10220 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.1.0.10220 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.0.00.08170 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.0.00.08170 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.1.0.10220 - Sony Corporation)
VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.0.1.10170 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.0.00.10170 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.0.00.10170 - Sony Corporation) Hidden
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VAIO*CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 3.0.0.08100 - Sony Corporation)
VAIO-Hardwarediagnose-Plugin für VAIO Care (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.7.0.11070 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32 - WildTangent) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WildTangent Games App (x32 Version: 4.0.9.7 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

16-04-2015 17:06:34 Windows Update
23-04-2015 19:52:47 Entfernt VAIO Update
30-04-2015 20:06:20 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0BB788AC-D3A5-4E76-B412-7E0819DEE94B} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {138F2CBB-E030-47B9-B2A0-0C891FC46792} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-12-03] (Sony Corporation)
Task: {1E985E5E-BA1B-4038-99B5-C5090F270456} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-08-14] (Sony Corporation)
Task: {321DD8C0-6BB4-48D4-8071-E99E1EBF8B33} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {4B6223EB-1433-4CB8-892B-AB2F1E1BB6BF} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {603AB8FB-6E1F-40E4-9F53-965CB2D58F81} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {649184AE-51A2-4DAE-93B4-73378001A66F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-04-17] (Microsoft Corporation)
Task: {6FB47000-90F3-417F-9F20-80D9B0C1BF9F} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {733EE997-C7AF-4F8A-A1D0-7F982D019CB8} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-10-23] (Sony Corporation)
Task: {8725BC36-F4B1-41D2-8932-E4C8DAC33414} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-18] (Adobe Systems Incorporated)
Task: {8CE449DE-5EDA-462E-A028-DC9E20DA0CFE} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1182488276-301210562-3317401335-1004Core => C:\Users\dd\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-12-20] (Facebook Inc.)
Task: {8F0DDD33-02DC-4F82-B464-04CE72B3970B} - System32\Tasks\Sony Corporation\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-11-08] (Sony Corporation)
Task: {8F125CCA-6E56-4EBC-8D00-B3988A729492} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {91818DDC-7F9E-4C23-B1A8-8FB8AA77251A} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {98D6D5C2-B393-4220-948E-BCE9E6BCC838} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {A13DA76B-B827-4E92-B9F6-39ACA7461B05} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {A54437AD-F854-4A53-B265-BA23F4DF21DF} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {AC8E4074-0F71-4988-9D99-EA229CA1DD7E} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {B0F4697F-C8D8-4EDB-8B9E-D76319B3F6A2} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-09-06] (Sony Corporation)
Task: {B40E403B-E9F9-42D6-9075-7C4D7AAB0C1D} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-03-08] (Sony Corporation)
Task: {B7128737-0CA8-4385-AA28-3036080BF0D6} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-10-22] (Sony Corporation)
Task: {C2CE4BC8-09AF-4EA3-ABC8-2636381C371E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-07] (Google Inc.)
Task: {C595EB22-C169-4C93-817A-0D73F458D221} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1182488276-301210562-3317401335-1004UA => C:\Users\dd\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-12-20] (Facebook Inc.)
Task: {E21C7FCF-89BF-4753-85A2-C886DE339679} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-03-08] (Sony Corporation)
Task: {E77DBC89-4C04-4DD2-BB2B-06037C4820C1} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {ED3E00F1-4CD3-470F-BCC9-355973738A94} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {EDCD271D-85D1-4DD5-8921-88872717C978} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2014-07-03] (Sony Corporation)
Task: {F85EFC36-4BEE-4C85-AB2D-1BEA0C5DF7B4} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {F9EFF2BD-FB34-4D4E-BB11-5CDF4150AAB2} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-09-06] (Sony Corporation)
Task: {FBD7A980-182E-4A3D-9DFE-6588D31C7127} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-07] (Google Inc.)
Task: {FBD971D9-B957-4D11-884F-3E52F916528F} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {FF4CEAFF-5F7F-4041-9DDB-2718066BCD42} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1182488276-301210562-3317401335-1004Core.job => C:\Users\dd\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1182488276-301210562-3317401335-1004UA.job => C:\Users\dd\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2012-12-28 12:07 - 2012-12-28 12:07 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2012-12-28 12:04 - 2012-12-28 12:04 - 00084480 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2012-12-28 12:09 - 2012-12-28 12:09 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2012-11-13 02:55 - 2012-11-12 10:46 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-12-28 12:10 - 2012-12-28 12:10 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2012-12-28 12:04 - 2012-12-28 12:04 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\de-DE\BtTray.de-DE.dll
2013-05-09 00:05 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-04-29 00:43 - 2015-04-28 04:07 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libglesv2.dll
2015-04-29 00:43 - 2015-04-28 04:07 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libegl.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1182488276-301210562-3317401335-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\dd\Desktop\Unbenannt.png
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{A99E06ED-6765-4F4D-8992-F6139D60F771}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{4FF8D650-7C90-4C07-8908-C3DEE8432E12}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{B75614BF-E1FA-40CE-AF2C-5886AE365F57}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{1C30363B-E890-4857-9A45-DB8EC283957D}] => (Allow) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
FirewallRules: [{217E1B42-FBED-4D5B-8D11-0B6449CE0408}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{287B3175-3665-4350-B33E-7583A1FF6511}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{558F3A75-EA16-4DD8-99F1-3D4225C8D6F4}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe
FirewallRules: [{5ED7891F-9069-4BCB-855E-085312C44DFD}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe
FirewallRules: [{7CE0F2D1-B252-49FE-A7AC-CF987B693278}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C75AC206-50FA-4B70-A5E7-264E0913BD56}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FB004A5A-DF2C-42FC-AF1D-DDFA127B4DF6}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{67D89AF0-3DBB-436C-80C8-E296EF161089}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
FirewallRules: [{40152455-5C43-4941-B1B6-1BAB22C0056E}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
FirewallRules: [{71ED2A8B-716A-40AB-817B-C01860646DAE}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe
FirewallRules: [{46F02DE5-D069-4D78-8A75-145F0F4EA744}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/05/2015 02:44:28 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dorothea)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/05/2015 02:32:35 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dorothea)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/05/2015 02:32:29 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dorothea)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/05/2015 02:32:29 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dorothea)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/05/2015 02:32:29 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dorothea)
Description: Bei der Aktivierung der App „BD9B8345.VAIOMessageCenter_05bme2bjq6sag!SonyCorporation.VAIOMessageCenter“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/05/2015 02:32:29 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dorothea)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/05/2015 01:34:20 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dorothea)
Description: Bei der Aktivierung der App „BD9B8345.VAIOMessageCenter_05bme2bjq6sag!SonyCorporation.VAIOMessageCenter“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/05/2015 01:19:20 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dorothea)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/05/2015 01:19:20 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dorothea)
Description: Bei der Aktivierung der App „BD9B8345.VAIOMessageCenter_05bme2bjq6sag!SonyCorporation.VAIOMessageCenter“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/05/2015 01:10:57 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dorothea)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


System errors:
=============
Error: (05/05/2015 00:51:54 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Energy Server Service" wurde mit folgendem Fehler beendet:
%%268439612

Error: (05/05/2015 00:08:32 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Energy Server Service" wurde mit folgendem Fehler beendet:
%%268439612

Error: (05/04/2015 11:34:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Energy Server Service" wurde mit folgendem Fehler beendet:
%%268439612

Error: (04/30/2015 07:50:00 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst WSearch erreicht.

Error: (04/26/2015 01:50:24 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {9F070738-F6EA-408A-A6BD-AED405E67A13}

Error: (04/24/2015 04:56:21 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40.

Error: (04/24/2015 01:29:18 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst McNaiAnn erreicht.

Error: (04/23/2015 08:15:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Energy Server Service" wurde mit folgendem Fehler beendet:
%%268439612

Error: (04/23/2015 08:11:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VCService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/23/2015 08:11:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VAIO Care Performance Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (05/05/2015 02:44:28 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dorothea)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147009284

Error: (05/05/2015 02:32:35 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dorothea)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147009284

Error: (05/05/2015 02:32:29 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dorothea)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147009284

Error: (05/05/2015 02:32:29 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dorothea)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147009284

Error: (05/05/2015 02:32:29 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dorothea)
Description: BD9B8345.VAIOMessageCenter_05bme2bjq6sag!SonyCorporation.VAIOMessageCenter-2147009284

Error: (05/05/2015 02:32:29 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dorothea)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147009284

Error: (05/05/2015 01:34:20 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dorothea)
Description: BD9B8345.VAIOMessageCenter_05bme2bjq6sag!SonyCorporation.VAIOMessageCenter-2147009284

Error: (05/05/2015 01:19:20 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dorothea)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147009284

Error: (05/05/2015 01:19:20 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dorothea)
Description: BD9B8345.VAIOMessageCenter_05bme2bjq6sag!SonyCorporation.VAIOMessageCenter-2147009284

Error: (05/05/2015 01:10:57 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dorothea)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147009284


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU 2020M @ 2.40GHz
Percentage of memory in use: 43%
Total physical RAM: 3975.27 MB
Available physical RAM: 2248.92 MB
Total Pagefile: 8071.27 MB
Available Pagefile: 5773.46 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:437.41 GB) (Free:346.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: FB5BDC2F)

Partition: GPT Partition Type.

==================== End Of Log ============================

Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-05-05 03:05:21
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000037 HGST_HTS545050A7E380 rev.GG2OAC90 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\dd\AppData\Local\Temp\fwdcapog.sys


---- User code sections - GMER 2.1 ----

.text  C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe[1948] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306  000007ff0071177a 4 bytes [71, 00, FF, 07]
.text  C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe[1948] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314  000007ff00711782 4 bytes [71, 00, FF, 07]
.text  C:\Windows\Explorer.EXE[1820] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                            000007fefb251532 4 bytes [25, FB, FE, 07]
.text  C:\Windows\Explorer.EXE[1820] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                            000007fefb25153a 4 bytes [25, FB, FE, 07]
.text  C:\Windows\Explorer.EXE[1820] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                          000007fefb25165a 4 bytes [25, FB, FE, 07]
.text  C:\Windows\Explorer.EXE[1820] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 306                                  000007ff0071177a 4 bytes [71, 00, FF, 07]
.text  C:\Windows\Explorer.EXE[1820] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 314                                  000007ff00711782 4 bytes [71, 00, FF, 07]
.text  C:\Program Files\Sony\VAIO Care\VCAgent.exe[1992] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 306              000007ff0071177a 4 bytes [71, 00, FF, 07]
.text  C:\Program Files\Sony\VAIO Care\VCAgent.exe[1992] C:\Windows\system32\psapi.dll!GetProcessImageFileNameA + 314              000007ff00711782 4 bytes [71, 00, FF, 07]

---- Threads - GMER 2.1 ----

Thread  C:\Windows\system32\csrss.exe [716:740]                                                                                      fffff9600096f5e8

---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                                                                                                        unknown MBR code

---- EOF - GMER 2.1 ----

schrauber 05.05.2015 05:31
Hi,

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

dan4550 05.05.2015 09:33
Vielen dank für die schnelle antwort.
Ich habe die Anweisungne befolgt.
Hier das TDSSKiller-Log:

Code:
10:24:03.0496 0x0ce8  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
10:24:03.0496 0x0ce8  UEFI system
10:24:13.0497 0x0ce8  ============================================================
10:24:13.0497 0x0ce8  Current date / time: 2015/05/05 10:24:13.0497
10:24:13.0497 0x0ce8  SystemInfo:
10:24:13.0497 0x0ce8 
10:24:13.0497 0x0ce8  OS Version: 6.2.9200 ServicePack: 0.0
10:24:13.0497 0x0ce8  Product type: Workstation
10:24:13.0497 0x0ce8  ComputerName: DOROTHEA
10:24:13.0497 0x0ce8  UserName: dd
10:24:13.0497 0x0ce8  Windows directory: C:\Windows
10:24:13.0497 0x0ce8  System windows directory: C:\Windows
10:24:13.0497 0x0ce8  Running under WOW64
10:24:13.0497 0x0ce8  Processor architecture: Intel x64
10:24:13.0497 0x0ce8  Number of processors: 2
10:24:13.0497 0x0ce8  Page size: 0x1000
10:24:13.0497 0x0ce8  Boot type: Normal boot
10:24:13.0497 0x0ce8  ============================================================
10:24:14.0513 0x0ce8  KLMD registered as C:\Windows\system32\drivers\26213852.sys
10:24:14.0747 0x0ce8  System UUID: {025A08F5-5C34-E915-8EC3-5BBCF96B7794}
10:24:15.0247 0x0ce8  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:24:15.0263 0x0ce8  ============================================================
10:24:15.0263 0x0ce8  \Device\Harddisk0\DR0:
10:24:15.0263 0x0ce8  GPT partitions:
10:24:15.0263 0x0ce8  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {F4019732-066E-4E12-8273-346C5641494F}, UniqueGUID: {7C1A5D72-E62F-4155-ADEB-025BE469675B}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x82000
10:24:15.0263 0x0ce8  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {4D5801C3-F354-4AE2-B358-77768CDA1930}, Name: Basic data partition, StartLBA 0x82800, BlocksNum 0x2E1000
10:24:15.0263 0x0ce8  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {6B2EB595-5195-4605-95A8-4B988F3FDA3B}, Name: EFI system partition, StartLBA 0x363800, BlocksNum 0x82000
10:24:15.0263 0x0ce8  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {97904FF7-B084-4BC0-A6D6-365CDD5D4A56}, Name: Microsoft reserved partition, StartLBA 0x3E5800, BlocksNum 0x40000
10:24:15.0263 0x0ce8  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {547EBBBD-51B3-4B18-B3FE-09544382DD57}, Name: Basic data partition, StartLBA 0x425800, BlocksNum 0x36AD3000
10:24:15.0263 0x0ce8  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {965AAFE3-2C36-4EFE-813E-77725CDBF496}, Name: Basic data partition, StartLBA 0x36EF8800, BlocksNum 0x348D800
10:24:15.0263 0x0ce8  MBR partitions:
10:24:15.0263 0x0ce8  ============================================================
10:24:15.0279 0x0ce8  C: <-> \Device\Harddisk0\DR0\Partition5
10:24:15.0279 0x0ce8  ============================================================
10:24:15.0279 0x0ce8  Initialize success
10:24:15.0279 0x0ce8  ============================================================
10:26:22.0281 0x08d8  ============================================================
10:26:22.0281 0x08d8  Scan started
10:26:22.0281 0x08d8  Mode: Manual; SigCheck; TDLFS;
10:26:22.0281 0x08d8  ============================================================
10:26:22.0281 0x08d8  KSN ping started
10:26:24.0703 0x08d8  KSN ping finished: true
10:26:25.0469 0x08d8  ================ Scan system memory ========================
10:26:25.0469 0x08d8  System memory - ok
10:26:25.0469 0x08d8  ================ Scan services =============================
10:26:25.0641 0x08d8  [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
10:26:25.0734 0x08d8  1394ohci - ok
10:26:25.0797 0x08d8  [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware          C:\Windows\system32\drivers\3ware.sys
10:26:25.0812 0x08d8  3ware - ok
10:26:25.0844 0x08d8  [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:26:25.0875 0x08d8  ACPI - ok
10:26:25.0906 0x08d8  [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
10:26:25.0922 0x08d8  acpiex - ok
10:26:25.0938 0x08d8  [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
10:26:25.0969 0x08d8  acpipagr - ok
10:26:26.0000 0x08d8  [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi        C:\Windows\System32\drivers\acpipmi.sys
10:26:26.0031 0x08d8  AcpiPmi - ok
10:26:26.0047 0x08d8  [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
10:26:26.0094 0x08d8  acpitime - ok
10:26:26.0172 0x08d8  [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] AdobeARMservice c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:26:26.0188 0x08d8  AdobeARMservice - ok
10:26:26.0328 0x08d8  [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:26:26.0344 0x08d8  AdobeFlashPlayerUpdateSvc - ok
10:26:26.0391 0x08d8  [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx        C:\Windows\system32\drivers\adp94xx.sys
10:26:26.0422 0x08d8  adp94xx - ok
10:26:26.0453 0x08d8  [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci        C:\Windows\system32\drivers\adpahci.sys
10:26:26.0484 0x08d8  adpahci - ok
10:26:26.0500 0x08d8  [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320        C:\Windows\system32\drivers\adpu320.sys
10:26:26.0516 0x08d8  adpu320 - ok
10:26:26.0578 0x08d8  [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
10:26:26.0625 0x08d8  AeLookupSvc - ok
10:26:26.0672 0x08d8  [ FE7FB9612D354EB41DF4F0FF5D6FB259, 98D5BD9C1300195C49CB0717A831A06D99F7AE631D5EA065E10BFE7C2FA57A18 ] AFD            C:\Windows\system32\drivers\afd.sys
10:26:26.0703 0x08d8  AFD - ok
10:26:26.0734 0x08d8  [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440          C:\Windows\system32\drivers\agp440.sys
10:26:26.0750 0x08d8  agp440 - ok
10:26:26.0781 0x08d8  [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG            C:\Windows\System32\alg.exe
10:26:26.0844 0x08d8  ALG - ok
10:26:26.0875 0x08d8  [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
10:26:26.0906 0x08d8  AllUserInstallAgent - ok
10:26:26.0922 0x08d8  [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8          C:\Windows\System32\drivers\amdk8.sys
10:26:26.0953 0x08d8  AmdK8 - ok
10:26:26.0984 0x08d8  [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
10:26:27.0031 0x08d8  AmdPPM - ok
10:26:27.0063 0x08d8  [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata        C:\Windows\system32\drivers\amdsata.sys
10:26:27.0063 0x08d8  amdsata - ok
10:26:27.0094 0x08d8  [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
10:26:27.0109 0x08d8  amdsbs - ok
10:26:27.0125 0x08d8  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata        C:\Windows\system32\drivers\amdxata.sys
10:26:27.0125 0x08d8  amdxata - ok
10:26:27.0156 0x08d8  [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID          C:\Windows\system32\drivers\appid.sys
10:26:27.0172 0x08d8  AppID - ok
10:26:27.0219 0x08d8  [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:26:27.0266 0x08d8  AppIDSvc - ok
10:26:27.0297 0x08d8  [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo        C:\Windows\System32\appinfo.dll
10:26:27.0313 0x08d8  Appinfo - ok
10:26:27.0344 0x08d8  [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc            C:\Windows\system32\drivers\arc.sys
10:26:27.0359 0x08d8  arc - ok
10:26:27.0386 0x08d8  [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
10:26:27.0401 0x08d8  arcsas - ok
10:26:27.0417 0x08d8  [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:26:27.0433 0x08d8  AsyncMac - ok
10:26:27.0464 0x08d8  [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi          C:\Windows\system32\drivers\atapi.sys
10:26:27.0464 0x08d8  atapi - ok
10:26:27.0511 0x08d8  [ CE2BCBDC20734F372B70B94704D3092D, 33C586C1A9C9D357A589F102341EFCFFE465553B54E7C875867F0E15587F53B7 ] AthBTPort      C:\Windows\system32\DRIVERS\btath_flt.sys
10:26:27.0526 0x08d8  AthBTPort - ok
10:26:27.0573 0x08d8  [ D36B40AA8583089FE7A23693158CECF2, 795C90C11603CBED0C615811AD465FD23FC351251CFE49D137AB855D298611B7 ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
10:26:27.0604 0x08d8  AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
10:26:29.0980 0x08d8  Detect skipped due to KSN trusted
10:26:29.0980 0x08d8  AtherosSvc - ok
10:26:30.0120 0x08d8  [ 221F28472FB210E2D4A7B4488BC798F9, 1AB0224EBA40E3CA1347AAB571FE40D744F1F67851C660F9F25C5FEA1EF155C1 ] athr            C:\Windows\system32\DRIVERS\athw8x.sys
10:26:30.0261 0x08d8  athr - ok
10:26:30.0323 0x08d8  [ 8FB10919E1283FD108334FDBFB173574, EAD11C6FA884AAC9E8534C267E9B1D2EAB1F2A396EACC900525465A2AEAB84D3 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
10:26:30.0370 0x08d8  AudioEndpointBuilder - ok
10:26:30.0417 0x08d8  [ 463E7457227E970CB249031AEAE7902C, 2F627BC558E5764592B08269F3EE4C6ECD544904963312A60F5B0C0B9C8C5D32 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
10:26:30.0448 0x08d8  Audiosrv - ok
10:26:30.0480 0x08d8  [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:26:30.0511 0x08d8  AxInstSV - ok
10:26:30.0558 0x08d8  [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv        C:\Windows\system32\drivers\bxvbda.sys
10:26:30.0589 0x08d8  b06bdrv - ok
10:26:30.0620 0x08d8  [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
10:26:30.0652 0x08d8  BasicDisplay - ok
10:26:30.0652 0x08d8  [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender    C:\Windows\System32\drivers\BasicRender.sys
10:26:30.0667 0x08d8  BasicRender - ok
10:26:30.0698 0x08d8  [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC          C:\Windows\System32\bdesvc.dll
10:26:30.0714 0x08d8  BDESVC - ok
10:26:30.0745 0x08d8  [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep            C:\Windows\system32\drivers\Beep.sys
10:26:30.0777 0x08d8  Beep - ok
10:26:30.0823 0x08d8  [ C72AB32F7EFCA677AF079F4336BC1609, 90FF653027709ADB674B2D4240E398E7A64D2079CBF56E3983008D92FA12EA0D ] BFE            C:\Windows\System32\bfe.dll
10:26:30.0870 0x08d8  BFE - ok
10:26:30.0964 0x08d8  [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS            C:\Windows\System32\qmgr.dll
10:26:31.0011 0x08d8  BITS - ok
10:26:31.0042 0x08d8  [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:26:31.0089 0x08d8  bowser - ok
10:26:31.0105 0x08d8  [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
10:26:31.0136 0x08d8  BrokerInfrastructure - ok
10:26:31.0167 0x08d8  [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser        C:\Windows\System32\browser.dll
10:26:31.0198 0x08d8  Browser - ok
10:26:31.0245 0x08d8  [ 6A4643DCE663775C70CFCA8DB454E2A7, 07393385C2EA0519E342C52AC304A4D2D4A142A4E3D11F3BB2DEE4A2F1FD47C9 ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
10:26:31.0261 0x08d8  BTATH_A2DP - ok
10:26:31.0261 0x08d8  [ 38383A47A110BDA90839BFA7A5918189, 876647EC7D5B5C02B8BD75A89BCC6174A05C9F26912ABA5116330CB367E7D3E5 ] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys
10:26:31.0277 0x08d8  btath_avdt - ok
10:26:31.0292 0x08d8  [ D5418AF1B9AC86D89C045026EFBD5FB7, A23B6EEB5779DEE146E12207E6ED68EA514673436A9FC1ECBAE46D586F02D468 ] BTATH_BUS      C:\Windows\System32\drivers\btath_bus.sys
10:26:31.0292 0x08d8  BTATH_BUS - ok
10:26:31.0308 0x08d8  [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP      C:\Windows\System32\drivers\btath_hcrp.sys
10:26:31.0308 0x08d8  BTATH_HCRP - ok
10:26:31.0323 0x08d8  [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT    C:\Windows\system32\DRIVERS\btath_lwflt.sys
10:26:31.0323 0x08d8  BTATH_LWFLT - ok
10:26:31.0339 0x08d8  [ A6019537D6125099363F90D0C6D181F9, CA0C46AABBF71E2A29C93A477A06D33E3CACC84978DD9D729BEFB339E50D7055 ] BTATH_RCP      C:\Windows\System32\drivers\btath_rcp.sys
10:26:31.0339 0x08d8  BTATH_RCP - ok
10:26:31.0355 0x08d8  [ 9F1F7BD1BC1131820D1BC8EB842E6209, 9F677C125B4C6BE2ED7B20B394448202CECB2428432E3E51C7725F07596DEFDA ] BTATH_VDP      C:\Windows\system32\drivers\btath_vdp.sys
10:26:31.0370 0x08d8  BTATH_VDP - ok
10:26:31.0386 0x08d8  [ 32DDD9C91224BE4BB4AB9DC96E4A9FBB, 15DB31B375A758C321D89B4609EC1ACA5DAD9F748B45D43231C118C246ADA9A6 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
10:26:31.0417 0x08d8  BtFilter - ok
10:26:31.0433 0x08d8  [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
10:26:31.0464 0x08d8  BthAvrcpTg - ok
10:26:31.0495 0x08d8  [ A8B20D852B07AE19A13B5D47EC4E4C3B, 86571C9E2BA15BB169CAB2D24C4D0598154C02FD173638CAFC685A7F6B09472D ] BthEnum        C:\Windows\System32\drivers\BthEnum.sys
10:26:31.0527 0x08d8  BthEnum - ok
10:26:31.0558 0x08d8  [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum      C:\Windows\System32\drivers\bthhfenum.sys
10:26:31.0573 0x08d8  BthHFEnum - ok
10:26:31.0605 0x08d8  [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
10:26:31.0636 0x08d8  bthhfhid - ok
10:26:31.0652 0x08d8  [ 42201C346F0B8C458E1E9CDE04D68A2C, 6168FD0D10CD06B00B5C79D5D2B5C353AAC22FD99CE8D417DDBA33ED63CFB8BF ] BthLEEnum      C:\Windows\system32\DRIVERS\BthLEEnum.sys
10:26:31.0698 0x08d8  BthLEEnum - ok
10:26:31.0714 0x08d8  [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
10:26:31.0761 0x08d8  BTHMODEM - ok
10:26:31.0761 0x08d8  [ 091BB978E9504D0AD14586929431A957, ACED02B879026A228E35F40847C210BC30A5AFC948FFE922DB21663E4A8DFF1D ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
10:26:31.0777 0x08d8  BthPan - ok
10:26:31.0855 0x08d8  [ 13795CAA34239D97A7211E7F9D96E012, C4F3402B063A7CFCE386D1AE9255975A199164BA9E7DCDB6129725213A0642B1 ] BTHPORT        C:\Windows\System32\Drivers\BTHport.sys
10:26:31.0902 0x08d8  BTHPORT - ok
10:26:31.0948 0x08d8  [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv        C:\Windows\system32\bthserv.dll
10:26:31.0995 0x08d8  bthserv - ok
10:26:32.0027 0x08d8  [ 1F715957F5236D30B6020A19A4271F6A, C06B637C2C6919E2DE1055AE249AE3EAF7B4890799F22BF5757CC10CEF145043 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
10:26:32.0042 0x08d8  BTHUSB - ok
10:26:32.0058 0x08d8  [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:26:32.0089 0x08d8  cdfs - ok
10:26:32.0105 0x08d8  [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom          C:\Windows\System32\drivers\cdrom.sys
10:26:32.0152 0x08d8  cdrom - ok
10:26:32.0199 0x08d8  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc    C:\Windows\System32\certprop.dll
10:26:32.0245 0x08d8  CertPropSvc - ok
10:26:32.0277 0x08d8  [ 27468DB367ABCFE855796775DB949AC1, F2DFC8CFBFCDC94798A5ADAAC96001927F9CE316751D42651C3AF1E52F1DC7EF ] cfwids          C:\Windows\system32\drivers\cfwids.sys
10:26:32.0292 0x08d8  cfwids - ok
10:26:32.0308 0x08d8  [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass        C:\Windows\System32\drivers\circlass.sys
10:26:32.0339 0x08d8  circlass - ok
10:26:32.0386 0x08d8  [ 94250D5AE3E7269DB29BCF96E07F21A6, 538C6CDCD193AABDE40CC25220528F8F80AEF828C46D8660234CB0E592B607CB ] CLFS            C:\Windows\system32\drivers\CLFS.sys
10:26:32.0402 0x08d8  CLFS - ok
10:26:32.0449 0x08d8  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\Windows\system32\DRIVERS\CLVirtualDrive.sys
10:26:32.0464 0x08d8  CLVirtualDrive - ok
10:26:32.0495 0x08d8  [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
10:26:32.0527 0x08d8  CmBatt - ok
10:26:32.0574 0x08d8  [ 711E2E14AF1FC883AA6251FCE196DC1E, AF1EF693C5C2F08C40CCC3C56F72F6840559CCFBC26F2235C20A3478A8CE95E6 ] CNG            C:\Windows\system32\Drivers\cng.sys
10:26:32.0589 0x08d8  CNG - ok
10:26:32.0605 0x08d8  [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
10:26:32.0636 0x08d8  CompositeBus - ok
10:26:32.0636 0x08d8  COMSysApp - ok
10:26:32.0667 0x08d8  [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv          C:\Windows\system32\drivers\condrv.sys
10:26:32.0699 0x08d8  condrv - ok
10:26:32.0808 0x08d8  [ 49938E888C0840E02409F6A85525CB73, 976CB8E986F5726F625D597A99FDC86F27C1F564AE288608494C0BF79ABDBD28 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
10:26:32.0855 0x08d8  cphs - ok
10:26:32.0886 0x08d8  [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:26:32.0902 0x08d8  CryptSvc - ok
10:26:32.0917 0x08d8  [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam            C:\Windows\system32\drivers\dam.sys
10:26:32.0933 0x08d8  dam - ok
10:26:32.0964 0x08d8  [ D06E443457FADC6B1AFAF3AA4B6936F6, 109B4D05E156604AFB3D63B380CC063B900AEB12F57A1D235B9F9399EE0909C7 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
10:26:32.0980 0x08d8  dc3d - ok
10:26:33.0058 0x08d8  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:26:33.0089 0x08d8  DcomLaunch - ok
10:26:33.0120 0x08d8  [ FC1569B5705887D74FE7C8A39BE1C71C, 7DEB8FE472C72C439A2F54B6277C0A87AC2083869BD9AF8226071B7AA33B09FF ] defragsvc      C:\Windows\System32\defragsvc.dll
10:26:33.0167 0x08d8  defragsvc - ok
10:26:33.0214 0x08d8  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\Windows\system32\das.dll
10:26:33.0261 0x08d8  DeviceAssociationService - ok
10:26:33.0292 0x08d8  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall  C:\Windows\system32\umpnpmgr.dll
10:26:33.0308 0x08d8  DeviceInstall - ok
10:26:33.0355 0x08d8  [ 431141C6859990824D17F71C30A78728, 448B3DC20C8FDD5B66217E0E01DBCC4904F94BDA0826F109D139DDD2C2D7FBF2 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
10:26:33.0386 0x08d8  Dfsc - ok
10:26:33.0417 0x08d8  [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:26:33.0449 0x08d8  Dhcp - ok
10:26:33.0480 0x08d8  [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache        C:\Windows\system32\drivers\discache.sys
10:26:33.0495 0x08d8  discache - ok
10:26:33.0527 0x08d8  [ AE3786294CC246A5403783E1B86A0168, 29A7B4B490CBB16DAEF5D67D0A58A2577CF3FEE8F889484DB867F6913D9D2A28 ] disk            C:\Windows\system32\drivers\disk.sys
10:26:33.0542 0x08d8  disk - ok
10:26:33.0558 0x08d8  [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc          C:\Windows\System32\drivers\dmvsc.sys
10:26:33.0574 0x08d8  dmvsc - ok
10:26:33.0605 0x08d8  [ B9450BC3F1820A99D010D7426BCA60E9, FC7C35A0C522E5DA52B0616CF99F4903EAC14946180A18A8D8A0FF555BAA87C5 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:26:33.0636 0x08d8  Dnscache - ok
10:26:33.0683 0x08d8  [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc        C:\Windows\System32\dot3svc.dll
10:26:33.0730 0x08d8  dot3svc - ok
10:26:33.0777 0x08d8  [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS            C:\Windows\system32\dps.dll
10:26:33.0792 0x08d8  DPS - ok
10:26:33.0824 0x08d8  [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
10:26:33.0855 0x08d8  drmkaud - ok
10:26:33.0886 0x08d8  [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
10:26:33.0902 0x08d8  DsmSvc - ok
10:26:33.0964 0x08d8  [ 2BB5627EB587FA995086C3D8C21B6D3F, 871E35BBE66180781324D38823B74263B660CF9254EE348A15421FAC5667F294 ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
10:26:34.0011 0x08d8  DXGKrnl - ok
10:26:34.0058 0x08d8  [ CFE0E3D5EFBF0649E5900CBFCC2B95F7, 8C6C4579048D0D9C43742DBD55CB2E704914D46016BBBF68FCD860320605C6F1 ] e1yexpress      C:\Windows\system32\DRIVERS\e1y60x64.sys
10:26:34.0089 0x08d8  e1yexpress - ok
10:26:34.0120 0x08d8  [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost        C:\Windows\System32\eapsvc.dll
10:26:34.0152 0x08d8  Eaphost - ok
10:26:34.0292 0x08d8  [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv          C:\Windows\system32\drivers\evbda.sys
10:26:34.0417 0x08d8  ebdrv - ok
10:26:34.0449 0x08d8  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] EFS            C:\Windows\System32\lsass.exe
10:26:34.0480 0x08d8  EFS - ok
10:26:34.0511 0x08d8  [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass    C:\Windows\system32\drivers\EhStorClass.sys
10:26:34.0527 0x08d8  EhStorClass - ok
10:26:34.0542 0x08d8  [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
10:26:34.0542 0x08d8  EhStorTcgDrv - ok
10:26:34.0558 0x08d8  [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev          C:\Windows\System32\drivers\errdev.sys
10:26:34.0574 0x08d8  ErrDev - ok
10:26:34.0636 0x08d8  [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem    C:\Windows\system32\es.dll
10:26:34.0667 0x08d8  EventSystem - ok
10:26:34.0699 0x08d8  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat          C:\Windows\system32\drivers\exfat.sys
10:26:34.0714 0x08d8  exfat - ok
10:26:34.0730 0x08d8  [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat        C:\Windows\system32\drivers\fastfat.sys
10:26:34.0746 0x08d8  fastfat - ok
10:26:34.0792 0x08d8  [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax            C:\Windows\system32\fxssvc.exe
10:26:34.0824 0x08d8  Fax - ok
10:26:34.0855 0x08d8  [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc            C:\Windows\System32\drivers\fdc.sys
10:26:34.0871 0x08d8  fdc - ok
10:26:34.0902 0x08d8  [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost        C:\Windows\system32\fdPHost.dll
10:26:34.0933 0x08d8  fdPHost - ok
10:26:34.0949 0x08d8  [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:26:34.0980 0x08d8  FDResPub - ok
10:26:35.0011 0x08d8  [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc          C:\Windows\system32\fhsvc.dll
10:26:35.0027 0x08d8  fhsvc - ok
10:26:35.0058 0x08d8  [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:26:35.0074 0x08d8  FileInfo - ok
10:26:35.0074 0x08d8  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
10:26:35.0105 0x08d8  Filetrace - ok
10:26:35.0121 0x08d8  [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
10:26:35.0136 0x08d8  flpydisk - ok
10:26:35.0152 0x08d8  [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:26:35.0167 0x08d8  FltMgr - ok
10:26:35.0230 0x08d8  [ 0BCDC0FF11B984162B0CF0FF6E9E0146, D44A3CECBA36B7A64854E244FA6B5E65047896BF9983D20B431410FBBA36697A ] FontCache      C:\Windows\system32\FntCache.dll
10:26:35.0292 0x08d8  FontCache - ok
10:26:35.0386 0x08d8  [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:26:35.0402 0x08d8  FontCache3.0.0.0 - ok
10:26:35.0433 0x08d8  [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
10:26:35.0449 0x08d8  FsDepends - ok
10:26:35.0449 0x08d8  [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:26:35.0464 0x08d8  Fs_Rec - ok
10:26:35.0511 0x08d8  [ C1646A95EAC515F60CDB2A7A8A013C1E, F559B83C02B17265EDE95DD497C1A94E402F07EC251FC47449F789907AFFED14 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:26:35.0527 0x08d8  fvevol - ok
10:26:35.0558 0x08d8  [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM          C:\Windows\System32\drivers\fxppm.sys
10:26:35.0589 0x08d8  FxPPM - ok
10:26:35.0621 0x08d8  [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
10:26:35.0636 0x08d8  gagp30kx - ok
10:26:35.0730 0x08d8  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
10:26:35.0761 0x08d8  GamesAppService - ok
10:26:35.0777 0x08d8  [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
10:26:35.0808 0x08d8  gencounter - ok
10:26:35.0855 0x08d8  [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101    C:\Windows\system32\Drivers\msgpioclx.sys
10:26:35.0871 0x08d8  GPIOClx0101 - ok
10:26:35.0996 0x08d8  [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc          C:\Windows\System32\gpsvc.dll
10:26:36.0058 0x08d8  gpsvc - ok
10:26:36.0089 0x08d8  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:26:36.0105 0x08d8  gupdate - ok
10:26:36.0105 0x08d8  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:26:36.0121 0x08d8  gupdatem - ok
10:26:36.0152 0x08d8  [ 630555943E5A3FE21010CE91EC7FC84F, 20D7247A4363EE9E851501D89A466564ADCAEC304DE42280E4E09AD8499436A9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:26:36.0199 0x08d8  HdAudAddService - ok
10:26:36.0214 0x08d8  [ 58CC013EFA9893057160EDA018D8ADCE, BE8AA220CFBD90202C1B130DF349C3198E3447F3C2DC7BC5FC8816F57F78BA00 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
10:26:36.0246 0x08d8  HDAudBus - ok
10:26:36.0261 0x08d8  [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt        C:\Windows\System32\drivers\HidBatt.sys
10:26:36.0292 0x08d8  HidBatt - ok
10:26:36.0324 0x08d8  [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth          C:\Windows\System32\drivers\hidbth.sys
10:26:36.0355 0x08d8  HidBth - ok
10:26:36.0371 0x08d8  [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
10:26:36.0402 0x08d8  hidi2c - ok
10:26:36.0433 0x08d8  [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr          C:\Windows\System32\drivers\hidir.sys
10:26:36.0449 0x08d8  HidIr - ok
10:26:36.0496 0x08d8  [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv        C:\Windows\system32\hidserv.dll
10:26:36.0511 0x08d8  hidserv - ok
10:26:36.0543 0x08d8  [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
10:26:36.0574 0x08d8  HidUsb - ok
10:26:36.0605 0x08d8  [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK      C:\Windows\system32\drivers\HipShieldK.sys
10:26:36.0621 0x08d8  HipShieldK - ok
10:26:36.0667 0x08d8  [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:26:36.0699 0x08d8  hkmsvc - ok
10:26:36.0730 0x08d8  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:26:36.0746 0x08d8  HomeGroupListener - ok
10:26:36.0792 0x08d8  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:26:36.0824 0x08d8  HomeGroupProvider - ok
10:26:36.0949 0x08d8  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] HomeNetSvc      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
10:26:36.0964 0x08d8  HomeNetSvc - ok
10:26:37.0011 0x08d8  [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:26:37.0027 0x08d8  HpSAMD - ok
10:26:37.0074 0x08d8  [ 258A9103842E36CD27D07D5A1F6D2A23, 883E797263DB0A971C5FDDB588AAE041DD1021F079A891E8AA4525799C795B04 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:26:37.0121 0x08d8  HTTP - ok
10:26:37.0152 0x08d8  [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:26:37.0214 0x08d8  hwpolicy - ok
10:26:37.0230 0x08d8  [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
10:26:37.0261 0x08d8  hyperkbd - ok
10:26:37.0277 0x08d8  [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
10:26:37.0308 0x08d8  HyperVideo - ok
10:26:37.0324 0x08d8  [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
10:26:37.0355 0x08d8  i8042prt - ok
10:26:37.0433 0x08d8  [ 6C91E425ACE29594BD574DE38AC9B76D, 697784E4C7AF08B1F35662D8AD871E6890CECE22B6E64985B7C1A66C10DA390D ] iaStorA        C:\Windows\system32\drivers\iaStorA.sys
10:26:37.0449 0x08d8  iaStorA - ok
10:26:37.0511 0x08d8  [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
10:26:37.0527 0x08d8  iaStorV - ok
10:26:37.0668 0x08d8  [ 15C9BF6968A0990D8F4161A6ABEB7229, BBF73B50938DB9EA50EE0CFF37277E44FE50EA666FA6E5AF542C8C40DBAD84CA ] IconMan_R      C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
10:26:37.0730 0x08d8  IconMan_R - ok
10:26:38.0011 0x08d8  [ 87B67C33144BE5A68D20D9BE4D528E43, 7F8F0CF99541DD721ACAB8A709B6BA2418B2F79532BF252859012E43D83A3F5B ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
10:26:38.0308 0x08d8  igfx - ok
10:26:38.0339 0x08d8  [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp          C:\Windows\system32\drivers\iirsp.sys
10:26:38.0355 0x08d8  iirsp - ok
10:26:38.0433 0x08d8  [ 644D7E4EAC8D5CE757435FA98A7BDA50, 7C91F6E75B148E69BF701F0152CDBF8FB94009935EE97F5208560E1E8FEDA4DB ] IKEEXT          C:\Windows\System32\ikeext.dll
10:26:38.0480 0x08d8  IKEEXT - ok
10:26:38.0636 0x08d8  [ DDC860724AEF8F8E42AC61E6585769C6, 62AD5772E8097B03E161E6F14582E2A4BBA0DFA1A1E7F664D881D464E136DBD2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:26:38.0793 0x08d8  IntcAzAudAddService - ok
10:26:38.0839 0x08d8  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
10:26:38.0871 0x08d8  IntcDAud - ok
10:26:38.0949 0x08d8  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
10:26:38.0964 0x08d8  Intel(R) Capability Licensing Service Interface - ok
10:26:39.0043 0x08d8  [ 9656F8E29F6C3161A3E99BCD3A472FF9, 30AD00B53CCB2E4121508729F3471D3C0568F1C32324C398382C97E8BC43ECF0 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
10:26:39.0058 0x08d8  Intel(R) ME Service - ok
10:26:39.0090 0x08d8  [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:26:39.0105 0x08d8  intelide - ok
10:26:39.0136 0x08d8  [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
10:26:39.0152 0x08d8  intelppm - ok
10:26:39.0168 0x08d8  [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:26:39.0199 0x08d8  IpFilterDriver - ok
10:26:39.0261 0x08d8  [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:26:39.0308 0x08d8  iphlpsvc - ok
10:26:39.0339 0x08d8  [ A4071DA3AE419F9694BFCB267C7DB8D7, 392DEE1DA51606C29418A98D2861F115E9F67C688B4281C53E87BA73A98809FB ] IPMIDRV        C:\Windows\System32\drivers\IPMIDrv.sys
10:26:39.0371 0x08d8  IPMIDRV - ok
10:26:39.0402 0x08d8  [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
10:26:39.0433 0x08d8  IPNAT - ok
10:26:39.0449 0x08d8  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:26:39.0465 0x08d8  IRENUM - ok
10:26:39.0480 0x08d8  [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:26:39.0480 0x08d8  isapnp - ok
10:26:39.0511 0x08d8  [ E6530FD4F61B40F338BF4355A21B9A09, FE9BF039B9901BEC260A69F7C49ACFA9881AD470DCCBA70C7EC36F518DA71702 ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
10:26:39.0543 0x08d8  iScsiPrt - ok
10:26:39.0590 0x08d8  [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
10:26:39.0590 0x08d8  jhi_service - ok
10:26:39.0636 0x08d8  [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
10:26:39.0636 0x08d8  kbdclass - ok
10:26:39.0652 0x08d8  [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
10:26:39.0668 0x08d8  kbdhid - ok
10:26:39.0668 0x08d8  [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic          C:\Windows\system32\DRIVERS\kdnic.sys
10:26:39.0683 0x08d8  kdnic - ok
10:26:39.0699 0x08d8  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] KeyIso          C:\Windows\system32\lsass.exe
10:26:39.0730 0x08d8  KeyIso - ok
10:26:39.0761 0x08d8  [ 8B3EB6372436195B8EA8AE09A184BCE2, 9AFB7A9D6AEEBF5994C85B355155024768116E2D537C9FA169BC3F4594ECD35C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:26:39.0761 0x08d8  KSecDD - ok
10:26:39.0808 0x08d8  [ 0EB535ADDC065F2D0CBFC089630A6065, F6DD544227A5B7A0C80E401EB5461963567A24834C60AF520FBABC1A9FB4E631 ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
10:26:39.0808 0x08d8  KSecPkg - ok
10:26:39.0824 0x08d8  [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
10:26:39.0855 0x08d8  ksthunk - ok
10:26:39.0886 0x08d8  [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm          C:\Windows\system32\msdtckrm.dll
10:26:39.0933 0x08d8  KtmRm - ok
10:26:39.0965 0x08d8  [ 05A5B36592BB5F371B6AB020A2691E42, 384230A10EA0394E260282509B7D8EFCBFF8814611F6EFAB2DD346B97963EC55 ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:26:39.0996 0x08d8  LanmanServer - ok
10:26:40.0043 0x08d8  [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:26:40.0058 0x08d8  LanmanWorkstation - ok
10:26:40.0105 0x08d8  [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:26:40.0152 0x08d8  lltdio - ok
10:26:40.0199 0x08d8  [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc        C:\Windows\System32\lltdsvc.dll
10:26:40.0230 0x08d8  lltdsvc - ok
10:26:40.0261 0x08d8  [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts        C:\Windows\System32\lmhsvc.dll
10:26:40.0293 0x08d8  lmhosts - ok
10:26:40.0308 0x08d8  [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:26:40.0324 0x08d8  LMS - ok
10:26:40.0355 0x08d8  [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS        C:\Windows\system32\drivers\lsi_sas.sys
10:26:40.0371 0x08d8  LSI_SAS - ok
10:26:40.0402 0x08d8  [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
10:26:40.0402 0x08d8  LSI_SAS2 - ok
10:26:40.0418 0x08d8  [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
10:26:40.0433 0x08d8  LSI_SCSI - ok
10:26:40.0449 0x08d8  [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS        C:\Windows\system32\drivers\lsi_sss.sys
10:26:40.0465 0x08d8  LSI_SSS - ok
10:26:40.0543 0x08d8  [ 1DC9B701F8EB7D67774035AC9C3104F6, 77371267CDA605F78674BF8FA14B134B22299CD96EADA60A68762207595F0B46 ] LSM            C:\Windows\System32\lsm.dll
10:26:40.0599 0x08d8  LSM - ok
10:26:40.0630 0x08d8  [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv          C:\Windows\system32\drivers\luafv.sys
10:26:40.0666 0x08d8  luafv - ok
10:26:40.0689 0x08d8  [ CF12E148C6FC151335B7D7FE03F1C7A2, 7087DF6D884AF0A57AC22D7AE9C2903913AAB4CE52D19666B6513C3D5706E43C ] MBAMProtector  C:\Windows\system32\drivers\mbam.sys
10:26:40.0701 0x08d8  MBAMProtector - ok
10:26:40.0760 0x08d8  [ E27891A49DF92004041FEC5C3A2D4230, A4679A1F10F84935875E35A83FC7075499B8F4CBB543209A38C0D946347CD264 ] MBAMService    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
10:26:40.0792 0x08d8  MBAMService - ok
10:26:40.0823 0x08d8  [ 7FD0FDFB97D80B21195273C4C3810FE1, E1072821AB338F45740DE6CF7BDB7C676CC67AB4BFC2ACF78773ABB424152D2C ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
10:26:40.0823 0x08d8  MBAMWebAccessControl - ok
10:26:40.0901 0x08d8  [ 96E7AA538AB0EDECCAB3862BA4B66232, 8AF460093B4DC1FD81C4508A57B6A80A7FB2E1818A3405506B8DB5B521615FB6 ] McAPExe        C:\Program Files\McAfee\MSC\McAPExe.exe
10:26:40.0917 0x08d8  McAPExe - ok
10:26:40.0963 0x08d8  [ 1E3AF124A3405EEE594BB9FFD4640F48, 7916D86433A6A305CC9699A8901795E74A22C99A2C6B091BAC951E30F7510FF7 ] McAWFwk        c:\PROGRA~1\mcafee\msc\mcawfwk.exe
10:26:40.0979 0x08d8  McAWFwk - ok
10:26:41.0042 0x08d8  [ 1704A8189EE5580AB147CFD25C5C8770, DFA076FD36B5CC844D4BE3B865E9A1F809E14CCB1D78D82A2D8D8EE38210E6EB ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
10:26:41.0073 0x08d8  McComponentHostService - ok
10:26:41.0151 0x08d8  [ 77AB66599EAFF797744D17C502FECDB9, E3A356AC3D6958B08C126D2C4231F2F7A655348606AE53FB95C6DA17908B32D1 ] McComponentHostServiceSony C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe
10:26:41.0182 0x08d8  McComponentHostServiceSony - ok
10:26:41.0198 0x08d8  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McMPFSvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
10:26:41.0213 0x08d8  McMPFSvc - ok
10:26:41.0229 0x08d8  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McNaiAnn        C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
10:26:41.0245 0x08d8  McNaiAnn - ok
10:26:41.0354 0x08d8  [ 7F8446D8AD9161B34DC7C209FB148A5A, 26B07EB138992586FC410849172A63ACC26D99ED59B568EFF9C93ED2EB129453 ] McODS          C:\Program Files\mcafee\VirusScan\mcods.exe
10:26:41.0370 0x08d8  McODS - ok
10:26:41.0417 0x08d8  [ C121367D21599367F2ADB9C11B7BABAA, 752993437AB2C797B5C0FFD397BC8FAC575886857C61BCCCCF169DA54BEE911C ] McOobeSv        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
10:26:41.0417 0x08d8  McOobeSv - ok
10:26:41.0448 0x08d8  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McOobeSv2      C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
10:26:41.0448 0x08d8  McOobeSv2 - ok
10:26:41.0464 0x08d8  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] mcpltsvc        C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
10:26:41.0479 0x08d8  mcpltsvc - ok
10:26:41.0495 0x08d8  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McProxy        C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
10:26:41.0495 0x08d8  McProxy - ok
10:26:41.0510 0x08d8  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McSchedulerSvc  C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
10:26:41.0526 0x08d8  McSchedulerSvc - ok
10:26:41.0542 0x08d8  [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas        C:\Windows\system32\drivers\megasas.sys
10:26:41.0557 0x08d8  megasas - ok
10:26:41.0589 0x08d8  [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
10:26:41.0620 0x08d8  MegaSR - ok
10:26:41.0635 0x08d8  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\Windows\System32\drivers\HECIx64.sys
10:26:41.0651 0x08d8  MEIx64 - ok
10:26:41.0698 0x08d8  [ D0574EF9490EBD32DFA14D3C16195DE2, 7F5623562E74BD09717103247CE9155F07092BC633B5647ED3C99A95283413B4 ] mfeapfk        C:\Windows\system32\drivers\mfeapfk.sys
10:26:41.0698 0x08d8  mfeapfk - ok
10:26:41.0745 0x08d8  [ 7B6A4509A2444F5F0689B2579E245177, 95A3A3560E253B7459F1B7C9E4E21008C725BA1A2C5F4E5FBAD1AB383058E2F6 ] mfeavfk        C:\Windows\system32\drivers\mfeavfk.sys
10:26:41.0760 0x08d8  mfeavfk - ok
10:26:41.0854 0x08d8  [ 28E4FB2E9918C2E680BE9FD8E130471C, DFD1738F2CC0743F2CD9754CAFFFFC4D38590AF8AD2E1159F8FEAC9E9922E4B8 ] mfecore        C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
10:26:41.0885 0x08d8  mfecore - ok
10:26:41.0901 0x08d8  [ DD19F44DE0F742B2E89FB6489A2F7197, B6BF5236181492B9996471469E18C3A11ECD6224BE740BA312771E1A7D4AD6BD ] mfeelamk        C:\Windows\system32\drivers\mfeelamk.sys
10:26:41.0917 0x08d8  mfeelamk - ok
10:26:41.0964 0x08d8  [ E7C6587AC8FB0BABEF6AB1733AFA8FEC, 1624B8D9C9431A2030B8C8CFAA90F56A9EE4039D2426A521C4102A68D2F8E3CD ] mfefire        C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
10:26:41.0979 0x08d8  mfefire - ok
10:26:42.0042 0x08d8  [ 92AD9892D534CA58E020375C94E0307E, 3062625853C759852C5172040C69840315676A01A62EECFC53F55E6379DB190C ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys
10:26:42.0057 0x08d8  mfefirek - ok
10:26:42.0135 0x08d8  [ B6622A5B197D021647AE20E0D4C229B9, 15D64928FDB207C183A69E7CFB90BFFBF25F1AB14059EDEFDF021F323025F4E8 ] mfehidk        C:\Windows\system32\drivers\mfehidk.sys
10:26:42.0151 0x08d8  mfehidk - ok
10:26:42.0307 0x08d8  [ 72825BFA5F403E055B37F9D6E512EB93, 148D12AB19CD0E8D3800967582D0A1AB868EB9024A43F8E56C8E979C659BF88B ] mfeicfcoreocp  C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe
10:26:42.0432 0x08d8  mfeicfcoreocp - ok
10:26:42.0495 0x08d8  [ 6CD9133BC4B5DF25FB8BCBC382C8466F, F3C938D1EDD61EE1B227112CB027804E0AAD16CBCDD67EEE1D8EAABDFC996BA1 ] mfencbdc        C:\Windows\system32\DRIVERS\mfencbdc.sys
10:26:42.0510 0x08d8  mfencbdc - ok
10:26:42.0542 0x08d8  [ 408DC249009CDB3C9B299716C861C64B, 3EFBFA8EE857CBF4C6A29E0D1DA38EB21B57D5BA1F6CC544503CA8253E9BFF12 ] mfencrk        C:\Windows\system32\DRIVERS\mfencrk.sys
10:26:42.0557 0x08d8  mfencrk - ok
10:26:42.0589 0x08d8  [ 64BAFB4E5377056CDD71531097D69F6E, 28B434C1DB9AD930C5A32584C51FE1B3A4526952EBC953DAE775701E270C76C5 ] mfevtp          C:\Windows\system32\mfevtps.exe
10:26:42.0604 0x08d8  mfevtp - ok
10:26:42.0620 0x08d8  [ A58F979117A424CDB33C21396887800F, E857E74BB08E49AEDC7EE21C9FDA36053113E04F8D29B9DBC3A2A3F0667915C6 ] mfewfpk        C:\Windows\system32\drivers\mfewfpk.sys
10:26:42.0635 0x08d8  mfewfpk - ok
10:26:42.0667 0x08d8  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS          C:\Windows\system32\mmcss.dll
10:26:42.0698 0x08d8  MMCSS - ok
10:26:42.0745 0x08d8  [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem          C:\Windows\system32\drivers\modem.sys
10:26:42.0792 0x08d8  Modem - ok
10:26:42.0807 0x08d8  [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor        C:\Windows\System32\drivers\monitor.sys
10:26:42.0839 0x08d8  monitor - ok
10:26:42.0870 0x08d8  [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
10:26:42.0885 0x08d8  mouclass - ok
10:26:42.0917 0x08d8  [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid          C:\Windows\System32\drivers\mouhid.sys
10:26:42.0948 0x08d8  mouhid - ok
10:26:42.0964 0x08d8  [ E7E9DBFDD3F25ED0C05B99AE9FA18BDE, 6D0204BA271FD3262DAE6E6BF9C12C0D49E3C9AF40EB1E072BD5CA5E2B8598D5 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:26:42.0979 0x08d8  mountmgr - ok
10:26:43.0051 0x08d8  [ 03D14BF1DC59130002F6B8BA3AD89DB9, 1729CCD8AAF51CDB86ED67569974D0B6B1CFFA5F90EF6E6004B0D8A305D88C27 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:26:43.0065 0x08d8  MozillaMaintenance - ok
10:26:43.0095 0x08d8  [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:26:43.0126 0x08d8  mpsdrv - ok
10:26:43.0175 0x08d8  [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:26:43.0211 0x08d8  MpsSvc - ok
10:26:43.0268 0x08d8  [ 25560C1656DC7F0723A0CC0B0E1C6BED, 17E8565B833ED58CCB6F85B90A42553464C4408C54006E019AA5641EDB682E31 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:26:43.0284 0x08d8  MRxDAV - ok
10:26:43.0315 0x08d8  [ 14EE56050E1637926F5CFA65B1F4209B, C654280B4BB461898B43DF350B5BB76C2FDEBD6B49A19D08B2F28D92E2FA3D0D ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:26:43.0346 0x08d8  mrxsmb - ok
10:26:43.0377 0x08d8  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:26:43.0409 0x08d8  mrxsmb10 - ok
10:26:43.0441 0x08d8  [ 0AA400AB21745F1153ECE75E0186509A, E26696A00008BB8D88ABED6F379FFFAE21ACE9AA7108D9E89A7D99CAF2F23FEF ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:26:43.0509 0x08d8  mrxsmb20 - ok
10:26:43.0548 0x08d8  [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
10:26:43.0565 0x08d8  MsBridge - ok
10:26:43.0601 0x08d8  [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC          C:\Windows\System32\msdtc.exe
10:26:43.0632 0x08d8  MSDTC - ok
10:26:43.0663 0x08d8  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:26:43.0695 0x08d8  Msfs - ok
10:26:43.0726 0x08d8  [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32    C:\Windows\System32\drivers\msgpiowin32.sys
10:26:43.0744 0x08d8  msgpiowin32 - ok
10:26:43.0755 0x08d8  [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
10:26:43.0782 0x08d8  mshidkmdf - ok
10:26:43.0797 0x08d8  [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf      C:\Windows\System32\drivers\mshidumdf.sys
10:26:43.0813 0x08d8  mshidumdf - ok
10:26:43.0828 0x08d8  [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:26:43.0844 0x08d8  msisadrv - ok
10:26:43.0891 0x08d8  [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
10:26:43.0922 0x08d8  MSiSCSI - ok
10:26:43.0922 0x08d8  msiserver - ok
10:26:43.0938 0x08d8  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] MSK80Service    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
10:26:43.0953 0x08d8  MSK80Service - ok
10:26:44.0000 0x08d8  [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
10:26:44.0018 0x08d8  MSKSSRV - ok
10:26:44.0044 0x08d8  [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
10:26:44.0063 0x08d8  MsLldp - ok
10:26:44.0079 0x08d8  [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:26:44.0091 0x08d8  MSPCLOCK - ok
10:26:44.0104 0x08d8  [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
10:26:44.0130 0x08d8  MSPQM - ok
10:26:44.0142 0x08d8  [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
10:26:44.0165 0x08d8  MsRPC - ok
10:26:44.0171 0x08d8  [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
10:26:44.0182 0x08d8  mssmbios - ok
10:26:44.0209 0x08d8  [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
10:26:44.0240 0x08d8  MSTEE - ok
10:26:44.0254 0x08d8  [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
10:26:44.0280 0x08d8  MTConfig - ok
10:26:44.0312 0x08d8  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup            C:\Windows\system32\Drivers\mup.sys
10:26:44.0325 0x08d8  Mup - ok
10:26:44.0336 0x08d8  [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
10:26:44.0351 0x08d8  mvumis - ok
10:26:44.0398 0x08d8  [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent        C:\Windows\system32\qagentRT.dll
10:26:44.0445 0x08d8  napagent - ok
10:26:44.0493 0x08d8  [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
10:26:44.0532 0x08d8  NativeWifiP - ok
10:26:44.0572 0x08d8  [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc          C:\Windows\System32\ncasvc.dll
10:26:44.0603 0x08d8  NcaSvc - ok
10:26:44.0603 0x08d8  [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
10:26:44.0635 0x08d8  NcdAutoSetup - ok
10:26:44.0697 0x08d8  [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:26:44.0728 0x08d8  NDIS - ok
10:26:44.0744 0x08d8  [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
10:26:44.0775 0x08d8  NdisCap - ok
10:26:44.0792 0x08d8  [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
10:26:44.0823 0x08d8  NdisImPlatform - ok
10:26:44.0839 0x08d8  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:26:44.0870 0x08d8  NdisTapi - ok
10:26:44.0886 0x08d8  [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
10:26:44.0917 0x08d8  Ndisuio - ok
10:26:44.0933 0x08d8  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
10:26:44.0948 0x08d8  NdisWan - ok
10:26:44.0948 0x08d8  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY  C:\Windows\system32\DRIVERS\ndiswan.sys
10:26:44.0964 0x08d8  NDISWANLEGACY - ok
10:26:44.0995 0x08d8  [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
10:26:44.0995 0x08d8  NDProxy - ok
10:26:45.0011 0x08d8  [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu            C:\Windows\system32\drivers\Ndu.sys
10:26:45.0046 0x08d8  Ndu - ok
10:26:45.0050 0x08d8  [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
10:26:45.0068 0x08d8  NetBIOS - ok
10:26:45.0105 0x08d8  [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
10:26:45.0140 0x08d8  NetBT - ok
10:26:45.0157 0x08d8  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] Netlogon        C:\Windows\system32\lsass.exe
10:26:45.0169 0x08d8  Netlogon - ok
10:26:45.0209 0x08d8  [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman          C:\Windows\System32\netman.dll
10:26:45.0241 0x08d8  Netman - ok
10:26:45.0279 0x08d8  [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm        C:\Windows\System32\netprofmsvc.dll
10:26:45.0316 0x08d8  netprofm - ok
10:26:45.0377 0x08d8  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:26:45.0456 0x08d8  NetTcpPortSharing - ok
10:26:45.0534 0x08d8  [ 109413059775750CE8248A491834514E, F8665953F9E5EA3FA1B1020C0DA7DF1F82D97D204D6D9A32B81F48534903B098 ] NetworkSupport  C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe
10:26:45.0549 0x08d8  NetworkSupport - ok
10:26:45.0581 0x08d8  [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960        C:\Windows\system32\drivers\nfrd960.sys
10:26:45.0581 0x08d8  nfrd960 - ok
10:26:45.0612 0x08d8  [ 5177E35B186D2DED6F1EFF57BA61B975, B48C2E0FE2E95C37697107BDB8E0843D3E56200D2E242BF02E205C53978655D9 ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:26:45.0643 0x08d8  NlaSvc - ok
10:26:45.0674 0x08d8  [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:26:45.0690 0x08d8  Npfs - ok
10:26:45.0690 0x08d8  [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig      C:\Windows\System32\drivers\npsvctrig.sys
10:26:45.0721 0x08d8  npsvctrig - ok
10:26:45.0752 0x08d8  [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi            C:\Windows\system32\nsisvc.dll
10:26:45.0768 0x08d8  nsi - ok
10:26:45.0799 0x08d8  [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:26:45.0831 0x08d8  nsiproxy - ok
10:26:45.0940 0x08d8  [ 7BE3EDFFA3216F989A6BDCB14795DD08, 19A2D0120C46CA9BCFBC16DC3E65687ACDDCBA33B79128188652BA2AFAA2EE2F ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:26:46.0018 0x08d8  Ntfs - ok
10:26:46.0049 0x08d8  [ 96ACBF3DDC38A52FEE115F577F36568F, DB8CB01971208C8D7A306A5FEDA39A3802195123E6B801DFB905B0E1934D3C96 ] NuidFltr        C:\Windows\System32\drivers\NuidFltr.sys
10:26:46.0049 0x08d8  NuidFltr - ok
10:26:46.0081 0x08d8  [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null            C:\Windows\system32\drivers\Null.sys
10:26:46.0096 0x08d8  Null - ok
10:26:46.0529 0x08d8  [ F648FE6BCE0AAD9E5EA63C8BE9AD90E3, F4885B42FCE7D838B7640EB9CF81135F9D637E7CD7A016894AD2F24450FA91BD ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:26:47.0017 0x08d8  nvlddmkm - ok
10:26:47.0104 0x08d8  [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:26:47.0135 0x08d8  nvraid - ok
10:26:47.0151 0x08d8  [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:26:47.0166 0x08d8  nvstor - ok
10:26:47.0197 0x08d8  [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:26:47.0213 0x08d8  nv_agp - ok
10:26:47.0276 0x08d8  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:26:47.0291 0x08d8  p2pimsvc - ok
10:26:47.0323 0x08d8  [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc          C:\Windows\system32\p2psvc.dll
10:26:47.0355 0x08d8  p2psvc - ok
10:26:47.0370 0x08d8  [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport        C:\Windows\System32\drivers\parport.sys
10:26:47.0386 0x08d8  Parport - ok
10:26:47.0433 0x08d8  [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr        C:\Windows\system32\drivers\partmgr.sys
10:26:47.0448 0x08d8  partmgr - ok
10:26:47.0511 0x08d8  [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:26:47.0527 0x08d8  PcaSvc - ok
10:26:47.0584 0x08d8  [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci            C:\Windows\system32\drivers\pci.sys
10:26:47.0611 0x08d8  pci - ok
10:26:47.0630 0x08d8  [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide          C:\Windows\system32\drivers\pciide.sys
10:26:47.0640 0x08d8  pciide - ok
10:26:47.0670 0x08d8  [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
10:26:47.0687 0x08d8  pcmcia - ok
10:26:47.0698 0x08d8  [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw            C:\Windows\system32\drivers\pcw.sys
10:26:47.0711 0x08d8  pcw - ok
10:26:47.0748 0x08d8  [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc            C:\Windows\system32\drivers\pdc.sys
10:26:47.0761 0x08d8  pdc - ok
10:26:47.0813 0x08d8  [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:26:47.0858 0x08d8  PEAUTH - ok
10:26:47.0936 0x08d8  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:26:47.0983 0x08d8  PerfHost - ok
10:26:48.0062 0x08d8  [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla            C:\Windows\system32\pla.dll
10:26:48.0138 0x08d8  pla - ok
10:26:48.0166 0x08d8  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:26:48.0183 0x08d8  PlugPlay - ok
10:26:48.0261 0x08d8  [ 0554C64486399581EC5686CCBB975DFE, 5527ED1456A41B5A1502575DF5400DD88449AF3400BD20E2709C3C20B7198B87 ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
10:26:48.0323 0x08d8  PMBDeviceInfoProvider - ok
10:26:48.0339 0x08d8  [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
10:26:48.0370 0x08d8  PNRPAutoReg - ok
10:26:48.0401 0x08d8  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
10:26:48.0417 0x08d8  PNRPsvc - ok
10:26:48.0465 0x08d8  [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
10:26:48.0512 0x08d8  PolicyAgent - ok
10:26:48.0543 0x08d8  [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power          C:\Windows\system32\umpo.dll
10:26:48.0559 0x08d8  Power - ok
10:26:48.0590 0x08d8  [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:26:48.0621 0x08d8  PptpMiniport - ok
10:26:48.0796 0x08d8  [ 3D312AC13CB8D05822E9EFD234766BA7, 5914CAA563FAE4E21AD58A262369657135D320788A56ABF15C9D77E9ADC4CA36 ] PrintNotify    C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
10:26:48.0906 0x08d8  PrintNotify - ok
10:26:48.0939 0x08d8  [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor      C:\Windows\System32\drivers\processr.sys
10:26:48.0969 0x08d8  Processor - ok
10:26:49.0010 0x08d8  [ 1D7127048413309629233B50BF2DD9A6, 918322AFDD576D9966961B111F5E38BDDB4278F9456E7AA1A3453EC8CAF4B8A8 ] ProfSvc        C:\Windows\system32\profsvc.dll
10:26:49.0034 0x08d8  ProfSvc - ok
10:26:49.0066 0x08d8  [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:26:49.0081 0x08d8  Psched - ok
10:26:49.0113 0x08d8  [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE          C:\Windows\system32\qwave.dll
10:26:49.0144 0x08d8  QWAVE - ok
10:26:49.0175 0x08d8  [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:26:49.0206 0x08d8  QWAVEdrv - ok
10:26:49.0222 0x08d8  [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:26:49.0253 0x08d8  RasAcd - ok
10:26:49.0284 0x08d8  [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
10:26:49.0316 0x08d8  RasAgileVpn - ok
10:26:49.0347 0x08d8  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto        C:\Windows\System32\rasauto.dll
10:26:49.0394 0x08d8  RasAuto - ok
10:26:49.0425 0x08d8  [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
10:26:49.0456 0x08d8  Rasl2tp - ok
10:26:49.0488 0x08d8  [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan          C:\Windows\System32\rasmans.dll
10:26:49.0519 0x08d8  RasMan - ok
10:26:49.0519 0x08d8  [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:26:49.0534 0x08d8  RasPppoe - ok
10:26:49.0550 0x08d8  [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
10:26:49.0566 0x08d8  RasSstp - ok
10:26:49.0628 0x08d8  [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
10:26:49.0659 0x08d8  rdbss - ok
10:26:49.0691 0x08d8  [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
10:26:49.0718 0x08d8  rdpbus - ok
10:26:49.0724 0x08d8  [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR          C:\Windows\system32\drivers\rdpdr.sys
10:26:49.0739 0x08d8  RDPDR - ok
10:26:49.0771 0x08d8  [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:26:49.0771 0x08d8  RdpVideoMiniport - ok
10:26:49.0802 0x08d8  [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
10:26:49.0833 0x08d8  RDPWD - ok
10:26:49.0864 0x08d8  [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:26:49.0880 0x08d8  rdyboost - ok
10:26:49.0927 0x08d8  [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:26:49.0958 0x08d8  RemoteAccess - ok
10:26:50.0006 0x08d8  [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:26:50.0053 0x08d8  RemoteRegistry - ok
10:26:50.0100 0x08d8  [ CCBFCABDFE2BC22F0645CEAADDB36004, 279EA9075079F91165027CEFD4FBC61A213CA602EE7DE106F7D2D243468706AA ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
10:26:50.0131 0x08d8  RFCOMM - ok
10:26:50.0162 0x08d8  [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:26:50.0193 0x08d8  RpcEptMapper - ok
10:26:50.0222 0x08d8  [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator      C:\Windows\system32\locator.exe
10:26:50.0234 0x08d8  RpcLocator - ok
10:26:50.0304 0x08d8  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs          C:\Windows\system32\rpcss.dll
10:26:50.0333 0x08d8  RpcSs - ok
10:26:50.0374 0x08d8  [ FD2F7ABB0B3C777CDC9D342CADBF0131, 8C7D8C753E100B8B005FF089299062448E5FEE88E84E4CE9E050CE3F2AAC5BCB ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
10:26:50.0389 0x08d8  RSPCIESTOR - ok
10:26:50.0431 0x08d8  [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:26:50.0458 0x08d8  rspndr - ok
10:26:50.0514 0x08d8  [ 7D9DA8EC6784A9EE213C676709D46BE6, 9861D1EF107F7D1590B89098EAEA7F509C1EF46999C37703F3766BAD733D8AD2 ] RTL8168        C:\Windows\system32\DRIVERS\Rt630x64.sys
10:26:50.0538 0x08d8  RTL8168 - ok
10:26:50.0576 0x08d8  [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap          C:\Windows\System32\drivers\vms3cap.sys
10:26:50.0607 0x08d8  s3cap - ok
10:26:50.0669 0x08d8  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] SamSs          C:\Windows\system32\lsass.exe
10:26:50.0701 0x08d8  SamSs - ok
10:26:50.0732 0x08d8  [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:26:50.0732 0x08d8  sbp2port - ok
10:26:50.0779 0x08d8  [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:26:50.0841 0x08d8  SCardSvr - ok
10:26:50.0857 0x08d8  [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:26:50.0888 0x08d8  scfilter - ok
10:26:50.0935 0x08d8  [ 201C397A73DFEE109490F4BA1168CFC2, 74FC2A30CBF2E2197E75860A3B308CDCBEB3C28794ABED388B493505A2D84BAA ] Schedule        C:\Windows\system32\schedsvc.dll
10:26:50.0997 0x08d8  Schedule - ok
10:26:51.0044 0x08d8  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc    C:\Windows\System32\certprop.dll
10:26:51.0060 0x08d8  SCPolicySvc - ok
10:26:51.0091 0x08d8  [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus          C:\Windows\System32\drivers\sdbus.sys
10:26:51.0107 0x08d8  sdbus - ok
10:26:51.0138 0x08d8  [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:26:51.0169 0x08d8  SDRSVC - ok
10:26:51.0201 0x08d8  [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor          C:\Windows\System32\drivers\sdstor.sys
10:26:51.0216 0x08d8  sdstor - ok
10:26:51.0248 0x08d8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:26:51.0263 0x08d8  secdrv - ok
10:26:51.0294 0x08d8  [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon        C:\Windows\system32\seclogon.dll
10:26:51.0310 0x08d8  seclogon - ok
10:26:51.0326 0x08d8  [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS            C:\Windows\System32\sens.dll
10:26:51.0372 0x08d8  SENS - ok
10:26:51.0404 0x08d8  [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:26:51.0419 0x08d8  SensrSvc - ok
10:26:51.0451 0x08d8  [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx          C:\Windows\system32\drivers\SerCx.sys
10:26:51.0482 0x08d8  SerCx - ok
10:26:51.0497 0x08d8  [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum        C:\Windows\System32\drivers\serenum.sys
10:26:51.0529 0x08d8  Serenum - ok
10:26:51.0560 0x08d8  [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial          C:\Windows\System32\drivers\serial.sys
10:26:51.0576 0x08d8  Serial - ok
10:26:51.0591 0x08d8  [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse        C:\Windows\System32\drivers\sermouse.sys
10:26:51.0591 0x08d8  sermouse - ok
10:26:51.0654 0x08d8  [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv      C:\Windows\system32\sessenv.dll
10:26:51.0669 0x08d8  SessionEnv - ok
10:26:51.0701 0x08d8  [ 415B1326C40A2E1F251A3845B9C7DF31, D7BD668962B71DC3877366EB0C0BD5CDB1FF564A5866EE58DB90838D78227AD6 ] SFEP            C:\Windows\System32\drivers\SFEP.sys
10:26:51.0716 0x08d8  SFEP - ok
10:26:51.0763 0x08d8  [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy        C:\Windows\System32\drivers\sfloppy.sys
10:26:51.0779 0x08d8  sfloppy - ok
10:26:51.0810 0x08d8  [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:26:51.0857 0x08d8  SharedAccess - ok
10:26:51.0904 0x08d8  [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:26:51.0951 0x08d8  ShellHWDetection - ok
10:26:51.0982 0x08d8  [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
10:26:51.0998 0x08d8  SiSRaid2 - ok
10:26:52.0044 0x08d8  [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
10:26:52.0060 0x08d8  SiSRaid4 - ok
10:26:52.0091 0x08d8  [ 31EB63D59A3B097E12D07FAFD2D7A959, 8C0FC4123CB818C6C22C25C8A305B6ABC299E063C68ECA537F7D152AB932C97C ] SmbDrvI        C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
10:26:52.0107 0x08d8  SmbDrvI - ok
10:26:52.0154 0x08d8  [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:26:52.0279 0x08d8  SNMPTRAP - ok
10:26:52.0388 0x08d8  [ 3CBFEE060A4FD306F783E1A14926C9AF, 67DF4B3E23DB18E8BC15301F83B1844EFF6BD8E885CA1590EBAAFBAA441968CB ] SOHCImp        C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
10:26:52.0404 0x08d8  SOHCImp - ok
10:26:52.0420 0x08d8  [ 06B3BFC6AB8E4731AEF2C85383486524, B03E69C0E883B863DACF251A8287D0A6043EFB4CA5CA5576EAEFA3E4486ECBEC ] SOHDms          C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
10:26:52.0435 0x08d8  SOHDms - ok
10:26:52.0451 0x08d8  [ 3F3E0E389C03AAC4705BC03BFB2A8582, 0D5BF14F12BE6167ECE974BF114336576C38DF5B83D2889316A91381B26948EC ] SOHDs          C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
10:26:52.0466 0x08d8  SOHDs - ok
10:26:52.0498 0x08d8  [ AA0F913B69BCEC9655ECAAA2312B29D9, 655D6E5B36ABC1C632096243F7FF55C4168A2009A5A43C8FDA5EFA67F972ADF3 ] SOWS            C:\Windows\System32\drivers\sows.sys
10:26:52.0529 0x08d8  SOWS - ok
10:26:52.0560 0x08d8  [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport      C:\Windows\system32\drivers\spaceport.sys
10:26:52.0576 0x08d8  spaceport - ok
10:26:52.0591 0x08d8  [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx          C:\Windows\system32\drivers\SpbCx.sys
10:26:52.0623 0x08d8  SpbCx - ok
10:26:52.0716 0x08d8  [ C03E480E63A80D73FABE28D24D3B6B47, F8C68DC63A5492587F9343158348ADD99A99AF34DC7ED29E5562EE90C0AB8F25 ] SpfService      C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
10:26:52.0748 0x08d8  SpfService - ok
10:26:52.0795 0x08d8  [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler        C:\Windows\System32\spoolsv.exe
10:26:52.0841 0x08d8  Spooler - ok
10:26:53.0013 0x08d8  [ 061A977C920FBE4BF71FF47C966DDDCA, 746516396B72E4ADB05D978C819CD45FE44EE194756F6DA50121D755439CA590 ] sppsvc          C:\Windows\system32\sppsvc.exe
10:26:53.0216 0x08d8  sppsvc - ok
10:26:53.0326 0x08d8  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv            C:\Windows\system32\DRIVERS\srv.sys
10:26:53.0373 0x08d8  srv - ok
10:26:53.0420 0x08d8  [ B56A855B23676CCE05B626C6037FD02F, 3C0DCB16A96BD6A002A4FAF1AF939AF470D95137CB745F5DAD039B5D8C956E30 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:26:53.0467 0x08d8  srv2 - ok
10:26:53.0498 0x08d8  [ 78E9665C8DC59106D133CBEF0F0C3DE3, 380FD51EE00CEF3FFEF9BFB5E14538E084F1DDF8D8F8BCDF4EC23CB8C3A40D2F ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:26:53.0513 0x08d8  srvnet - ok
10:26:53.0560 0x08d8  [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
10:26:53.0592 0x08d8  SSDPSRV - ok
10:26:53.0654 0x08d8  [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc        C:\Windows\system32\sstpsvc.dll
10:26:53.0670 0x08d8  SstpSvc - ok
10:26:53.0701 0x08d8  [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor        C:\Windows\system32\drivers\stexstor.sys
10:26:53.0717 0x08d8  stexstor - ok
10:26:53.0779 0x08d8  [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc          C:\Windows\System32\wiaservc.dll
10:26:53.0826 0x08d8  stisvc - ok
10:26:53.0873 0x08d8  [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci        C:\Windows\system32\drivers\storahci.sys
10:26:53.0888 0x08d8  storahci - ok
10:26:53.0935 0x08d8  [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt        C:\Windows\system32\DRIVERS\vmstorfl.sys
10:26:53.0951 0x08d8  storflt - ok
10:26:53.0998 0x08d8  [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc        C:\Windows\system32\storsvc.dll
10:26:54.0013 0x08d8  StorSvc - ok
10:26:54.0060 0x08d8  [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc        C:\Windows\system32\drivers\storvsc.sys
10:26:54.0107 0x08d8  storvsc - ok
10:26:54.0123 0x08d8  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc          C:\Windows\system32\svsvc.dll
10:26:54.0159 0x08d8  svsvc - ok
10:26:54.0175 0x08d8  [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum          C:\Windows\System32\drivers\swenum.sys
10:26:54.0175 0x08d8  swenum - ok
10:26:54.0206 0x08d8  [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv          C:\Windows\System32\swprv.dll
10:26:54.0253 0x08d8  swprv - ok
10:26:54.0300 0x08d8  [ 059AA9D476A71CCE202B023226B40C4A, 080F413ECB7AE1638EC99B0C5574285AC64621126C6BF1F71450A344C5BAC2C5 ] SynTP          C:\Windows\system32\DRIVERS\SynTP.sys
10:26:54.0331 0x08d8  SynTP - ok
10:26:54.0409 0x08d8  [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain        C:\Windows\system32\sysmain.dll
10:26:54.0472 0x08d8  SysMain - ok
10:26:54.0487 0x08d8  [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
10:26:54.0518 0x08d8  SystemEventsBroker - ok
10:26:54.0581 0x08d8  [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\Windows\System32\TabSvc.dll
10:26:54.0612 0x08d8  TabletInputService - ok
10:26:54.0643 0x08d8  [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv        C:\Windows\System32\tapisrv.dll
10:26:54.0675 0x08d8  TapiSrv - ok
10:26:54.0768 0x08d8  [ 2AE9136724568DB4F08BC04F131CFC54, 11AA017AE39D0A63233D01A8AE33FD53D5302683E037D29B73366D6233764080 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
10:26:54.0847 0x08d8  Tcpip - ok
10:26:54.0893 0x08d8  [ 2AE9136724568DB4F08BC04F131CFC54, 11AA017AE39D0A63233D01A8AE33FD53D5302683E037D29B73366D6233764080 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:26:54.0972 0x08d8  TCPIP6 - ok
10:26:55.0003 0x08d8  [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:26:55.0034 0x08d8  tcpipreg - ok
10:26:55.0034 0x08d8  [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
10:26:55.0050 0x08d8  tdx - ok
10:26:55.0065 0x08d8  [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
10:26:55.0081 0x08d8  terminpt - ok
10:26:55.0143 0x08d8  [ 2B3D2FDF50EDABEBE0A9E6F741C81858, F0C3A1DC968C5D28EF68BE4352577B4F8D4B4FB6274268DCCCD8A5C132DEC2F9 ] TermService    C:\Windows\System32\termsrv.dll
10:26:55.0175 0x08d8  TermService - ok
10:26:55.0237 0x08d8  [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes          C:\Windows\system32\themeservice.dll
10:26:55.0269 0x08d8  Themes - ok
10:26:55.0316 0x08d8  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER    C:\Windows\system32\mmcss.dll
10:26:55.0327 0x08d8  THREADORDER - ok
10:26:55.0374 0x08d8  [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
10:26:55.0405 0x08d8  TimeBroker - ok
10:26:55.0421 0x08d8  [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM            C:\Windows\system32\drivers\tpm.sys
10:26:55.0436 0x08d8  TPM - ok
10:26:55.0468 0x08d8  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks          C:\Windows\System32\trkwks.dll
10:26:55.0483 0x08d8  TrkWks - ok
10:26:55.0561 0x08d8  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:26:55.0608 0x08d8  TrustedInstaller - ok
10:26:55.0640 0x08d8  [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
10:26:55.0671 0x08d8  TsUsbFlt - ok
10:26:55.0686 0x08d8  [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD        C:\Windows\System32\drivers\TsUsbGD.sys
10:26:55.0702 0x08d8  TsUsbGD - ok
10:26:55.0718 0x08d8  [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:26:55.0733 0x08d8  tunnel - ok
10:26:55.0765 0x08d8  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35          C:\Windows\system32\drivers\uagp35.sys
10:26:55.0765 0x08d8  uagp35 - ok
10:26:55.0796 0x08d8  [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
10:26:55.0811 0x08d8  UASPStor - ok
10:26:55.0843 0x08d8  [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
10:26:55.0858 0x08d8  UCX01000 - ok
10:26:55.0890 0x08d8  [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:26:55.0905 0x08d8  udfs - ok
10:26:55.0936 0x08d8  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect      C:\Windows\system32\UI0Detect.exe
10:26:55.0952 0x08d8  UI0Detect - ok
10:26:55.0983 0x08d8  [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:26:55.0999 0x08d8  uliagpkx - ok
10:26:56.0015 0x08d8  [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus          C:\Windows\System32\drivers\umbus.sys
10:26:56.0046 0x08d8  umbus - ok
10:26:56.0046 0x08d8  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass          C:\Windows\System32\drivers\umpass.sys
10:26:56.0061 0x08d8  UmPass - ok
10:26:56.0108 0x08d8  [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService    C:\Windows\System32\umrdp.dll
10:26:56.0140 0x08d8  UmRdpService - ok
10:26:56.0249 0x08d8  [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
10:26:56.0265 0x08d8  UNS - ok
10:26:56.0343 0x08d8  [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost        C:\Windows\System32\upnphost.dll
10:26:56.0358 0x08d8  upnphost - ok
10:26:56.0390 0x08d8  [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp        C:\Windows\System32\drivers\usbccgp.sys
10:26:56.0421 0x08d8  usbccgp - ok
10:26:56.0452 0x08d8  [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir          C:\Windows\System32\drivers\usbcir.sys
10:26:56.0452 0x08d8  usbcir - ok
10:26:56.0483 0x08d8  [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci        C:\Windows\System32\drivers\usbehci.sys
10:26:56.0483 0x08d8  usbehci - ok
10:26:56.0515 0x08d8  [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
10:26:56.0546 0x08d8  usbhub - ok
10:26:56.0577 0x08d8  [ FAAB461D5AEB21EE5FC5C0DBD6648223, 187EB7AC6CDE39621C587EB1551DBC358DE2BC7C8A4265DB817C9D6F5ADE54A3 ] USBHUB3        C:\Windows\System32\drivers\UsbHub3.sys
10:26:56.0608 0x08d8  USBHUB3 - ok
10:26:56.0624 0x08d8  [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci        C:\Windows\System32\drivers\usbohci.sys
10:26:56.0655 0x08d8  usbohci - ok
10:26:56.0686 0x08d8  [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
10:26:56.0718 0x08d8  usbprint - ok
10:26:56.0749 0x08d8  [ AD91D1BBE5D3CF4501887DC1C09384FD, ED9E27CD1D52401087427EC20E389FBE2497193483C2E53E8DE5D70DACF5D928 ] usbscan        C:\Windows\System32\drivers\usbscan.sys
10:26:56.0765 0x08d8  usbscan - ok
10:26:56.0780 0x08d8  [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR        C:\Windows\System32\drivers\USBSTOR.SYS
10:26:56.0796 0x08d8  USBSTOR - ok
10:26:56.0827 0x08d8  [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci        C:\Windows\System32\drivers\usbuhci.sys
10:26:56.0858 0x08d8  usbuhci - ok
10:26:56.0874 0x08d8  [ 9EF7C01D3ACCBC243B5CB1A95865B2FF, 367A7640B4992E68EB3E1BBD78D3014742F4CC4056750E389048C653251DAD33 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
10:26:56.0890 0x08d8  usbvideo - ok
10:26:56.0921 0x08d8  [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI        C:\Windows\System32\drivers\USBXHCI.SYS
10:26:56.0936 0x08d8  USBXHCI - ok
10:26:57.0030 0x08d8  [ 34349E7B488FA61B639117F6BF1EBF99, A7A7E60511F7D6370473D41867F5323695308CC27D3EEB0286687D3A9E0084E9 ] USER_ESRV_SVC  C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
10:26:57.0046 0x08d8  USER_ESRV_SVC - ok
10:26:57.0124 0x08d8  [ 1CA1DC88D9484BCFD6C26560F397539A, 95C2AB45D4682BB4F75F1D03D57CCA944BA570EFEA06E0AB71062C6E6E7C7F4A ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
10:26:57.0140 0x08d8  VAIO Event Service - ok
10:26:57.0218 0x08d8  [ 8EF62038EBD54C240486A36F9259C64A, D2EA5718C13D5E62DCA06013E67E651847172950ED7ED7CA7C25CC8422D54260 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
10:26:57.0233 0x08d8  VAIO Power Management - ok
10:26:57.0249 0x08d8  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] VaultSvc        C:\Windows\system32\lsass.exe
10:26:57.0265 0x08d8  VaultSvc - ok
10:26:57.0374 0x08d8  [ 3B00B812D4E88FEA3F557DFC07BE415C, CC30E0696584FCB6AE2579F20458D8BC5747D5E16860D62D444BCA45DE2491AB ] VCFw            C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
10:26:57.0405 0x08d8  VCFw - detected UnsignedFile.Multi.Generic ( 1 )
10:26:59.0882 0x08d8  VCFw ( UnsignedFile.Multi.Generic ) - warning
10:26:59.0882 0x08d8  Force sending object to P2P due to detect: VCFw
10:27:02.0633 0x08d8  Object send P2P result: true
10:27:05.0133 0x08d8  [ 0D53D30C8473EEDC1757FDA3C511103B, 54E1AE2CCD71AD446F373DD8E19382D81CA2BC9AEEE326CF5BF020AD3C5F58AB ] VCService      C:\Program Files\Sony\VAIO Care\VCService.exe
10:27:05.0148 0x08d8  VCService - ok
10:27:05.0195 0x08d8  [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
10:27:05.0195 0x08d8  vdrvroot - ok
10:27:05.0242 0x08d8  [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds            C:\Windows\System32\vds.exe
10:27:05.0289 0x08d8  vds - ok
10:27:05.0320 0x08d8  [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt    C:\Windows\system32\drivers\VerifierExt.sys
10:27:05.0320 0x08d8  VerifierExt - ok
10:27:05.0351 0x08d8  [ D4051AA2ACD38AABF9DEC24B8A331EB1, 377D5DD98E4E09F3CCC330852F9FD9E4CC2069AE1A1C1AFBC90002FE3101708B ] vhdmp          C:\Windows\System32\drivers\vhdmp.sys
10:27:05.0383 0x08d8  vhdmp - ok
10:27:05.0430 0x08d8  [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:27:05.0445 0x08d8  viaide - ok
10:27:05.0461 0x08d8  [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus          C:\Windows\system32\drivers\vmbus.sys
10:27:05.0476 0x08d8  vmbus - ok
10:27:05.0492 0x08d8  [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
10:27:05.0508 0x08d8  VMBusHID - ok
10:27:05.0539 0x08d8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat  C:\Windows\System32\ICSvc.dll
10:27:05.0570 0x08d8  vmicheartbeat - ok
10:27:05.0570 0x08d8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\Windows\System32\ICSvc.dll
10:27:05.0586 0x08d8  vmickvpexchange - ok
10:27:05.0617 0x08d8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv        C:\Windows\System32\ICSvc.dll
10:27:05.0633 0x08d8  vmicrdv - ok
10:27:05.0648 0x08d8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown    C:\Windows\System32\ICSvc.dll
10:27:05.0664 0x08d8  vmicshutdown - ok
10:27:05.0680 0x08d8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync    C:\Windows\System32\ICSvc.dll
10:27:05.0695 0x08d8  vmictimesync - ok
10:27:05.0695 0x08d8  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss        C:\Windows\System32\ICSvc.dll
10:27:05.0726 0x08d8  vmicvss - ok
10:27:05.0742 0x08d8  [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:27:05.0742 0x08d8  volmgr - ok
10:27:05.0773 0x08d8  [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
10:27:05.0789 0x08d8  volmgrx - ok
10:27:05.0836 0x08d8  [ AA37946941ED3805AB3A924965907147, 11BD8FA585F193EED050458E93679D730FC2C09D19237DA40B0190132D328CB2 ] volsnap        C:\Windows\system32\drivers\volsnap.sys
10:27:05.0851 0x08d8  volsnap - ok
10:27:05.0867 0x08d8  [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci            C:\Windows\System32\drivers\vpci.sys
10:27:05.0867 0x08d8  vpci - ok
10:27:05.0898 0x08d8  [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid        C:\Windows\system32\drivers\vsmraid.sys
10:27:05.0898 0x08d8  vsmraid - ok
10:27:05.0976 0x08d8  [ FE37051171F3B90B18037FDBAC5B9D76, F220D71512E059F298F3CD958D69BE7225A8E8D492387347E75A0E615159782A ] VSS            C:\Windows\system32\vssvc.exe
10:27:06.0023 0x08d8  VSS - ok
10:27:06.0070 0x08d8  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
10:27:06.0086 0x08d8  VSTXRAID - ok
10:27:06.0211 0x08d8  [ C1FAE2E81955DCCD79034A23EC4F3F37, 61B6477C6068B5542D3EE9C6336FBD7589F1CFFD3E850473A539619033533286 ] VUAgent        C:\Program Files\Sony\VAIO Update\vuagent.exe
10:27:06.0258 0x08d8  VUAgent - ok
10:27:06.0289 0x08d8  [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
10:27:06.0289 0x08d8  vwifibus - ok
10:27:06.0305 0x08d8  [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
10:27:06.0320 0x08d8  vwififlt - ok
10:27:06.0320 0x08d8  [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp        C:\Windows\system32\DRIVERS\vwifimp.sys
10:27:06.0351 0x08d8  vwifimp - ok
10:27:06.0383 0x08d8  [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time        C:\Windows\system32\w32time.dll
10:27:06.0414 0x08d8  W32Time - ok
10:27:06.0445 0x08d8  [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
10:27:06.0476 0x08d8  WacomPen - ok
10:27:06.0508 0x08d8  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
10:27:06.0539 0x08d8  Wanarp - ok
10:27:06.0539 0x08d8  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:27:06.0555 0x08d8  Wanarpv6 - ok
10:27:06.0617 0x08d8  [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine        C:\Windows\system32\wbengine.exe
10:27:06.0680 0x08d8  wbengine - ok
10:27:06.0711 0x08d8  [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:27:06.0742 0x08d8  WbioSrvc - ok
10:27:06.0805 0x08d8  [ F43314B83101DEBF7D7CCD42493CFC60, F4B70372559F2FD9A74FB87422EC6EF024F925AE4D838473E04E6B48AB7255AF ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
10:27:06.0852 0x08d8  Wcmsvc - ok
10:27:06.0930 0x08d8  [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc        C:\Windows\System32\wcncsvc.dll
10:27:06.0961 0x08d8  wcncsvc - ok
10:27:07.0008 0x08d8  [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:27:07.0023 0x08d8  WcsPlugInService - ok
10:27:07.0055 0x08d8  [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd              C:\Windows\system32\drivers\wd.sys
10:27:07.0055 0x08d8  Wd - ok
10:27:07.0102 0x08d8  [ 5A416C253D2C50327928ABC4A1D8A0F2, A3A41F3E6229D86F85F68062BBEA38290FB78B3D3F0D8DF3B6C01FF5B93A9F16 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
10:27:07.0102 0x08d8  WdBoot - ok
10:27:07.0148 0x08d8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:27:07.0180 0x08d8  Wdf01000 - ok
10:27:07.0211 0x08d8  [ 6FBA6CD2348DEC440D0C6D511C55F3FE, 0CB50B57D9C6E56B20FA8777540E2C8C5702753758075DA4C310A7B2B2F8A352 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
10:27:07.0227 0x08d8  WdFilter - ok
10:27:07.0258 0x08d8  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:27:07.0273 0x08d8  WdiServiceHost - ok
10:27:07.0289 0x08d8  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost  C:\Windows\system32\wdi.dll
10:27:07.0305 0x08d8  WdiSystemHost - ok
10:27:07.0336 0x08d8  [ 9B1384CE8E681D2D77BB3524B8E86311, BDEF9D0A79A7C26A88088A306F91632F300E587736CDD2C64717EC54DD6E89FF ] WebClient      C:\Windows\System32\webclnt.dll
10:27:07.0367 0x08d8  WebClient - ok
10:27:07.0398 0x08d8  [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:27:07.0430 0x08d8  Wecsvc - ok
10:27:07.0445 0x08d8  [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
10:27:07.0477 0x08d8  wercplsupport - ok
10:27:07.0492 0x08d8  [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:27:07.0508 0x08d8  WerSvc - ok
10:27:07.0555 0x08d8  [ 8FDA12E934C7BB7CC317F90FC70DC4FC, AA0DA063BCE5692DFD46F0AAE07727B38D4AA87A9BAEBAFF137F9CAAF2808EC0 ] WFPLWFS        C:\Windows\system32\DRIVERS\wfplwfs.sys
10:27:07.0555 0x08d8  WFPLWFS - ok
10:27:07.0602 0x08d8  [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc          C:\Windows\System32\wiarpc.dll
10:27:07.0617 0x08d8  WiaRpc - ok
10:27:07.0648 0x08d8  [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:27:07.0664 0x08d8  WIMMount - ok
10:27:07.0695 0x08d8  WinDefend - ok
10:27:07.0758 0x08d8  [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
10:27:07.0789 0x08d8  WinHttpAutoProxySvc - ok
10:27:07.0867 0x08d8  [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
10:27:07.0899 0x08d8  Winmgmt - ok
10:27:07.0992 0x08d8  [ 89DA335401D956F2696E35A38817BE19, D5A8D5C0BE285564AB0DF1B4594FE612359C72BE3B64063C3460BB73AA34F413 ] WinRM          C:\Windows\system32\WsmSvc.dll
10:27:08.0102 0x08d8  WinRM - ok
10:27:08.0180 0x08d8  [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc        C:\Windows\System32\wlansvc.dll
10:27:08.0227 0x08d8  WlanSvc - ok
10:27:08.0305 0x08d8  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc        C:\Windows\system32\wlidsvc.dll
10:27:08.0367 0x08d8  wlidsvc - ok
10:27:08.0399 0x08d8  [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi        C:\Windows\System32\drivers\wmiacpi.sys
10:27:08.0399 0x08d8  WmiAcpi - ok
10:27:08.0445 0x08d8  [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:27:08.0461 0x08d8  wmiApSrv - ok
10:27:08.0492 0x08d8  WMPNetworkSvc - ok
10:27:08.0539 0x08d8  [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr        C:\Windows\system32\DRIVERS\wpcfltr.sys
10:27:08.0555 0x08d8  wpcfltr - ok
10:27:08.0570 0x08d8  [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:27:08.0586 0x08d8  WPCSvc - ok
10:27:08.0633 0x08d8  [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:27:08.0664 0x08d8  WPDBusEnum - ok
10:27:08.0680 0x08d8  [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr      C:\Windows\system32\drivers\WpdUpFltr.sys
10:27:08.0711 0x08d8  WpdUpFltr - ok
10:27:08.0742 0x08d8  [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
10:27:08.0774 0x08d8  ws2ifsl - ok
10:27:08.0805 0x08d8  [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc          C:\Windows\System32\wscsvc.dll
10:27:08.0820 0x08d8  wscsvc - ok
10:27:08.0820 0x08d8  WSearch - ok
10:27:08.0930 0x08d8  [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService      C:\Windows\System32\WSService.dll
10:27:09.0008 0x08d8  WSService - ok
10:27:09.0149 0x08d8  [ C5B45464B98F211FE58AEE62CFF21F05, A0AB6142F35707102B75C9C29A749C7EB12CB6F5E85E6BA67C5B961AF7EB3BE8 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:27:09.0242 0x08d8  wuauserv - ok
10:27:09.0274 0x08d8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:27:09.0305 0x08d8  WudfPf - ok
10:27:09.0305 0x08d8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
10:27:09.0336 0x08d8  WUDFRd - ok
10:27:09.0352 0x08d8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFSensorLP    C:\Windows\system32\DRIVERS\WUDFRd.sys
10:27:09.0367 0x08d8  WUDFSensorLP - ok
10:27:09.0399 0x08d8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
10:27:09.0430 0x08d8  wudfsvc - ok
10:27:09.0446 0x08d8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs      C:\Windows\system32\DRIVERS\WUDFRd.sys
10:27:09.0461 0x08d8  WUDFWpdFs - ok
10:27:09.0492 0x08d8  [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc        C:\Windows\System32\wwansvc.dll
10:27:09.0524 0x08d8  WwanSvc - ok
10:27:09.0602 0x08d8  [ 86B8B1F5C1189D68B07666784BE882FE, 0DD8C627F3DDBDB61B1910540C465C0D62C9F8D84C7CBB6C80782DB02D535AF0 ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
10:27:09.0633 0x08d8  ZAtheros Bt and Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
10:27:11.0988 0x08d8  Detect skipped due to KSN trusted
10:27:11.0988 0x08d8  ZAtheros Bt and Wlan Coex Agent - ok
10:27:12.0004 0x08d8  ================ Scan global ===============================
10:27:12.0113 0x08d8  [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\Windows\system32\basesrv.dll
10:27:12.0160 0x08d8  [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\Windows\system32\winsrv.dll
10:27:12.0208 0x08d8  [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\Windows\system32\sxssrv.dll
10:27:12.0255 0x08d8  [ B6AEF1771CCA54B67DA4932753F74124, 83A353CAC6111C16EB880345E7D89DC9D56F0A3C79F854A4BB7DBABF7270C29F ] C:\Windows\system32\services.exe
10:27:12.0270 0x08d8  [ Global ] - ok
10:27:12.0270 0x08d8  ================ Scan MBR ==================================
10:27:12.0286 0x08d8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
10:27:12.0374 0x08d8  \Device\Harddisk0\DR0 - ok
10:27:12.0374 0x08d8  ================ Scan VBR ==================================
10:27:12.0378 0x08d8  [ F38E0FB475392BAF5B4250A17C7EDA02 ] \Device\Harddisk0\DR0\Partition1
10:27:12.0413 0x08d8  \Device\Harddisk0\DR0\Partition1 - ok
10:27:12.0427 0x08d8  [ 7A43A54DC5D63A9DD5B82E29FA1DEA31 ] \Device\Harddisk0\DR0\Partition2
10:27:12.0440 0x08d8  \Device\Harddisk0\DR0\Partition2 - ok
10:27:12.0458 0x08d8  [ C9991433A38E8A394D93D720CAB68013 ] \Device\Harddisk0\DR0\Partition3
10:27:12.0474 0x08d8  \Device\Harddisk0\DR0\Partition3 - ok
10:27:12.0490 0x08d8  [ CA139E4C6472338501A1B6ACD959D7E8 ] \Device\Harddisk0\DR0\Partition4
10:27:12.0490 0x08d8  \Device\Harddisk0\DR0\Partition4 - ok
10:27:12.0505 0x08d8  [ 99E53F60A582226485F9EF26C74FD1B4 ] \Device\Harddisk0\DR0\Partition5
10:27:12.0521 0x08d8  \Device\Harddisk0\DR0\Partition5 - ok
10:27:12.0552 0x08d8  [ 9FBEBEFE7AB1E417574FB7BEC629F1C3 ] \Device\Harddisk0\DR0\Partition6
10:27:12.0568 0x08d8  \Device\Harddisk0\DR0\Partition6 - ok
10:27:12.0568 0x08d8  ================ Scan generic autorun ======================
10:27:12.0694 0x08d8  [ 5E53A66C680A06E26B1234CB0C3CD99B, D782E724FF487459704BFA2BC5BA5E6E7E85BC9D71ECF68BE78F9C74449EB207 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
10:27:12.0725 0x08d8  RtHDVBg - ok
10:27:12.0757 0x08d8  [ ED47206E302E15253484AA9224362BFF, 33BF57956E50E72B547867EF462AF760F7E75675F6E5824204E21D8A748CE913 ] C:\Windows\system32\igfxtray.exe
10:27:12.0772 0x08d8  IgfxTray - ok
10:27:12.0803 0x08d8  [ F8F3CA80B4166EFF94A0882796789C64, 5EA9E83DCF10ABCBA8047B34846B470010DDDABC2B2DCBA1CA8098E1BC3A835F ] C:\Windows\system32\hkcmd.exe
10:27:12.0819 0x08d8  HotKeysCmds - ok
10:27:12.0850 0x08d8  [ 4918B31964E8FCFAE47E6786A75D21A1, E22F35E8E1223516D93AC8E8BB4C356BB3B36641E9EE800D5C88463BF27C17D7 ] C:\Windows\system32\igfxpers.exe
10:27:12.0866 0x08d8  Persistence - ok
10:27:12.0866 0x08d8  SynTPEnh - ok
10:27:12.0929 0x08d8  [ 690EB331346D7ADFDA18E50042DEA4B4, 0C219D7A5FCD4E0252C815373E67F843DBD7356FAE7AB836C451068B51438FE7 ] C:\Program Files\Classic Shell\ClassicStartMenu.exe
10:27:12.0941 0x08d8  Classic Start Menu - ok
10:27:13.0027 0x08d8  [ 04679E0DC30077EC1164BE82F2A2ADC9, E0193F0AE484DED0DD7F81407F0D98AC071F34358B9EA554DE3ADFC3BA1CBD60 ] C:\Program Files\McAfee.com\Agent\mcagent.exe
10:27:13.0062 0x08d8  mcui_exe - ok
10:27:13.0097 0x08d8  [ 2E2F360FF158A67F8128EFAAF974189C, 5EDAAF7CCF381B5E767030F2DC52C37F972C4EA36F33BD7D9C422F74AF232DDD ] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
10:27:13.0113 0x08d8  ISBMgr.exe - ok
10:27:13.0175 0x08d8  [ 717CECF8A6F55295A2A8B9ED4C64D800, DFB90D541F7EC5E23159B31E1E103DA4418B121E8C384CE054111A5FAFFE3CD5 ] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
10:27:13.0206 0x08d8  PMBVolumeWatcher - ok
10:27:13.0300 0x08d8  [ 3E04F1E482357B1FC8B088197C3D9FF8, 85524ADDC27ADC831EBBD24E079B412CFDC69E5F594BD153319087665A28D546 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
10:27:13.0333 0x08d8  Adobe ARM - ok
10:27:13.0414 0x08d8  [ 49CD8D25D932C5BF867EBFF00D432B75, D107F7736AC8D43CE93ABDE1A8038D8FE87779F25F41B3FD1E942DF439581236 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
10:27:13.0428 0x08d8  Intel AppUp(R) center - ok
10:27:13.0462 0x08d8  [ 04679E0DC30077EC1164BE82F2A2ADC9, E0193F0AE484DED0DD7F81407F0D98AC071F34358B9EA554DE3ADFC3BA1CBD60 ] C:\Program Files\McAfee.com\Agent\mcagent.exe
10:27:13.0482 0x08d8  mcpltui_exe - ok
10:27:13.0579 0x08d8  [ 2A3FB4C98F139038E23330D2439DB8A4, DE9253AD362B03FA5D3D4912662398E5C4AC76F7274B83E51C251A6921A5B838 ] C:\Users\dd\AppData\Local\Facebook\Update\FacebookUpdate.exe
10:27:13.0594 0x08d8  Facebook Update - ok
10:27:13.0594 0x08d8  Waiting for KSN requests completion. In queue: 80
10:27:14.0615 0x08d8  Waiting for KSN requests completion. In queue: 80
10:27:15.0624 0x08d8  Waiting for KSN requests completion. In queue: 80
10:27:16.0685 0x08d8  AV detected via SS2: McAfee Anti-Virus und Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x54000 ( disabled : updated )
10:27:16.0685 0x08d8  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x60100 ( disabled : updated )
10:27:16.0685 0x08d8  FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x52010 ( disabled )
10:27:16.0747 0x08d8  Win FW state via NFP2: enabled
10:27:19.0122 0x08d8  ============================================================
10:27:19.0122 0x08d8  Scan finished
10:27:19.0122 0x08d8  ============================================================
10:27:19.0122 0x14dc  Detected object count: 1
10:27:19.0122 0x14dc  Actual detected object count: 1
10:29:08.0043 0x14dc  VCFw ( UnsignedFile.Multi.Generic ) - skipped by user
10:29:08.0043 0x14dc  VCFw ( UnsignedFile.Multi.Generic ) - User select action: Skip

schrauber 05.05.2015 10:47
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

dan4550 29.05.2015 20:40
hallo schrauber,
zunächst einmal möchte ich mich herzlich für deine letzte antwort bedanken und mich für meine späte antwort entschuldigen.
hier die 3 logs, die ich machen sollte :

grüße
daniel


Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by dd (administrator) on DOROTHEA on 29-05-2015 21:25:38
Running from C:\Users\dd\Desktop
Loaded Profiles: dd (Available Profiles: Dorothea Röger & dd & Administrator)
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-10-10] (Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3928264 2015-05-27] (Synaptics Incorporated)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-04] (Intel Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [129664 2012-12-28] (Atheros Communications)
HKU\S-1-5-21-1182488276-301210562-3317401335-1004\...\Run: [Facebook Update] => C:\Users\dd\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-12-20] (Facebook Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2015-04-10]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
Startup: C:\Users\dd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Audials One 12.lnk [2015-04-08]
ShortcutTarget: Audials One 12.lnk -> C:\ProgramData\{18cb70ed-fbb3-231a-18cb-b70edfbbc3b7}\Audials One 12.exe (No File)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1182488276-301210562-3317401335-1004\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKU\S-1-5-21-1182488276-301210562-3317401335-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\tg2jj20g.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-18] ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll [2013-05-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-05-09] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-05-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-05-09] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll [2014-01-16] (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1182488276-301210562-3317401335-1004: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\dd\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Extension: Adblock Plus - C:\Users\dd\AppData\Roaming\Mozilla\Firefox\Profiles\tg2jj20g.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-10]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Translate) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-05-02]
CHR Extension: (YouTube) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-07]
CHR Extension: (Google Search) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-07]
CHR Extension: (Disable Youtube™ HTML5 Player) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\enmofgaijnbjpblfljopnpdogpldapoc [2015-04-18]
CHR Extension: (Bookmark Manager DEV) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-17]
CHR Extension: (Gmail) - C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-07]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros Commnucations) [File not signed]
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [639576 2013-05-10] (Sony Corporation)
S2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16024 2015-01-31] (Microsoft Corporation)
S2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-28] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-28] (Qualcomm Atheros)
R3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [428008 2012-12-28] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-05-27] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-29 21:25 - 2015-05-29 21:25 - 00000000 ____D () C:\Users\dd\Desktop\FRST-OlderVersion
2015-05-29 21:19 - 2015-05-29 21:19 - 00001888 _____ () C:\Users\dd\Desktop\JRT.txt
2015-05-29 21:17 - 2015-05-29 21:17 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-DOROTHEA-Windows-8-(64-bit).dat
2015-05-29 21:16 - 2015-05-29 21:16 - 00000000 ____D () C:\RegBackup
2015-05-29 21:13 - 2015-05-29 21:13 - 02948651 _____ (Thisisu) C:\Users\dd\Desktop\JRT.exe
2015-05-29 20:58 - 2015-05-29 21:01 - 00000000 ____D () C:\AdwCleaner
2015-05-29 20:54 - 2015-05-29 20:54 - 00000000 ____D () C:\Users\dd\Desktop\httpwww.trojaner-board.de166672-windows-8-datentraeger-0-c-staendig-100-leistung-laptop-sehr-langsam.html#post1462739
2015-05-29 20:49 - 2015-05-29 20:49 - 02222592 _____ () C:\Users\dd\Desktop\AdwCleaner_4.205.exe
2015-05-28 15:51 - 2015-05-28 15:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-05-28 15:51 - 2015-05-28 15:51 - 00000000 ____D () C:\Windows\LastGood
2015-05-28 13:11 - 2015-05-28 15:44 - 00000000 ____D () C:\ProgramData\Synaptics
2015-05-28 13:11 - 2015-05-28 13:11 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-05-28 13:10 - 2015-05-28 13:11 - 00000000 ____D () C:\Windows\LastGood.Tmp
2015-05-27 11:13 - 2015-05-27 11:13 - 01804696 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00626888 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys
2015-05-27 11:13 - 2015-05-27 11:13 - 00419528 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCom.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00267976 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00249032 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo27.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00042696 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2015-05-26 14:49 - 2015-05-26 14:49 - 00000000 ____D () C:\Users\dd\Desktop\1und1 kundenrückgewinnung 08003332232
2015-05-17 00:00 - 2015-05-17 00:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-15 13:59 - 2015-05-15 13:59 - 00000000 ____D () C:\ProgramData\Sony
2015-05-13 12:34 - 2015-04-30 15:07 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 12:34 - 2015-04-30 15:07 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 12:29 - 2015-04-13 07:32 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 12:29 - 2015-04-13 07:30 - 01839616 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 12:29 - 2015-04-13 07:30 - 01280512 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 12:29 - 2015-04-13 06:05 - 01416192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 12:29 - 2015-04-13 05:25 - 04063744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 12:29 - 2015-03-12 07:31 - 01688576 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-05-13 12:28 - 2015-04-21 16:33 - 14374400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 12:28 - 2015-04-21 16:33 - 13771776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 12:28 - 2015-04-21 16:33 - 02864640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 12:28 - 2015-04-21 16:33 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 12:28 - 2015-04-21 16:33 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 12:28 - 2015-04-21 16:33 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 12:28 - 2015-04-21 16:33 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-05-13 12:28 - 2015-04-21 16:33 - 00690176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 12:28 - 2015-04-21 16:33 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 12:28 - 2015-04-21 16:33 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 12:28 - 2015-04-21 16:33 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 12:28 - 2015-04-21 16:33 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 12:28 - 2015-04-21 16:33 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 12:28 - 2015-04-21 16:33 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 12:28 - 2015-04-21 16:32 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 12:28 - 2015-04-21 15:53 - 02237440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 12:28 - 2015-04-21 15:53 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 12:28 - 2015-04-21 15:53 - 00601600 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 12:28 - 2015-04-21 15:52 - 19291136 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 12:28 - 2015-04-21 15:52 - 15414784 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 12:28 - 2015-04-21 15:52 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 12:28 - 2015-04-21 15:52 - 02656768 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 12:28 - 2015-04-21 15:52 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 12:28 - 2015-04-21 15:52 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-05-13 12:28 - 2015-04-21 15:52 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 12:28 - 2015-04-21 15:52 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 12:28 - 2015-04-21 15:52 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 12:28 - 2015-04-21 15:52 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 12:28 - 2015-04-21 15:52 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 12:28 - 2015-04-18 04:37 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 12:28 - 2015-04-18 04:34 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 12:27 - 2015-05-02 08:28 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 12:27 - 2015-05-02 05:59 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 12:27 - 2015-05-02 05:36 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 12:27 - 2015-04-14 00:09 - 00570248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-13 12:27 - 2015-04-06 07:36 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-05-13 12:27 - 2015-04-06 06:08 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-05-13 12:27 - 2015-03-14 02:55 - 00410017 _____ () C:\Windows\system32\ApnDatabase.xml
2015-05-13 12:27 - 2015-03-12 07:31 - 02048000 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 12:27 - 2015-03-12 07:31 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2015-05-13 12:27 - 2015-03-12 05:52 - 01933312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-13 12:27 - 2015-03-04 08:41 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 12:27 - 2015-03-04 08:39 - 00632832 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 12:27 - 2015-03-04 08:39 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 12:27 - 2015-03-04 06:53 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 12:27 - 2015-03-04 06:52 - 00676864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 12:27 - 2015-02-18 09:39 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 12:27 - 2015-02-18 09:38 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2015-05-12 16:07 - 2015-05-12 16:07 - 00000000 ____D () C:\Users\dd\Desktop\auf www.tedi.com bewerben unter karriere
2015-05-12 15:59 - 2015-05-12 15:59 - 00000000 ____D () C:\Users\dd\Desktop\joeys langenhahn ab 17uhr  0911  92383150
2015-05-12 15:34 - 2015-05-12 15:34 - 00000000 ____D () C:\Users\dd\Desktop\admiral kino  für gleich für gastro bewerben  ab september für alles  angeben dass ich mit sarah telefoniert hab  bewerbung per email an frau mattern
2015-05-12 12:48 - 2015-05-12 12:48 - 00000000 ____D () C:\Users\dd\Desktop\meine sachbearbeiterin bei der metzinger bkk 07141 299597303  leistungsfragen 07141  299597312
2015-05-12 03:13 - 2015-05-29 20:11 - 00000000 ____D () C:\Users\HomeGroupUser$
2015-05-12 03:13 - 2015-05-29 20:11 - 00000000 ____D () C:\Users\Gast
2015-05-12 03:13 - 2015-05-12 03:13 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Packages
2015-05-12 03:13 - 2015-05-12 03:13 - 00000000 ____D () C:\Users\Gast\AppData\Local\Packages
2015-05-11 11:35 - 2015-05-11 11:35 - 00000000 ____D () C:\Users\dd\Desktop\andrea.kirstgen@querzola.demichael797mui208
2015-05-05 09:59 - 2015-05-05 09:59 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\dd\Desktop\tdsskiller.exe
2015-05-05 03:05 - 2015-05-05 03:05 - 00002292 _____ () C:\Users\dd\Desktop\gmer.log
2015-05-05 02:50 - 2015-05-05 02:50 - 00380416 _____ () C:\Users\dd\Desktop\Gmer-19357.exe
2015-05-05 02:49 - 2015-05-05 02:49 - 00033273 _____ () C:\Users\dd\Desktop\Addition.txt
2015-05-05 02:48 - 2015-05-29 21:25 - 00015540 _____ () C:\Users\dd\Desktop\FRST.txt
2015-05-05 02:47 - 2015-05-29 21:25 - 00000000 ____D () C:\FRST
2015-05-05 02:46 - 2015-05-29 21:25 - 02108928 _____ (Farbar) C:\Users\dd\Desktop\FRST64.exe
2015-05-05 02:43 - 2015-05-05 02:44 - 00000466 _____ () C:\Users\dd\Desktop\defogger_disable.log
2015-05-05 02:43 - 2015-05-05 02:43 - 00000000 _____ () C:\Users\dd\defogger_reenable
2015-05-05 02:41 - 2015-05-05 02:41 - 00050477 _____ () C:\Users\dd\Desktop\Defogger.exe
2015-05-05 00:47 - 2015-05-05 00:47 - 00001456 _____ () C:\Users\dd\Desktop\mbam.txt
2015-04-30 06:00 - 2015-04-30 06:00 - 00002401 _____ () C:\Users\dd\Desktop\Market Leader Upper-Intermediate 3rd Edition.lnk
2015-04-30 06:00 - 2015-04-30 06:00 - 00000000 __SHD () C:\Windows\ftpcache
2015-04-30 06:00 - 2015-04-30 06:00 - 00000000 ___HD () C:\Program Files (x86)\InstallJammer Registry
2015-04-30 05:58 - 2015-04-30 05:58 - 00000000 ____D () C:\Users\dd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pearson
2015-04-30 05:47 - 2015-04-30 05:47 - 00000000 ____D () C:\Program Files (x86)\Pearson

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-29 21:11 - 2013-05-08 23:24 - 01512703 _____ () C:\Windows\WindowsUpdate.log
2015-05-29 21:08 - 2014-09-05 13:18 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1182488276-301210562-3317401335-1004
2015-05-29 21:04 - 2015-04-09 14:58 - 00000000 ____D () C:\Users\dd\AppData\Roaming\ClassicShell
2015-05-29 21:03 - 2015-04-07 18:34 - 00001132 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-29 21:03 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-29 21:02 - 2015-04-18 13:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-29 21:02 - 2013-05-09 00:12 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2015-05-29 21:02 - 2012-08-03 04:22 - 00027882 _____ () C:\Windows\PFRO.log
2015-05-29 21:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2015-05-29 20:44 - 2015-04-07 18:34 - 00001136 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-29 20:22 - 2014-12-20 00:17 - 00000934 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1182488276-301210562-3317401335-1004UA.job
2015-05-29 20:17 - 2013-05-09 00:38 - 00000000 ____D () C:\Program Files\McAfeeEx
2015-05-29 20:13 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-05-29 20:04 - 2012-07-26 07:26 - 00524288 ___SH () C:\Windows\system32\config\BBI
2015-05-29 16:40 - 2015-03-22 21:38 - 00000000 ____D () C:\Users\dd\Desktop\Neuer Ordner
2015-05-28 23:22 - 2014-12-20 00:17 - 00000912 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1182488276-301210562-3317401335-1004Core.job
2015-05-28 15:51 - 2013-05-08 23:57 - 00030452 _____ () C:\Windows\DPINST.LOG
2015-05-28 15:51 - 2012-07-26 09:21 - 00356822 _____ () C:\Windows\setupact.log
2015-05-28 15:51 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-05-28 15:50 - 2015-04-09 23:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-27 21:16 - 2014-09-08 09:49 - 00000000 ____D () C:\Users\dd\AppData\Local\CrashDumps
2015-05-27 11:13 - 2012-10-23 22:06 - 00764104 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2015-05-17 16:39 - 2015-04-07 18:34 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-17 16:39 - 2015-04-07 18:34 - 00003872 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-17 14:01 - 2013-05-09 00:34 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-16 15:33 - 2015-03-18 09:29 - 00319720 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-16 15:32 - 2015-04-07 23:02 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-16 15:32 - 2015-04-07 23:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-16 15:28 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2015-05-16 15:28 - 2012-07-26 09:52 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-16 15:28 - 2012-07-26 07:38 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-15 14:06 - 2015-04-23 20:15 - 00000000 ____D () C:\Users\dd\AppData\Roaming\iolo
2015-05-15 13:59 - 2013-05-09 00:15 - 00000000 ____D () C:\Program Files\Sony
2015-05-15 13:59 - 2013-05-09 00:15 - 00000000 ____D () C:\Program Files (x86)\Sony
2015-05-13 12:48 - 2014-09-05 23:05 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-13 12:34 - 2014-09-05 23:05 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 12:31 - 2015-04-07 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-12 03:13 - 2013-09-16 22:59 - 00000000 ____D () C:\Update
2015-05-12 03:13 - 2012-08-03 04:25 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Packages
2015-05-05 19:49 - 2015-02-06 16:20 - 00792032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-05 19:49 - 2015-02-06 16:20 - 00177632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-05 02:43 - 2014-09-05 00:47 - 00000000 ____D () C:\Users\dd
2015-05-05 01:30 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2015-05-05 00:13 - 2015-04-08 14:25 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-01 13:14 - 2013-05-09 00:14 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2015-05-01 13:14 - 2013-05-09 00:14 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2015-05-01 13:14 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI

==================== Files in the root of some directories =======

2006-12-11 19:13 - 2006-12-11 19:13 - 0097336 _____ (Un4seen Developments) C:\Users\dd\AppData\Local\bass.dll
2006-12-11 19:13 - 2006-12-11 19:13 - 0013872 _____ (Un4seen Developments) C:\Users\dd\AppData\Local\basscd.dll
2007-08-13 17:46 - 2007-08-13 17:46 - 0102912 _____ (Albert L Faber) C:\Users\dd\AppData\Local\CDRip.dll
2007-08-13 17:46 - 2007-08-13 17:46 - 0155136 _____ () C:\Users\dd\AppData\Local\lame_enc.dll
2007-01-18 21:09 - 2007-01-18 21:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\dd\AppData\Local\No23 Recorder.exe
2005-08-23 22:34 - 2005-08-23 22:34 - 0029184 _____ () C:\Users\dd\AppData\Local\no23xwrapper.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 0015872 _____ () C:\Users\dd\AppData\Local\ogg.dll
2015-04-08 01:05 - 2015-04-09 20:17 - 0001489 _____ () C:\Users\dd\AppData\Local\RecConfig.xml
2015-04-08 14:14 - 2015-04-08 14:14 - 0011772 _____ () C:\Users\dd\AppData\Local\Temp-log.txt
2006-10-26 01:06 - 2006-10-26 01:06 - 0143872 _____ () C:\Users\dd\AppData\Local\vorbis.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 0064000 _____ () C:\Users\dd\AppData\Local\vorbisenc.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 0019456 _____ () C:\Users\dd\AppData\Local\vorbisfile.dll
2015-04-09 19:40 - 2015-04-09 19:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\dd\AppData\Local\Temp\0206831432923072mcinst.exe
C:\Users\dd\AppData\Local\Temp\Quarantine.exe
C:\Users\dd\AppData\Local\Temp\sqlite3.dll
C:\Users\dd\AppData\Local\Temp\tmpA2FB.tmp.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-27 10:24

==================== End of log ============================



Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.8.4 (05.29.2015:1)
OS: Windows 8 x64
Ran by dd on 29.05.2015 at 21:16:47,19
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\Users\dd\appdata\local\google\chrome\user data\default\local storage\chrome-extension_gkojfkhlekighikafcpjkiklfbnlmeio_0.localstorage
Successfully deleted: [File] C:\Users\dd\appdata\local\google\chrome\user data\default\local storage\chrome-extension_gkojfkhlekighikafcpjkiklfbnlmeio_0.localstorage-journal



~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\18061483429812477594



~~~ Chrome

Failed to delete: [Folder] C:\Users\dd\appdata\local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio

[C:\Users\dd\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\dd\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
gkojfkhlekighikafcpjkiklfbnlmeio
icpgjfneehieebagbmdbhnlpiopdcmna

[C:\Users\dd\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\dd\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
  bopakagnckmlgajfccecajhnimjiiedh,
  gkojfkhlekighikafcpjkiklfbnlmeio,
  icpgjfneehieebagbmdbhnlpiopdcmna
]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29.05.2015 at 21:19:28,64
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Code:
# AdwCleaner v4.205 - Bericht erstellt 29/05/2015 um 21:01:43
# Aktualisiert 21/05/2015 von Xplode
# Datenbank : 2015-05-25.3 [Server]
# Betriebssystem : Windows 8  (x64)
# Benutzername : dd - DOROTHEA
# Gestarted von : C:\Users\dd\Desktop\AdwCleaner_4.205.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : 0206831432923072mcinstcleanup

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\{18cb70ed-fbb3-231a-18cb-b70edfbbc3b7}
Ordner Gelöscht : C:\ProgramData\{4d1e6255-623a-349b-4d1e-e62556238955}
Ordner Gelöscht : C:\Program Files (x86)\bestadblocker
Ordner Gelöscht : C:\Program Files (x86)\SalePelus
Ordner Gelöscht : C:\Program Files (x86)\SaulePlus
Ordner Gelöscht : C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna
Ordner Gelöscht : C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Ordner Gelöscht : C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Ordner Gelöscht : C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Ordner Gelöscht : C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Ordner Gelöscht : C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejcnhmeicafddjdaeecddemnhnomiaai
Ordner Gelöscht : C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
[/!\] Nicht Gelöscht ( Junction ) : C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna
Ordner Gelöscht : C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Ordner Gelöscht : C:\ProgramData\dpjmahebnogcclmemjfpppkoebfbnjnp
Datei Gelöscht : C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\icpgjfneehieebagbmdbhnlpiopdcmna
Datei Gelöscht : C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cfhdojbkjhnklbpkdaibdccddilifddb_0.localstorage
Datei Gelöscht : C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cfhdojbkjhnklbpkdaibdccddilifddb_0.localstorage-journal
Datei Gelöscht : C:\Users\dd\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\icpgjfneehieebagbmdbhnlpiopdcmna
Datei Gelöscht : C:\Users\Administrator\Favorites\eBay.lnk

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E7E31D58-524A-497F-BDA0-7C1B4D0E7D8D}
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\simplytech
Schlüssel Gelöscht : HKCU\Software\Linkey
Schlüssel Gelöscht : HKLM\SOFTWARE\AskPartnerNetwork
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\SearchProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\SpeedBit
Schlüssel Gelöscht : HKLM\SOFTWARE\AIM Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey

***** [ Internetbrowser ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Mozilla Firefox v38.0.1 (x86 de)


-\\ Google Chrome v43.0.2357.81


*************************

AdwCleaner[R0].txt - [4097 Bytes] - [29/05/2015 20:59:38]
AdwCleaner[S0].txt - [3785 Bytes] - [29/05/2015 21:01:43]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3844  Bytes] ##########

schrauber 30.05.2015 14:13

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 23:25 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55