Trojaner-Board - Gema Trojaner paysafe card

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - Gema Trojaner paysafe card (https://www.trojaner-board.de/117202-gema-trojaner-paysafe-card.html)

Bitte jetzt routinemäßig einen Vollscan mit malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Die Funde mit Malwarebytes bitte alle entfernen, sodass sie in der Quarantäne von Malwarebytes aufgehoben werden! NICHTS voreilig aus der Quarantäne entfernen!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

hier steht das Log

So hier die Logs von Malwarebytes (ich habe 2 scans gemacht, da es beim ersten nichts gefunden hat, beim zweiten hat es allerdings auch nichts gefunden.):
Log 1:

Code:

Malwarebytes Anti-Malware (Test) 1.61.0.1400

www.malwarebytes.org
 

Datenbank Version: v2012.06.25.08
 

Windows 7 x64 NTFS

Internet Explorer 9.0.8112.16421

Frederik :: FREDERIK-VAIO [Administrator]
 

Schutz: Aktiviert
 

25.06.2012 17:48:18

mbam-log-2012-06-25 (17-48-18).txt
 

Art des Suchlaufs: Vollständiger Suchlauf

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 503198

Laufzeit: 2 Stunde(n), 2 Minute(n), 44 Sekunde(n)
 

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien: 0

(Keine bösartigen Objekte gefunden)
 

(Ende)

Log 2:

Code:

Malwarebytes Anti-Malware (Test) 1.61.0.1400

www.malwarebytes.org
 

Datenbank Version: v2012.06.25.08
 

Windows 7 x64 NTFS

Internet Explorer 9.0.8112.16421

Frederik :: FREDERIK-VAIO [Administrator]
 

Schutz: Aktiviert
 

26.06.2012 06:46:19

mbam-log-2012-06-26 (06-46-19).txt
 

Art des Suchlaufs: Vollständiger Suchlauf

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 503097

Laufzeit: 1 Stunde(n), 55 Minute(n), 17 Sekunde(n)
 

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien: 0

(Keine bösartigen Objekte gefunden)
 

(Ende)

Hier das Log von ESET:

Code:

ESETSmartInstaller@High as downloader log:

Can not read file from internet.ESETSmartInstaller@High as downloader log:

Can not read file from internet.# version=7

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=6bc743879891d448ae8062c40b91b5eb

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2012-06-25 10:12:31

# local_time=2012-06-26 12:12:31 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# lang=1033

# osver=6.1.7600 NT 

# compatibility_mode=1792 16777215 100 0 21991557 21991557 0 0

# compatibility_mode=5893 16776573 100 94 14426 92285591 0 0

# compatibility_mode=8192 67108863 100 0 8513 8513 0 0

# scanned=293305

# found=4

# cleaned=0

# scan_time=6609

C:\Users\Frederik\AppData\Local\Temp\SetupDataMngr_Searchqu.exe        a variant of Win32/Toolbar.SearchSuite application (unable to clean)        00000000000000000000000000000000        I

C:\Users\Frederik\AppData\Local\Temp\V.class        a variant of Java/Agent.EQ trojan (unable to clean)        00000000000000000000000000000000        I

C:\Users\Frederik\AppData\Local\Temp\InstallShare31934\bab_setup.exe        Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I

C:\Users\Frederik\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\2dc6857b-295957be        Java/Exploit.Agent.NCI trojan (unable to clean)        00000000000000000000000000000000        I

Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

Hmm, es ist Zwar nicht mein Laptop, aber ich hab mal drübergeschaut, es fehlt eigentlich nichts, und der normale Windows Modus hat bisher auch noch keine Probleme gemacht.

gruß Martin

Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

hier steht das Log

CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Setze oben mittig den Haken bei Scanne alle Benutzer
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die http://billy-oneal.com/Canned%20Spee.../customFix.png Textbox von OTL - wenn OTL auf deutsch ist wird sie mit http://larusso.trojaner-board.de/Images/otlfix.jpg beschriftet

Code:

netsvcs

msconfig

safebootminimal

safebootnetwork

activex

drivers32

%ALLUSERSPROFILE%\Application Data\*.

%ALLUSERSPROFILE%\Application Data\*.exe /s

%APPDATA%\*.

%APPDATA%\*.exe /s

%SYSTEMDRIVE%\*.exe

/md5start

wininit.exe

userinit.exe

eventlog.dll

scecli.dll

netlogon.dll

cngaudit.dll

ws2ifsl.sys

sceclt.dll

ntelogon.dll

winlogon.exe

logevent.dll

user32.DLL

iaStor.sys

nvstor.sys

atapi.sys

IdeChnDr.sys

viasraid.sys

AGP440.sys

vaxscsi.sys

nvatabus.sys

viamraid.sys

nvata.sys

nvgts.sys

iastorv.sys

ViPrt.sys

eNetHook.dll

ahcix86.sys

KR10N.sys

nvstor32.sys

ahcix86s.sys

/md5stop

%systemroot%\system32\drivers\*.sys /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf http://billy-oneal.com/Canned%20Spee.../OTL/btnOK.png.
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

Ok, hier ist die OTL.txt

Code:

OTL logfile created on: 27.06.2012 14:25:35 - Run 1

OTL by OldTimer - Version 3.2.53.0     Folder = C:\Users\Frederik\Downloads

64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,86 Gb Total Physical Memory | 1,91 Gb Available Physical Memory | 49,61% Memory free

7,71 Gb Paging File | 5,25 Gb Available in Paging File | 68,09% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 452,23 Gb Total Space | 295,71 Gb Free Space | 65,39% Space Free | Partition Type: NTFS

Drive D: | 389,26 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

 

Computer Name: FREDERIK-VAIO | User Name: Frederik | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2012.06.27 14:20:52 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Frederik\Downloads\OTL.exe

PRC - [2012.05.27 17:38:35 | 000,932,528 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

PRC - [2012.05.24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Frederik\AppData\Roaming\Dropbox\bin\Dropbox.exe

PRC - [2012.05.08 13:56:41 | 000,466,896 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe

PRC - [2012.05.08 13:56:41 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

PRC - [2012.05.08 13:56:41 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

PRC - [2012.05.08 13:56:41 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

PRC - [2012.04.12 10:56:46 | 000,445,624 | ---- | M] (Sony) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe

PRC - [2012.04.11 15:47:44 | 000,072,192 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe

PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2012.04.04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

PRC - [2011.02.14 13:23:50 | 000,044,736 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Care\VCService.exe

PRC - [2011.01.29 05:36:18 | 000,081,016 | ---- | M] (Sony of America Corporation) -- C:\Programme\Sony\VAIO Care\listener.exe

PRC - [2010.06.17 12:44:10 | 000,851,824 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe

PRC - [2010.06.01 03:01:56 | 000,367,456 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe

PRC - [2010.06.01 03:01:54 | 000,600,928 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

PRC - [2010.05.31 19:18:32 | 000,217,968 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe

PRC - [2010.05.31 19:18:32 | 000,120,176 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe

PRC - [2010.05.31 17:01:52 | 000,673,136 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe

PRC - [2010.05.28 22:02:57 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

PRC - [2010.05.28 22:02:38 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

PRC - [2010.03.04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

PRC - [2010.03.04 05:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

PRC - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

PRC - [2007.12.12 09:29:26 | 000,036,864 | ---- | M] () -- C:\Megatech\MProtect\MPServ.exe

PRC - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

PRC - [2007.01.04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2012.06.26 03:47:35 | 011,824,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\84fbf353f91385690a3e4e982aa6930e\System.Web.ni.dll

MOD - [2012.06.26 03:47:13 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll

MOD - [2012.06.26 03:47:07 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll

MOD - [2012.05.27 17:38:35 | 000,932,528 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

MOD - [2012.05.11 16:02:27 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\73baa23d28d21c7c01e334211330a84e\IAStorUtil.ni.dll

MOD - [2012.05.11 14:20:40 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0c00b1a8336dd4c1bd1ebce7780f20b4\System.Runtime.Remoting.ni.dll

MOD - [2012.05.11 14:19:45 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b68fdf2c95b93fc5006a092c11eed07c\WindowsBase.ni.dll

MOD - [2012.05.11 14:19:39 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5c85c9c42e1b8a8760de82ecb4c7d582\System.Xml.ni.dll

MOD - [2012.05.11 14:19:36 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb079eab134fd1a752ad91db13274110\System.Configuration.ni.dll

MOD - [2012.05.11 14:19:35 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll

MOD - [2012.05.11 14:19:27 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll

MOD - [2012.04.18 16:30:36 | 000,583,168 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll

MOD - [2012.04.11 15:47:44 | 000,072,192 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe

MOD - [2012.04.03 12:30:52 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll

MOD - [2011.11.23 18:38:58 | 000,205,824 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll

MOD - [2011.07.07 14:54:36 | 000,233,984 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll

MOD - [2010.07.31 01:23:18 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll

MOD - [2010.07.31 01:23:15 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll

MOD - [2010.01.11 16:44:54 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV:64bit: - [2011.01.29 05:36:18 | 000,259,192 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)

SRV:64bit: - [2010.10.08 08:55:08 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV - [2012.06.25 18:22:19 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012.05.08 13:56:41 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2012.05.08 13:56:41 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2012.05.06 16:04:42 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2012.01.18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)

SRV - [2011.09.23 15:37:08 | 001,429,608 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Update Common\VUAgent.exe -- (VUAgent)

SRV - [2011.02.14 13:23:50 | 000,044,736 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Care\VCService.exe -- (VCService)

SRV - [2010.10.22 14:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)

SRV - [2010.07.30 15:40:25 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2010.06.21 18:00:52 | 000,575,856 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)

SRV - [2010.06.20 21:47:18 | 000,108,400 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)

SRV - [2010.06.20 21:47:16 | 000,067,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)

SRV - [2010.06.18 07:07:12 | 000,423,280 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)

SRV - [2010.06.17 12:44:10 | 000,851,824 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)

SRV - [2010.06.09 15:57:16 | 000,101,232 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)

SRV - [2010.06.09 15:56:02 | 000,384,880 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)

SRV - [2010.06.09 15:55:00 | 000,537,456 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)

SRV - [2010.06.08 23:55:14 | 000,952,096 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)

SRV - [2010.06.08 17:00:04 | 000,836,608 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)

SRV - [2010.06.06 22:13:46 | 000,304,496 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)

SRV - [2010.06.01 15:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)

SRV - [2010.06.01 03:01:56 | 000,367,456 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)

SRV - [2010.05.31 19:18:32 | 000,217,968 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)

SRV - [2010.05.28 22:02:57 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)

SRV - [2010.05.28 22:02:38 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)

SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)

SRV - [2010.03.04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)

SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)

SRV - [2009.10.09 05:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)

SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)

SRV - [2007.12.12 09:29:26 | 000,036,864 | ---- | M] () [Auto | Running] -- C:\Megatech\MProtect\MPServ.exe -- (Megatech-Software-Protection)

SRV - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)

SRV - [2007.01.04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2012.05.08 13:56:41 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)

DRV:64bit: - [2012.05.08 13:56:41 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)

DRV:64bit: - [2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2012.03.01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011.10.11 15:00:01 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)

DRV:64bit: - [2011.09.24 19:21:08 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)

DRV:64bit: - [2011.09.24 19:21:08 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)

DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2011.01.07 17:02:28 | 000,045,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)

DRV:64bit: - [2011.01.06 20:37:02 | 000,051,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB)

DRV:64bit: - [2010.10.08 08:55:08 | 006,661,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)

DRV:64bit: - [2010.10.08 08:55:08 | 006,661,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)

DRV:64bit: - [2010.10.08 08:55:08 | 000,195,584 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2010.07.12 20:36:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

DRV:64bit: - [2010.06.24 22:34:53 | 000,271,872 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)

DRV:64bit: - [2010.06.24 22:33:43 | 010,326,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2010.06.23 22:04:45 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)

DRV:64bit: - [2010.06.23 22:04:43 | 000,342,056 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)

DRV:64bit: - [2010.06.23 22:04:43 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)

DRV:64bit: - [2010.06.23 22:04:43 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)

DRV:64bit: - [2010.06.23 22:04:09 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)

DRV:64bit: - [2010.06.23 22:03:07 | 000,078,848 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe)

DRV:64bit: - [2010.06.23 22:02:59 | 000,094,208 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci)

DRV:64bit: - [2010.06.17 10:04:04 | 000,014,848 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBTUSB.sys -- (VBTUSB)

DRV:64bit: - [2010.05.31 23:36:54 | 000,299,568 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)

DRV:64bit: - [2010.05.31 23:36:48 | 000,402,720 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)

DRV:64bit: - [2010.05.31 23:36:41 | 001,573,888 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)

DRV:64bit: - [2010.05.31 22:10:13 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)

DRV:64bit: - [2010.05.28 22:03:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)

DRV:64bit: - [2010.05.28 22:02:36 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)

DRV:64bit: - [2010.04.26 22:20:29 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)

DRV:64bit: - [2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2009.10.10 04:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)

DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009.05.26 14:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)

DRV:64bit: - [2007.11.02 13:22:30 | 000,145,448 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s217mdm.sys -- (s217mdm)

DRV:64bit: - [2007.11.02 13:22:30 | 000,138,792 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s217unic.sys -- (s217unic) Sony Ericsson Device 217 USB Ethernet Emulation SEMC217 (WDM)

DRV:64bit: - [2007.11.02 13:22:30 | 000,124,968 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s217obex.sys -- (s217obex)

DRV:64bit: - [2007.11.02 13:22:30 | 000,033,832 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s217nd5.sys -- (s217nd5) Sony Ericsson Device 217 USB Ethernet Emulation SEMC217 (NDIS)

DRV:64bit: - [2007.11.02 13:22:28 | 000,108,072 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s217bus.sys -- (s217bus) Sony Ericsson Device 217 driver (WDM)

DRV:64bit: - [2007.11.02 13:22:28 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s217mdfl.sys -- (s217mdfl)

DRV:64bit: - [2007.04.17 11:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)

DRV:64bit: - [2007.04.17 11:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (6077757b)

DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}

IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = hxxp://www.searchqu.com/web?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms}

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}

IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = hxxp://www.searchqu.com/web?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms}

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Frederik\Desktop

IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE

IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/

IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\URLSearchHook:  - No CLSID value found

IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - No CLSID value found

IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}

IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SVEE_enDE412

IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\SearchScopes\{72344400-8F20-4959-B4E9-956718E805DF}: "URL" = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices

IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\SearchScopes\{908F9AEF-5D8C-478A-A424-C308A5274D52}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms}

IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = hxxp://www.searchqu.com/web?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms}

IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\SearchScopes\{C3344A8E-9DE1-45B5-A8CA-1928CD9123FE}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825

IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\SearchScopes\{EDA43DA9-9B5D-4D02-A3D2-96BA0018368D}: "URL" = hxxp://de.shopping.com/?linkin_id=8056363

IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"

FF - prefs.js..browser.search.defaultthis.engineName: "Winload Customized Web Search"

FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?SSPV=FFOB8&ctid=CT2319825&SearchSource=3&q={searchTerms}"

FF - prefs.js..browser.search.order.1: "Searchqu Web Search"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.search.suggest.enabled: false

FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"

FF - user.js - File not found

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Frederik\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.12.28 19:46:03 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.05.17 20:57:59 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.05.17 20:57:59 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.12.28 19:46:03 | 000,000,000 | ---D | M]

 

[2011.10.11 22:46:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Frederik\AppData\Roaming\mozilla\Extensions

[2012.05.05 21:29:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Frederik\AppData\Roaming\mozilla\Firefox\Profiles\1g7tcssw.default\extensions

[2011.07.23 19:46:17 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Frederik\AppData\Roaming\mozilla\Firefox\Profiles\1g7tcssw.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

[2012.05.03 18:54:14 | 000,000,947 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\conduit.xml

[2012.06.26 13:36:38 | 000,000,950 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-1.xml

[2011.08.27 22:34:03 | 000,000,950 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-2.xml

[2011.09.02 11:48:36 | 000,000,950 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-3.xml

[2011.09.07 09:49:45 | 000,000,950 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-4.xml

[2011.09.27 17:29:38 | 000,000,950 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-5.xml

[2011.10.11 22:25:30 | 000,000,950 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-6.xml

[2011.11.10 19:21:29 | 000,000,950 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-7.xml

[2011.06.28 23:24:38 | 000,001,056 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin.xml

[2011.10.11 21:47:53 | 000,002,520 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\SearchResults.xml

[2012.01.13 21:06:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[2012.05.06 16:04:42 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

[2012.05.05 17:22:37 | 000,378,880 | ---- | M] (InfiniAd GmbH) -- C:\Program Files (x86)\mozilla firefox\plugins\npmieze.dll

[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2011.10.11 21:47:53 | 000,002,520 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml

[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

 
 ========== Chrome  ==========

 

CHR - default_search_provider: Web Search (Enabled)

CHR - default_search_provider: search_url = hxxp://www.searchqu.com/web?src=crb&appid=0&systemid=410&sr=0&q={searchTerms}

CHR - default_search_provider: suggest_url = 

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\pdf.dll

CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\gears.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\gcswf32.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java(TM) Platform SE 6 U20 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.2.183.23\npGoogleOneClick8.dll

CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

 

O1 HOSTS File: ([2012.06.25 06:24:44 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1       localhost

O1 - Hosts: ::1       localhost

O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)

O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)

O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O3 - HKLM\..\Toolbar: (loadtbs) - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} - C:\Users\Frederik\AppData\Roaming\loadtbs\toolbar.dll (InfiniAd GmbH)

O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)

O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)

O4:64bit: - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)

O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)

O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)

O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)

O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-1297331777-4265084911-555462683-1000..\Run: [Facebook Update] "C:\Users\Frederik\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver File not found

O4 - HKU\S-1-5-21-1297331777-4265084911-555462683-1000..\Run: [Sony PC Companion] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony)

O4 - HKU\S-1-5-21-1297331777-4265084911-555462683-1000..\Run: [Spotify Web Helper] C:\Users\Frederik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - Startup: C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Frederik\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found

O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Frederik\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html File not found

O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found

O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Frederik\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html File not found

O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found

O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)

O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 10.0.0)

O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16:64bit: - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)

O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.18.0.5 212.18.3.5

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC863AAA-54E2-4F05-A57B-5B003D0368DB}: DhcpNameServer = 212.18.0.5 212.18.3.5

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C3FA99C0-6D20-46D3-A571-87208C430CB4}: DhcpNameServer = 192.168.43.1

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{1ae3e3c3-e469-11e0-a967-a7bfb79dcbb5}\Shell - "" = AutoRun

O33 - MountPoints2\{1ae3e3c3-e469-11e0-a967-a7bfb79dcbb5}\Shell\AutoRun\command - "" = E:\Startme.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

 

 

SafeBootMin:64bit: AppMgmt - Service

SafeBootMin:64bit: Base - Driver Group

SafeBootMin:64bit: Boot Bus Extender - Driver Group

SafeBootMin:64bit: Boot file system - Driver Group

SafeBootMin:64bit: File system - Driver Group

SafeBootMin:64bit: Filter - Driver Group

SafeBootMin:64bit: HelpSvc - Service

SafeBootMin:64bit: MCODS - Reg Error: Value error.

SafeBootMin:64bit: PCI Configuration - Driver Group

SafeBootMin:64bit: PNP Filter - Driver Group

SafeBootMin:64bit: Primary disk - Driver Group

SafeBootMin:64bit: sacsvr - Service

SafeBootMin:64bit: SCSI Class - Driver Group

SafeBootMin:64bit: System Bus Extender - Driver Group

SafeBootMin:64bit: vmms - Service

SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootMin: AppMgmt - Service

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: MCODS - Reg Error: Value error.

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vmms - Service

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

SafeBootNet:64bit: AppMgmt - Service

SafeBootNet:64bit: Base - Driver Group

SafeBootNet:64bit: Boot Bus Extender - Driver Group

SafeBootNet:64bit: Boot file system - Driver Group

SafeBootNet:64bit: File system - Driver Group

SafeBootNet:64bit: Filter - Driver Group

SafeBootNet:64bit: HelpSvc - Service

SafeBootNet:64bit: MCODS - Reg Error: Value error.

SafeBootNet:64bit: Messenger - Service

SafeBootNet:64bit: NDIS Wrapper - Driver Group

SafeBootNet:64bit: NetBIOSGroup - Driver Group

SafeBootNet:64bit: NetDDEGroup - Driver Group

SafeBootNet:64bit: Network - Driver Group

SafeBootNet:64bit: NetworkProvider - Driver Group

SafeBootNet:64bit: PCI Configuration - Driver Group

SafeBootNet:64bit: PNP Filter - Driver Group

SafeBootNet:64bit: PNP_TDI - Driver Group

SafeBootNet:64bit: Primary disk - Driver Group

SafeBootNet:64bit: rdsessmgr - Service

SafeBootNet:64bit: sacsvr - Service

SafeBootNet:64bit: SCSI Class - Driver Group

SafeBootNet:64bit: Streams Drivers - Driver Group

SafeBootNet:64bit: System Bus Extender - Driver Group

SafeBootNet:64bit: TDI - Driver Group

SafeBootNet:64bit: vmms - Service

SafeBootNet:64bit: WudfUsbccidDriver - Driver

SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: MCODS - Reg Error: Value error.

SafeBootNet: Messenger - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vmms - Service

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings

ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework

ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig

ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - 

ActiveX:64bit: >{F65A5BD6-CBD5-44BB-92EE-7CD500DC5948} - RunDLL32 IEDKCS32.DLL,BrandIE4 CUSTOM

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.06.26 03:35:15 | 000,000,000 | -HSD | C] -- C:\found.000

[2012.06.25 20:00:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET

[2012.06.25 19:57:17 | 000,000,000 | ---D | C] -- C:\Users\Frederik\AppData\Local\Macromedia

[2012.06.25 17:45:24 | 000,000,000 | ---D | C] -- C:\Users\Frederik\AppData\Roaming\Malwarebytes

[2012.06.25 17:45:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012.06.25 17:45:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012.06.25 17:45:14 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2012.06.25 17:45:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2012.06.25 02:50:46 | 000,000,000 | ---D | C] -- C:\_OTL

[2012.06.03 16:33:22 | 000,000,000 | ---D | C] -- C:\Users\Frederik\AppData\Roaming\.minecraft

[2012.06.02 18:17:50 | 000,000,000 | ---D | C] -- C:\Users\Frederik\Desktop\1.3

[2012.06.02 14:37:18 | 000,000,000 | ---D | C] -- C:\Users\Frederik\Desktop\Survival

[2012.05.30 01:58:45 | 000,000,000 | ---D | C] -- C:\Users\Frederik\Desktop\region

[2011.04.12 15:49:58 | 012,420,392 | ---- | C] (Mozilla) -- C:\Program Files (x86)\Firefox.exe

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[1 C:\Users\Frederik\Documents\*.tmp files -> C:\Users\Frederik\Documents\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.06.27 14:25:59 | 000,013,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012.06.27 14:25:58 | 000,013,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012.06.27 14:21:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012.06.27 14:16:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.06.27 14:15:39 | 3106,480,128 | -HS- | M] () -- C:\hiberfil.sys

[2012.06.26 21:25:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1297331777-4265084911-555462683-1000UA.job

[2012.06.26 21:25:00 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1297331777-4265084911-555462683-1000Core.job

[2012.06.26 06:49:48 | 000,001,057 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

[2012.06.26 06:49:40 | 000,001,031 | ---- | M] () -- C:\Users\Frederik\Desktop\Dropbox.lnk

[2012.06.26 03:44:30 | 001,535,666 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012.06.26 03:44:30 | 000,672,522 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2012.06.26 03:44:30 | 000,623,428 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012.06.26 03:44:30 | 000,135,806 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2012.06.26 03:44:30 | 000,111,556 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012.06.26 03:40:55 | 000,449,112 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2012.06.25 17:45:15 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.06.11 21:33:20 | 001,237,678 | ---- | M] () -- C:\Users\Frederik\Desktop\Essentials.zip

[2012.06.10 12:12:47 | 002,088,915 | ---- | M] () -- C:\Users\Frederik\Desktop\2012-06-10_12.12.46.png

[2012.06.08 19:26:12 | 000,351,460 | ---- | M] () -- C:\test.xml

[2012.06.04 21:38:48 | 000,002,724 | ---- | M] () -- C:\Users\Frederik\.recently-used.xbel

[2012.06.03 16:48:36 | 007,512,122 | ---- | M] () -- C:\Users\Frederik\Desktop\craftbukkit.jar

[2012.05.31 12:46:41 | 000,002,026 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk

[2012.05.30 14:30:18 | 000,008,672 | ---- | M] () -- C:\Users\Frederik\Desktop\ctm.png

[2012.05.30 12:37:00 | 003,017,826 | ---- | M] () -- C:\Users\Frederik\Desktop\r.1.1.zip

[2012.05.30 12:36:47 | 004,061,578 | ---- | M] () -- C:\Users\Frederik\Desktop\r.0.-1.zip

[2012.05.30 12:36:32 | 009,193,469 | ---- | M] () -- C:\Users\Frederik\Desktop\r.0.0.zip

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[1 C:\Users\Frederik\Documents\*.tmp files -> C:\Users\Frederik\Documents\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2012.06.25 17:45:15 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.06.11 21:33:19 | 001,237,678 | ---- | C] () -- C:\Users\Frederik\Desktop\Essentials.zip

[2012.06.10 12:12:46 | 002,088,915 | ---- | C] () -- C:\Users\Frederik\Desktop\2012-06-10_12.12.46.png

[2012.06.04 21:38:48 | 000,002,724 | ---- | C] () -- C:\Users\Frederik\.recently-used.xbel

[2012.06.04 00:27:49 | 001,727,579 | ---- | C] () -- C:\Users\Frederik\Desktop\terrain.png

[2012.06.04 00:25:13 | 000,008,672 | ---- | C] () -- C:\Users\Frederik\Desktop\ctm.png

[2012.06.03 16:48:18 | 007,512,122 | ---- | C] () -- C:\Users\Frederik\Desktop\craftbukkit.jar

[2012.05.30 12:37:00 | 003,017,826 | ---- | C] () -- C:\Users\Frederik\Desktop\r.1.1.zip

[2012.05.30 12:36:47 | 004,061,578 | ---- | C] () -- C:\Users\Frederik\Desktop\r.0.-1.zip

[2012.05.30 12:36:31 | 009,193,469 | ---- | C] () -- C:\Users\Frederik\Desktop\r.0.0.zip

[2011.12.27 18:44:05 | 000,000,036 | ---- | C] () -- C:\Users\Frederik\.org.eclipse.epp.usagedata.recording.userId

[2011.12.25 17:21:20 | 000,823,296 | ---- | C] () -- C:\Windows\j3dcore-d3d.dll

[2011.12.25 17:21:20 | 000,163,840 | ---- | C] () -- C:\Windows\j3dcore-ogl.dll

[2011.12.25 17:21:20 | 000,049,152 | ---- | C] () -- C:\Windows\j3dcore-ogl-chk.dll

[2011.12.25 17:21:20 | 000,040,960 | ---- | C] () -- C:\Windows\j3dcore-ogl-cg.dll

[2011.11.06 01:33:15 | 000,000,040 | ---- | C] () -- C:\Users\Frederik\AppData\Roaming\cdr.ini

[2011.11.02 12:51:14 | 000,000,287 | ---- | C] () -- C:\Users\Frederik\AppData\Local\VersionChecker_16.xml

[2011.10.15 23:20:19 | 000,004,518 | ---- | C] () -- C:\Windows\cdplayer.ini

[2011.09.18 16:24:39 | 000,197,120 | ---- | C] () -- C:\Windows\patchw32.dll

[2011.06.19 11:40:43 | 001,660,147 | ---- | C] () -- C:\Program Files (x86)\WinRAR.exe

[2011.05.16 08:39:35 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\MPDLL.DLL

[2011.05.16 08:39:34 | 000,000,075 | ---- | C] () -- C:\Windows\megapfad.ini

[2011.04.11 21:47:57 | 000,000,951 | ---- | C] () -- C:\Program Files (x86)\RS_Bobingen_08_3DA.MPF

[2011.02.24 22:12:12 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat

[2010.12.28 19:39:34 | 000,266,400 | ---- | C] () -- C:\Windows\hpwins23.dat

[2010.12.28 12:31:47 | 001,555,208 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2010.12.27 16:50:10 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys

[2010.10.08 08:55:10 | 000,002,023 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

[2010.07.13 00:11:37 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2010.07.12 22:27:34 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin

[2010.07.12 22:27:34 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll

[2010.07.12 22:27:34 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll

[2010.07.12 22:27:33 | 000,104,636 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin

[2010.07.12 22:27:32 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin

[2010.07.12 22:27:25 | 000,028,732 | ---- | C] () -- C:\Windows\SysWow64\ativvsny.dat

[2010.07.12 22:27:25 | 000,026,936 | ---- | C] () -- C:\Windows\SysWow64\ativvsnl.dat

 
 ========== LOP Check ==========

 

[2011.02.21 16:51:41 | 000,000,000 | ---D | M] -- C:\Users\Elfir\AppData\Roaming\SoftGrid Client

[2010.12.27 15:20:22 | 000,000,000 | -HSD | M] -- C:\Users\Frederik\AppData\Roaming\.#

[2012.06.11 22:05:06 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\.minecraft

[2011.09.18 16:33:48 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Atari

[2010.12.29 23:02:22 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Blender Foundation

[2012.06.27 14:19:36 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Dropbox

[2011.07.24 02:05:19 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\DVDVideoSoft

[2011.07.23 19:46:16 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\DVDVideoSoftIEHelpers

[2011.10.11 21:48:06 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\FreeAudioPack

[2012.06.04 00:28:13 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\gtk-2.0

[2012.05.05 17:22:40 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\loadtbs

[2011.11.02 12:56:36 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\MAXON

[2011.12.10 19:38:24 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\MTE

[2011.11.02 12:50:52 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Nemetschek

[2011.11.11 22:42:38 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Notepad++

[2011.11.07 21:10:10 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Nvu

[2011.03.13 11:49:41 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\SoftGrid Client

[2012.06.03 23:30:10 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Spotify

[2010.12.28 12:32:18 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\TP

[2011.02.16 21:36:52 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\TrueCrypt

[2012.05.01 02:09:50 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\TS3Client

[2012.06.26 21:25:00 | 000,000,918 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1297331777-4265084911-555462683-1000Core.job

[2012.06.26 21:25:00 | 000,000,940 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1297331777-4265084911-555462683-1000UA.job

[2012.03.23 14:34:19 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 
 < %ALLUSERSPROFILE%\Application Data\*. >

 
 < %ALLUSERSPROFILE%\Application Data\*.exe /s >

 
 < %APPDATA%\*. >

[2010.12.27 15:20:22 | 000,000,000 | -HSD | M] -- C:\Users\Frederik\AppData\Roaming\.#

[2012.06.11 22:05:06 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\.minecraft

[2011.12.10 23:13:22 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Adobe

[2011.11.11 14:58:19 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Apple Computer

[2011.06.13 21:31:08 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\ArcSoft

[2011.09.18 16:33:48 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Atari

[2010.12.27 15:12:42 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\ATI

[2011.10.15 09:37:18 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Avira

[2010.12.29 23:02:22 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Blender Foundation

[2010.12.27 16:50:16 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Corel

[2011.08.07 20:08:14 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\DivX

[2012.06.27 14:19:36 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Dropbox

[2011.07.24 02:05:19 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\DVDVideoSoft

[2011.07.23 19:46:16 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\DVDVideoSoftIEHelpers

[2011.10.11 21:48:06 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\FreeAudioPack

[2010.12.27 16:09:27 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Google

[2012.06.04 00:28:13 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\gtk-2.0

[2010.12.29 18:17:09 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\HP

[2012.05.16 23:44:32 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\HpUpdate

[2010.12.27 15:12:05 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Identities

[2010.12.27 15:12:48 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Intel Corporation

[2012.05.05 17:22:40 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\loadtbs

[2010.07.30 15:37:45 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Macromedia

[2012.06.25 17:45:24 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Malwarebytes

[2011.11.02 12:56:36 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\MAXON

[2010.07.13 20:20:19 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Media Center Programs

[2012.06.25 19:57:17 | 000,000,000 | --SD | M] -- C:\Users\Frederik\AppData\Roaming\Microsoft

[2011.07.17 08:57:35 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Microsoft Games

[2011.04.12 15:51:11 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Mozilla

[2011.12.10 19:38:24 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\MTE

[2011.11.02 12:50:52 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Nemetschek

[2011.11.11 22:42:38 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Notepad++

[2011.11.07 21:10:10 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Nvu

[2011.10.21 18:45:21 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Skype

[2011.10.21 18:44:09 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\skypePM

[2011.03.13 11:49:41 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\SoftGrid Client

[2010.12.27 15:15:34 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Sony Corporation

[2012.06.03 23:30:10 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Spotify

[2010.12.28 12:32:18 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\TP

[2011.02.16 21:36:52 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\TrueCrypt

[2012.05.01 02:09:50 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\TS3Client

[2011.06.19 11:42:28 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\WinRAR

[2010.12.28 19:46:53 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Yahoo!

 
 < %APPDATA%\*.exe /s >

[2012.03.26 22:54:36 | 001,488,383 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\.minecraft\mcpatcher-2.3.5.exe

[2012.01.13 18:09:04 | 000,270,142 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\.minecraft\Minecraft.exe

[2011.04.06 18:48:16 | 000,270,848 | ---- | M] (Teckda) -- C:\Users\Frederik\AppData\Roaming\DivX\.minecraft\Minecraft Custom Nickname Loader.exe

[2011.01.14 12:37:54 | 000,232,501 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\DivX\.minecraft\Minecraft.exe

[2011.06.01 16:23:57 | 000,957,367 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\DivX\.minecraft\texturepacks\mcpatcher-2.1.0_01.exe

[2012.05.24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Frederik\AppData\Roaming\Dropbox\bin\Dropbox.exe

[2012.05.24 20:39:24 | 000,872,144 | ---- | M] (Dropbox, Inc.) -- C:\Users\Frederik\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe

[2012.05.24 20:39:56 | 000,177,280 | ---- | M] (Dropbox, Inc.) -- C:\Users\Frederik\AppData\Roaming\Dropbox\bin\Uninstall.exe

[2012.05.05 17:22:37 | 012,697,088 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\loadtbs\ffmpeg.exe

[2012.05.05 17:22:36 | 001,243,136 | ---- | M] (InfiniAd GmbH) -- C:\Users\Frederik\AppData\Roaming\loadtbs\uninstall.exe

[2012.05.05 17:22:37 | 000,694,784 | ---- | M] (InfiniAd GmbH) -- C:\Users\Frederik\AppData\Roaming\loadtbs\ytdl.exe

[2010.07.30 15:37:23 | 000,038,784 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe

[2011.02.09 23:27:58 | 000,010,134 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Microsoft\Installer\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}\ARPPRODUCTICON.exe

[2011.01.03 01:37:52 | 000,124,584 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\avadmin.exe

[2011.01.03 01:37:52 | 000,389,288 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\avcenter.exe

[2011.01.03 01:37:53 | 000,361,128 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\avconfig.exe

[2011.01.03 01:37:53 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\avgnt.exe

[2011.01.03 01:37:53 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\avguard.exe

[2011.01.03 01:37:53 | 000,224,936 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\avnotify.exe

[2011.01.03 01:37:53 | 000,435,368 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\avscan.exe

[2011.01.03 01:37:53 | 000,060,072 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\avupgsvc.exe

[2011.01.03 01:37:53 | 000,214,184 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\avwebloader.exe

[2011.01.03 01:37:54 | 000,098,480 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\avwsc.exe

[2011.01.03 01:37:56 | 000,348,840 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\fact.exe

[2011.01.03 01:37:56 | 000,071,848 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\guardgui.exe

[2011.01.03 01:37:56 | 000,017,064 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\guardhlp.exe

[2011.01.03 01:37:57 | 000,045,416 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\imp64b.exe

[2011.01.03 01:37:57 | 000,041,729 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\insthlp.exe

[2011.01.03 01:37:57 | 000,132,456 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\licmgr.exe

[2011.01.03 01:37:57 | 000,588,456 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\presetup.exe

[2011.01.03 01:37:58 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\sched.exe

[2011.01.03 01:37:58 | 000,666,280 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\setup.exe

[2011.01.03 01:37:58 | 000,516,353 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\update.exe

[2011.01.03 01:38:00 | 004,485,976 | ---- | M] (Microsoft Corporation) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\vcredist_x86.exe

[2011.01.03 01:38:00 | 000,065,192 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\wsctool.exe

[2011.01.03 01:38:00 | 000,260,776 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\vista64\avshadow.exe

[2011.01.03 01:38:01 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\xp\avshadow.exe

[2012.05.06 20:14:46 | 002,895,373 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Templates\SetupDJ3.exe

[2012.05.27 17:38:35 | 009,478,320 | ---- | M] (Spotify Ltd) -- C:\Users\Frederik\AppData\Roaming\Spotify\spotify.exe

[2012.05.27 17:38:35 | 000,932,528 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

 
 < %SYSTEMDRIVE%\*.exe >

 
 < MD5 for: AGP440.SYS  >

[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys

[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys

[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

 
 < MD5 for: ATAPI.SYS  >

[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys

[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys

[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

 
 < MD5 for: CNGAUDIT.DLL  >

[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll

[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll

[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

 
 < MD5 for: IASTOR.SYS  >

[2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Windows\SysNative\drivers\iaStor.sys

[2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_78ebae21a80aa2b4\iaStor.sys

 
 < MD5 for: IASTORV.SYS  >

[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys

[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\drivers\iaStorV.sys

[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0033117673c16921\iaStorV.sys

[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys

[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys

[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys

[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

 
 < MD5 for: NETLOGON.DLL  >

[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll

[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll

[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll

[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

 
 < MD5 for: NVSTOR.SYS  >

[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys

[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\drivers\nvstor.sys

[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_38e464dbe521cc7f\nvstor.sys

[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys

[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys

[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys

[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys

 
 < MD5 for: SCECLI.DLL  >

[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll

[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll

[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll

[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\SysNative\user32.dll

[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll

[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll

[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe

[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe

[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

 
 < MD5 for: WININIT.EXE  >

[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe

[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe

[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe

[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe

[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe

[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe

[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys

[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

 
 < %systemroot%\*. /mp /s >

 
 < %systemroot%\system32\*.dll /lockedfiles >

[2009.07.14 03:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\FirewallAPI.dll
 

< End of report >

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

:OTL

IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = http://www.searchqu.com/web?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms}

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}

IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = http://www.searchqu.com/web?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms}

IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\URLSearchHook:  - No CLSID value found

IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - No CLSID value found

IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}

IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\SearchScopes\{72344400-8F20-4959-B4E9-956718E805DF}: "URL" = http://services.zinio.com/search?s={searchTerms}&rf=sonyslices

IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\SearchScopes\{908F9AEF-5D8C-478A-A424-C308A5274D52}: "URL" = http://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms}

IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = http://www.searchqu.com/web?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms}

IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\SearchScopes\{C3344A8E-9DE1-45B5-A8CA-1928CD9123FE}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825

IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\SearchScopes\{EDA43DA9-9B5D-4D02-A3D2-96BA0018368D}: "URL" = http://de.shopping.com/?linkin_id=8056363

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"

FF - prefs.js..browser.search.defaultthis.engineName: "Winload Customized Web Search"

FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?SSPV=FFOB8&ctid=CT2319825&SearchSource=3&q={searchTerms}"

FF - prefs.js..browser.search.order.1: "Searchqu Web Search"

FF - user.js - File not found

[2012.05.03 18:54:14 | 000,000,947 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\conduit.xml

[2012.06.26 13:36:38 | 000,000,950 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-1.xml

[2011.08.27 22:34:03 | 000,000,950 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-2.xml

[2011.09.02 11:48:36 | 000,000,950 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-3.xml

[2011.09.07 09:49:45 | 000,000,950 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-4.xml

[2011.09.27 17:29:38 | 000,000,950 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-5.xml

[2011.10.11 22:25:30 | 000,000,950 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-6.xml

[2011.11.10 19:21:29 | 000,000,950 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-7.xml

[2011.06.28 23:24:38 | 000,001,056 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin.xml

[2011.10.11 21:47:53 | 000,002,520 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\SearchResults.xml

[2011.10.11 21:47:53 | 000,002,520 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml

CHR - default_search_provider: Web Search (Enabled)

CHR - default_search_provider: search_url = http://www.searchqu.com/web?src=crb&appid=0&systemid=410&sr=0&q={searchTerms}

CHR - default_search_provider: suggest_url = 

O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)

O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O3 - HKLM\..\Toolbar: (loadtbs) - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} - C:\Users\Frederik\AppData\Roaming\loadtbs\toolbar.dll (InfiniAd GmbH)

O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{1ae3e3c3-e469-11e0-a967-a7bfb79dcbb5}\Shell - "" = AutoRun

O33 - MountPoints2\{1ae3e3c3-e469-11e0-a967-a7bfb79dcbb5}\Shell\AutoRun\command - "" = E:\Startme.exe

[2012.06.26 03:35:15 | 000,000,000 | -HSD | C] -- C:\found.000

[2010.12.27 15:20:22 | 000,000,000 | -HSD | M] -- C:\Users\Frederik\AppData\Roaming\.#

[2012.05.05 17:22:40 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\loadtbs

:Commands

[purity]

[emptytemp]

[emptyflash]

[resethosts]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

hier ist das Logfile:

Code:

All processes killed

========== OTL ==========

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}\ not found.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}\ not found.

Registry value HKEY_USERS\S-1-5-21-1297331777-4265084911-555462683-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.

Registry value HKEY_USERS\S-1-5-21-1297331777-4265084911-555462683-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{40c3cc16-7269-4b32-9531-17f2950fb06f} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ not found.

Registry value HKEY_USERS\S-1-5-21-1297331777-4265084911-555462683-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully.

C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll moved successfully.

HKEY_USERS\S-1-5-21-1297331777-4265084911-555462683-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

Registry key HKEY_USERS\S-1-5-21-1297331777-4265084911-555462683-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.

Registry key HKEY_USERS\S-1-5-21-1297331777-4265084911-555462683-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.

Registry key HKEY_USERS\S-1-5-21-1297331777-4265084911-555462683-1000\Software\Microsoft\Internet Explorer\SearchScopes\{72344400-8F20-4959-B4E9-956718E805DF}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72344400-8F20-4959-B4E9-956718E805DF}\ not found.

Registry key HKEY_USERS\S-1-5-21-1297331777-4265084911-555462683-1000\Software\Microsoft\Internet Explorer\SearchScopes\{908F9AEF-5D8C-478A-A424-C308A5274D52}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{908F9AEF-5D8C-478A-A424-C308A5274D52}\ not found.

Registry key HKEY_USERS\S-1-5-21-1297331777-4265084911-555462683-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}\ not found.

Registry key HKEY_USERS\S-1-5-21-1297331777-4265084911-555462683-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C3344A8E-9DE1-45B5-A8CA-1928CD9123FE}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C3344A8E-9DE1-45B5-A8CA-1928CD9123FE}\ not found.

Registry key HKEY_USERS\S-1-5-21-1297331777-4265084911-555462683-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EDA43DA9-9B5D-4D02-A3D2-96BA0018368D}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EDA43DA9-9B5D-4D02-A3D2-96BA0018368D}\ not found.

Prefs.js: "ICQ Search" removed from browser.search.defaultenginename

Prefs.js: "Winload Customized Web Search" removed from browser.search.defaultthis.engineName

Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?SSPV=FFOB8&ctid=CT2319825&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl

Prefs.js: "Searchqu Web Search" removed from browser.search.order.1

C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\conduit.xml moved successfully.

C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-1.xml moved successfully.

C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-2.xml moved successfully.

C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-3.xml moved successfully.

C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-4.xml moved successfully.

C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-5.xml moved successfully.

C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-6.xml moved successfully.

C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-7.xml moved successfully.

C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin.xml moved successfully.

C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\SearchResults.xml moved successfully.

C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml moved successfully.

Unable to fix default_search_provider items.

Unable to fix default_search_provider items.

Unable to fix default_search_provider items.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.

File C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}\ deleted successfully.

C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll moved successfully.

64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{DFEFCDEE-CF1A-4FC8-88AD-129872198372} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DFEFCDEE-CF1A-4FC8-88AD-129872198372}\ deleted successfully.

C:\Users\Frederik\AppData\Roaming\loadtbs\toolbar.dll moved successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.

File C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll not found.

Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.

Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1ae3e3c3-e469-11e0-a967-a7bfb79dcbb5}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1ae3e3c3-e469-11e0-a967-a7bfb79dcbb5}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1ae3e3c3-e469-11e0-a967-a7bfb79dcbb5}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1ae3e3c3-e469-11e0-a967-a7bfb79dcbb5}\ not found.

File E:\Startme.exe not found.

C:\found.000 folder moved successfully.

C:\Users\Frederik\AppData\Roaming\.# folder moved successfully.

C:\Users\Frederik\AppData\Roaming\loadtbs\chrome@loadtubes.com folder moved successfully.

C:\Users\Frederik\AppData\Roaming\loadtbs folder moved successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 56466 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

User: Elfir

->Temp folder emptied: 7672253 bytes

->Temporary Internet Files folder emptied: 28031239 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 13011020 bytes

->Flash cache emptied: 42385 bytes

 

User: Frederik

->Temp folder emptied: 3180107265 bytes

->Temporary Internet Files folder emptied: 235157409 bytes

->Java cache emptied: 49753 bytes

->FireFox cache emptied: 1112124980 bytes

->Google Chrome cache emptied: 63384384 bytes

->Flash cache emptied: 67921 bytes

 

User: Public

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 352256696 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 605405 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 4.761,00 mb

 

 

[EMPTYFLASH]

 

User: All Users

 

User: Default

->Flash cache emptied: 0 bytes

 

User: Default User

->Flash cache emptied: 0 bytes

 

User: Elfir

->Flash cache emptied: 0 bytes

 

User: Frederik

->Flash cache emptied: 0 bytes

 

User: Public

 

Total Flash Files Cleaned = 0,00 mb

 

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

 

OTL by OldTimer - Version 3.2.53.0 log created on 06282012_180007
 

Files\Folders moved on Reboot...

C:\Users\Frederik\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

File\Folder C:\Users\Frederik\AppData\Local\Temp\~DF0857E423C9172073.TMP not found!

File\Folder C:\Users\Frederik\AppData\Local\Temp\~DF09955E96C4AF1C40.TMP not found!

File\Folder C:\Users\Frederik\AppData\Local\Temp\~DF0EF21CFB05028E30.TMP not found!

File\Folder C:\Users\Frederik\AppData\Local\Temp\~DF114613426949A6EF.TMP not found!

File\Folder C:\Users\Frederik\AppData\Local\Temp\~DF194CE5E85E6EF032.TMP not found!

File\Folder C:\Users\Frederik\AppData\Local\Temp\~DF2516312EE1AC5AED.TMP not found!

File\Folder C:\Users\Frederik\AppData\Local\Temp\~DF331E68FD967518B4.TMP not found!

File\Folder C:\Users\Frederik\AppData\Local\Temp\~DF3FBBF1169DCAEC23.TMP not found!

File\Folder C:\Users\Frederik\AppData\Local\Temp\~DF5F49E2A9EE01FA18.TMP not found!

File\Folder C:\Users\Frederik\AppData\Local\Temp\~DF7CA55B94542056C5.TMP not found!

File\Folder C:\Users\Frederik\AppData\Local\Temp\~DF81F6CF965A451B77.TMP not found!

File\Folder C:\Users\Frederik\AppData\Local\Temp\~DF97B4159CE8969B0C.TMP not found!

File\Folder C:\Users\Frederik\AppData\Local\Temp\~DF9DAB98D682CB09A0.TMP not found!

File\Folder C:\Users\Frederik\AppData\Local\Temp\~DFB69190B41EAC84C0.TMP not found!
 

PendingFileRenameOperations files...

File C:\Users\Frederik\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!

File C:\Users\Frederik\AppData\Local\Temp\~DF0857E423C9172073.TMP not found!

File C:\Users\Frederik\AppData\Local\Temp\~DF09955E96C4AF1C40.TMP not found!

File C:\Users\Frederik\AppData\Local\Temp\~DF0EF21CFB05028E30.TMP not found!

File C:\Users\Frederik\AppData\Local\Temp\~DF114613426949A6EF.TMP not found!

File C:\Users\Frederik\AppData\Local\Temp\~DF194CE5E85E6EF032.TMP not found!

File C:\Users\Frederik\AppData\Local\Temp\~DF2516312EE1AC5AED.TMP not found!

File C:\Users\Frederik\AppData\Local\Temp\~DF331E68FD967518B4.TMP not found!

File C:\Users\Frederik\AppData\Local\Temp\~DF3FBBF1169DCAEC23.TMP not found!

File C:\Users\Frederik\AppData\Local\Temp\~DF5F49E2A9EE01FA18.TMP not found!

File C:\Users\Frederik\AppData\Local\Temp\~DF7CA55B94542056C5.TMP not found!

File C:\Users\Frederik\AppData\Local\Temp\~DF81F6CF965A451B77.TMP not found!

File C:\Users\Frederik\AppData\Local\Temp\~DF97B4159CE8969B0C.TMP not found!

File C:\Users\Frederik\AppData\Local\Temp\~DF9DAB98D682CB09A0.TMP not found!

File C:\Users\Frederik\AppData\Local\Temp\~DFB69190B41EAC84C0.TMP not found!
 

Registry entries deleted on Reboot...

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

Code:

15:39:57.0650 4884        TDSS rootkit removing tool 2.7.42.0 Jun 25 2012 21:18:44

15:39:57.0850 4884        ============================================================

15:39:57.0850 4884        Current date / time: 2012/06/29 15:39:57.0850

15:39:57.0850 4884        SystemInfo:

15:39:57.0850 4884        

15:39:57.0850 4884        OS Version: 6.1.7600 ServicePack: 0.0

15:39:57.0850 4884        Product type: Workstation

15:39:57.0850 4884        ComputerName: FREDERIK-VAIO

15:39:57.0850 4884        UserName: Frederik

15:39:57.0850 4884        Windows directory: C:\Windows

15:39:57.0850 4884        System windows directory: C:\Windows

15:39:57.0850 4884        Running under WOW64

15:39:57.0850 4884        Processor architecture: Intel x64

15:39:57.0850 4884        Number of processors: 4

15:39:57.0850 4884        Page size: 0x1000

15:39:57.0850 4884        Boot type: Normal boot

15:39:57.0850 4884        ============================================================

15:39:59.0260 4884        Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

15:39:59.0280 4884        ============================================================

15:39:59.0280 4884        \Device\Harddisk0\DR0:

15:39:59.0280 4884        MBR partitions:

15:39:59.0280 4884        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1ADE800, BlocksNum 0x32000

15:39:59.0280 4884        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B10800, BlocksNum 0x38875030

15:39:59.0280 4884        ============================================================

15:39:59.0330 4884        C: <-> \Device\Harddisk0\DR0\Partition1

15:39:59.0340 4884        ============================================================

15:39:59.0340 4884        Initialize success

15:39:59.0340 4884        ============================================================

15:40:29.0467 6124        ============================================================

15:40:29.0467 6124        Scan started

15:40:29.0467 6124        Mode: Manual; SigCheck; TDLFS; 

15:40:29.0467 6124        ============================================================

15:40:31.0407 6124        1394ohci        (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\drivers\1394ohci.sys

15:40:31.0607 6124        1394ohci - ok

15:40:31.0687 6124        6077757b        (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys

15:40:31.0787 6124        6077757b - ok

15:40:32.0067 6124        ACDaemon        (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

15:40:32.0147 6124        ACDaemon - ok

15:40:32.0207 6124        ACPI            (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys

15:40:32.0227 6124        ACPI - ok

15:40:32.0257 6124        AcpiPmi         (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys

15:40:32.0367 6124        AcpiPmi - ok

15:40:32.0967 6124        AdobeActiveFileMonitor8.0 (34400005de52842c4d6d4ee978b4d7ce) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe

15:40:33.0047 6124        AdobeActiveFileMonitor8.0 - ok

15:40:34.0037 6124        AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

15:40:34.0047 6124        AdobeFlashPlayerUpdateSvc - ok

15:40:34.0437 6124        adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys

15:40:34.0477 6124        adp94xx - ok

15:40:34.0717 6124        adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys

15:40:34.0787 6124        adpahci - ok

15:40:34.0867 6124        adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys

15:40:34.0887 6124        adpu320 - ok

15:40:35.0107 6124        AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

15:40:35.0257 6124        AeLookupSvc - ok

15:40:35.0517 6124        AFD             (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys

15:40:35.0677 6124        AFD - ok

15:40:35.0737 6124        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

15:40:35.0757 6124        agp440 - ok

15:40:35.0807 6124        ALG             (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

15:40:35.0867 6124        ALG - ok

15:40:35.0897 6124        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

15:40:35.0927 6124        aliide - ok

15:40:35.0977 6124        AMD External Events Utility (3f9b03b72577a6a7405bf30801cbd159) C:\Windows\system32\atiesrxx.exe

15:40:36.0057 6124        AMD External Events Utility - ok

15:40:36.0087 6124        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

15:40:36.0097 6124        amdide - ok

15:40:36.0137 6124        AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys

15:40:36.0197 6124        AmdK8 - ok

15:40:38.0797 6124        amdkmdag        (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys

15:40:39.0037 6124        amdkmdag - ok

15:40:40.0117 6124        amdkmdap        (dca6e341a4a7c31ea8a14c6166c9b249) C:\Windows\system32\DRIVERS\atikmpag.sys

15:40:40.0267 6124        amdkmdap - ok

15:40:40.0387 6124        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys

15:40:40.0437 6124        AmdPPM - ok

15:40:40.0487 6124        amdsata         (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys

15:40:40.0507 6124        amdsata - ok

15:40:40.0537 6124        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys

15:40:40.0567 6124        amdsbs - ok

15:40:40.0587 6124        amdxata         (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys

15:40:40.0607 6124        amdxata - ok

15:40:41.0197 6124        AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

15:40:41.0227 6124        AntiVirSchedulerService - ok

15:40:41.0447 6124        AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

15:40:41.0457 6124        AntiVirService - ok

15:40:42.0117 6124        ApfiltrService  (2d45f2dfbc3d8f53df7ebeffa8c9bc38) C:\Windows\system32\drivers\Apfiltr.sys

15:40:42.0237 6124        ApfiltrService - ok

15:40:42.0307 6124        AppID           (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

15:40:42.0447 6124        AppID - ok

15:40:42.0527 6124        AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

15:40:42.0587 6124        AppIDSvc - ok

15:40:42.0757 6124        Appinfo         (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll

15:40:42.0857 6124        Appinfo - ok

15:40:42.0917 6124        arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys

15:40:42.0947 6124        arc - ok

15:40:43.0127 6124        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys

15:40:43.0157 6124        arcsas - ok

15:40:43.0227 6124        ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys

15:40:43.0237 6124        ArcSoftKsUFilter - ok

15:40:43.0277 6124        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

15:40:43.0397 6124        AsyncMac - ok

15:40:43.0437 6124        atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

15:40:43.0447 6124        atapi - ok

15:40:45.0187 6124        athr            (cca705cdf038d5bc243203ce4416b345) C:\Windows\system32\DRIVERS\athrx.sys

15:40:45.0327 6124        athr - ok

15:40:48.0977 6124        atikmdag        (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys

15:40:49.0077 6124        atikmdag - ok

15:40:49.0437 6124        AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll

15:40:49.0537 6124        AudioEndpointBuilder - ok

15:40:49.0537 6124        AudioSrv        (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll

15:40:49.0577 6124        AudioSrv - ok

15:40:49.0967 6124        avgntflt        (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys

15:40:49.0987 6124        avgntflt - ok

15:40:50.0097 6124        avipbb          (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys

15:40:50.0117 6124        avipbb - ok

15:40:50.0257 6124        avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys

15:40:50.0277 6124        avkmgr - ok

15:40:50.0687 6124        AxInstSV        (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll

15:40:50.0837 6124        AxInstSV - ok

15:40:50.0957 6124        b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys

15:40:51.0017 6124        b06bdrv - ok

15:40:51.0177 6124        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

15:40:51.0297 6124        b57nd60a - ok

15:40:51.0467 6124        BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

15:40:51.0587 6124        BDESVC - ok

15:40:51.0687 6124        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

15:40:51.0757 6124        Beep - ok

15:40:52.0097 6124        BFE             (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll

15:40:52.0177 6124        BFE - ok

15:40:52.0247 6124        BITS            (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll

15:40:52.0527 6124        BITS - ok

15:40:52.0687 6124        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys

15:40:52.0727 6124        blbdrive - ok

15:40:52.0797 6124        bowser          (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys

15:40:52.0927 6124        bowser - ok

15:40:53.0037 6124        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys

15:40:53.0087 6124        BrFiltLo - ok

15:40:53.0147 6124        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys

15:40:53.0187 6124        BrFiltUp - ok

15:40:53.0487 6124        Browser         (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll

15:40:53.0547 6124        Browser - ok

15:40:53.0717 6124        Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

15:40:53.0787 6124        Brserid - ok

15:40:53.0867 6124        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

15:40:53.0957 6124        BrSerWdm - ok

15:40:54.0067 6124        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

15:40:54.0157 6124        BrUsbMdm - ok

15:40:54.0267 6124        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

15:40:54.0307 6124        BrUsbSer - ok

15:40:54.0377 6124        BthEnum         (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys

15:40:54.0467 6124        BthEnum - ok

15:40:54.0757 6124        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

15:40:54.0827 6124        BTHMODEM - ok

15:40:55.0037 6124        BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

15:40:55.0087 6124        BthPan - ok

15:40:55.0337 6124        BTHPORT         (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\system32\Drivers\BTHport.sys

15:40:55.0457 6124        BTHPORT - ok

15:40:55.0587 6124        bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

15:40:55.0697 6124        bthserv - ok

15:40:55.0807 6124        BTHUSB          (8504842634dd144c075b6b0c982ccec4) C:\Windows\system32\Drivers\BTHUSB.sys

15:40:55.0837 6124        BTHUSB - ok

15:40:56.0157 6124        btwampfl        (59e3510784548c6939c1b3b985c232e3) C:\Windows\system32\drivers\btwampfl.sys

15:40:56.0207 6124        btwampfl - ok

15:40:56.0307 6124        btwaudio        (1872074ed0a3fb22e3f1e3197b984bfa) C:\Windows\system32\drivers\btwaudio.sys

15:40:56.0327 6124        btwaudio - ok

15:40:56.0727 6124        btwavdt         (691cf076c33ab1c3a5b2fd5450300733) C:\Windows\system32\DRIVERS\btwavdt.sys

15:40:56.0777 6124        btwavdt - ok

15:40:57.0567 6124        btwdins         (8ba6e93a182126781952a7895ec1e4b2) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

15:40:57.0587 6124        btwdins - ok

15:40:57.0707 6124        btwl2cap        (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys

15:40:57.0737 6124        btwl2cap - ok

15:40:57.0777 6124        btwrchid        (c9273b20dec8ce38dbce5d29de63c907) C:\Windows\system32\DRIVERS\btwrchid.sys

15:40:57.0797 6124        btwrchid - ok

15:40:57.0907 6124        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

15:40:57.0997 6124        cdfs - ok

15:40:58.0197 6124        cdrom           (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys

15:40:58.0247 6124        cdrom - ok

15:40:58.0327 6124        CertPropSvc     (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll

15:40:58.0377 6124        CertPropSvc - ok

15:40:58.0477 6124        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys

15:40:58.0537 6124        circlass - ok

15:40:58.0707 6124        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

15:40:58.0737 6124        CLFS - ok

15:40:58.0957 6124        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

15:40:58.0997 6124        clr_optimization_v2.0.50727_32 - ok

15:40:59.0137 6124        clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

15:40:59.0177 6124        clr_optimization_v2.0.50727_64 - ok

15:40:59.0427 6124        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

15:40:59.0487 6124        clr_optimization_v4.0.30319_32 - ok

15:40:59.0527 6124        clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

15:40:59.0557 6124        clr_optimization_v4.0.30319_64 - ok

15:40:59.0637 6124        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys

15:40:59.0677 6124        CmBatt - ok

15:40:59.0737 6124        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

15:40:59.0767 6124        cmdide - ok

15:40:59.0887 6124        CNG             (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys

15:41:00.0067 6124        CNG - ok

15:41:00.0157 6124        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys

15:41:00.0197 6124        Compbatt - ok

15:41:00.0267 6124        CompositeBus    (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys

15:41:00.0337 6124        CompositeBus - ok

15:41:00.0357 6124        COMSysApp - ok

15:41:00.0387 6124        crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys

15:41:00.0407 6124        crcdisk - ok

15:41:00.0567 6124        CryptSvc        (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll

15:41:00.0737 6124        CryptSvc - ok

15:41:00.0947 6124        dc3d            (23d4b856725f5fc3c4f410c150ab107b) C:\Windows\system32\DRIVERS\dc3d.sys

15:41:00.0967 6124        dc3d - ok

15:41:01.0057 6124        DcomLaunch      (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll

15:41:01.0147 6124        DcomLaunch - ok

15:41:01.0507 6124        defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

15:41:01.0677 6124        defragsvc - ok

15:41:01.0907 6124        DfsC            (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys

15:41:02.0017 6124        DfsC - ok

15:41:02.0187 6124        Dhcp            (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll

15:41:02.0547 6124        Dhcp - ok

15:41:02.0697 6124        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

15:41:02.0787 6124        discache - ok

15:41:02.0887 6124        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys

15:41:02.0907 6124        Disk - ok

15:41:03.0097 6124        Dnscache        (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll

15:41:03.0187 6124        Dnscache - ok

15:41:03.0287 6124        dot3svc         (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll

15:41:03.0407 6124        dot3svc - ok

15:41:03.0547 6124        Dot4            (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys

15:41:03.0637 6124        Dot4 - ok

15:41:03.0747 6124        Dot4Print       (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys

15:41:03.0817 6124        Dot4Print - ok

15:41:03.0907 6124        dot4usb         (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys

15:41:03.0967 6124        dot4usb - ok

15:41:04.0087 6124        DPS             (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll

15:41:04.0167 6124        DPS - ok

15:41:04.0207 6124        drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

15:41:04.0237 6124        drmkaud - ok

15:41:04.0487 6124        DXGKrnl         (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys

15:41:04.0667 6124        DXGKrnl - ok

15:41:04.0757 6124        EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

15:41:04.0837 6124        EapHost - ok

15:41:05.0807 6124        ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys

15:41:05.0987 6124        ebdrv - ok

15:41:06.0317 6124        EFS             (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe

15:41:06.0517 6124        EFS - ok

15:41:06.0687 6124        ehRecvr         (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe

15:41:06.0807 6124        ehRecvr - ok

15:41:06.0837 6124        ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

15:41:07.0047 6124        ehSched - ok

15:41:07.0137 6124        elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys

15:41:07.0187 6124        elxstor - ok

15:41:07.0227 6124        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

15:41:07.0247 6124        ErrDev - ok

15:41:07.0407 6124        EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

15:41:07.0497 6124        EventSystem - ok

15:41:07.0587 6124        exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

15:41:07.0657 6124        exfat - ok

15:41:07.0727 6124        fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

15:41:07.0787 6124        fastfat - ok

15:41:08.0127 6124        Fax             (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe

15:41:08.0197 6124        Fax - ok

15:41:08.0317 6124        fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys

15:41:08.0377 6124        fdc - ok

15:41:08.0417 6124        fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

15:41:08.0467 6124        fdPHost - ok

15:41:08.0527 6124        FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

15:41:08.0587 6124        FDResPub - ok

15:41:08.0617 6124        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

15:41:08.0637 6124        FileInfo - ok

15:41:08.0647 6124        Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

15:41:08.0717 6124        Filetrace - ok

15:41:08.0997 6124        FLEXnet Licensing Service (abedfd48ac042c6aaad32452e77217a1) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

15:41:09.0097 6124        FLEXnet Licensing Service - ok

15:41:09.0177 6124        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys

15:41:09.0207 6124        flpydisk - ok

15:41:09.0257 6124        FltMgr          (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

15:41:09.0297 6124        FltMgr - ok

15:41:09.0487 6124        FontCache       (97223981a9214f1b4997e9075abb6bf5) C:\Windows\system32\FntCache.dll

15:41:09.0607 6124        FontCache - ok

15:41:09.0817 6124        FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

15:41:09.0847 6124        FontCache3.0.0.0 - ok

15:41:09.0947 6124        FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

15:41:09.0967 6124        FsDepends - ok

15:41:10.0037 6124        Fs_Rec          (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys

15:41:10.0067 6124        Fs_Rec - ok

15:41:10.0237 6124        fvevol          (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys

15:41:10.0297 6124        fvevol - ok

15:41:10.0407 6124        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys

15:41:10.0447 6124        gagp30kx - ok

15:41:10.0607 6124        ggflt           (a4198f2bd8aa592cb90476277a81b5e1) C:\Windows\system32\DRIVERS\ggflt.sys

15:41:10.0627 6124        ggflt - ok

15:41:10.0717 6124        ggsemc          (d266350bdaab9eb6c1aec370eeaaff3a) C:\Windows\system32\DRIVERS\ggsemc.sys

15:41:10.0747 6124        ggsemc - ok

15:41:11.0007 6124        gpsvc           (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll

15:41:11.0077 6124        gpsvc - ok

15:41:11.0217 6124        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

15:41:11.0347 6124        hcw85cir - ok

15:41:11.0487 6124        HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys

15:41:11.0587 6124        HdAudAddService - ok

15:41:11.0757 6124        HDAudBus        (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys

15:41:11.0797 6124        HDAudBus - ok

15:41:11.0887 6124        HECIx64         (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\drivers\HECIx64.sys

15:41:11.0907 6124        HECIx64 - ok

15:41:12.0007 6124        HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys

15:41:12.0067 6124        HidBatt - ok

15:41:12.0207 6124        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys

15:41:12.0257 6124        HidBth - ok

15:41:12.0277 6124        HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys

15:41:12.0317 6124        HidIr - ok

15:41:12.0347 6124        hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

15:41:12.0417 6124        hidserv - ok

15:41:12.0507 6124        HidUsb          (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys

15:41:12.0547 6124        HidUsb - ok

15:41:12.0637 6124        hkmsvc          (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll

15:41:12.0737 6124        hkmsvc - ok

15:41:12.0857 6124        HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll

15:41:12.0967 6124        HomeGroupListener - ok

15:41:13.0067 6124        HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll

15:41:13.0107 6124        HomeGroupProvider - ok

15:41:13.0507 6124        hpqcxs08        (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll

15:41:13.0527 6124        hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning

15:41:13.0527 6124        hpqcxs08 - detected UnsignedFile.Multi.Generic (1)

15:41:13.0697 6124        hpqddsvc        (75cc8c5146a3fb76221a7606628778d5) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll

15:41:13.0727 6124        hpqddsvc ( UnsignedFile.Multi.Generic ) - warning

15:41:13.0727 6124        hpqddsvc - detected UnsignedFile.Multi.Generic (1)

15:41:13.0817 6124        HpSAMD          (0886d440058f203eba0e1825e4355914) C:\Windows\system32\drivers\HpSAMD.sys

15:41:13.0837 6124        HpSAMD - ok

15:41:14.0057 6124        HPSLPSVC        (f37882f128efacefe353e0bae2766909) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL

15:41:14.0107 6124        HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning

15:41:14.0107 6124        HPSLPSVC - detected UnsignedFile.Multi.Generic (1)

15:41:14.0427 6124        HTTP            (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

15:41:14.0547 6124        HTTP - ok

15:41:14.0637 6124        hwpolicy        (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

15:41:14.0667 6124        hwpolicy - ok

15:41:14.0997 6124        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

15:41:15.0057 6124        i8042prt - ok

15:41:15.0507 6124        iaStor          (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\drivers\iaStor.sys

15:41:15.0527 6124        iaStor - ok

15:41:15.0917 6124        IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

15:41:15.0937 6124        IAStorDataMgrSvc - ok

15:41:16.0127 6124        iaStorV         (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys

15:41:16.0177 6124        iaStorV - ok

15:41:16.0417 6124        IDriverT        (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

15:41:16.0427 6124        IDriverT ( UnsignedFile.Multi.Generic ) - warning

15:41:16.0427 6124        IDriverT - detected UnsignedFile.Multi.Generic (1)

15:41:17.0017 6124        idsvc           (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

15:41:17.0347 6124        idsvc - ok

15:41:21.0727 6124        igfx            (2a22ab054f4630d2ef4bab2853f6d5f6) C:\Windows\system32\DRIVERS\igdkmd64.sys

15:41:22.0187 6124        igfx ( UnsignedFile.Multi.Generic ) - warning

15:41:22.0187 6124        igfx - detected UnsignedFile.Multi.Generic (1)

15:41:22.0777 6124        iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys

15:41:22.0817 6124        iirsp - ok

15:41:23.0187 6124        IKEEXT          (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll

15:41:23.0277 6124        IKEEXT - ok

15:41:23.0387 6124        Impcd           (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys

15:41:23.0487 6124        Impcd - ok

15:41:25.0017 6124        IntcAzAudAddService (526e482afb586cb1cdd687869decf686) C:\Windows\system32\drivers\RTKVHD64.sys

15:41:25.0117 6124        IntcAzAudAddService - ok

15:41:25.0547 6124        IntcDAud        (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys

15:41:25.0587 6124        IntcDAud ( UnsignedFile.Multi.Generic ) - warning

15:41:25.0587 6124        IntcDAud - detected UnsignedFile.Multi.Generic (1)

15:41:25.0667 6124        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

15:41:25.0707 6124        intelide - ok

15:41:25.0787 6124        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys

15:41:25.0827 6124        intelppm - ok

15:41:25.0977 6124        IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

15:41:26.0067 6124        IPBusEnum - ok

15:41:26.0277 6124        IpFilterDriver  (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

15:41:26.0387 6124        IpFilterDriver - ok

15:41:27.0017 6124        iphlpsvc        (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll

15:41:27.0117 6124        iphlpsvc - ok

15:41:27.0297 6124        IPMIDRV         (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\drivers\IPMIDrv.sys

15:41:27.0377 6124        IPMIDRV - ok

15:41:27.0597 6124        IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

15:41:27.0687 6124        IPNAT - ok

15:41:27.0747 6124        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

15:41:27.0767 6124        IRENUM - ok

15:41:27.0847 6124        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

15:41:27.0887 6124        isapnp - ok

15:41:28.0077 6124        iScsiPrt        (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\drivers\msiscsi.sys

15:41:28.0117 6124        iScsiPrt - ok

15:41:28.0317 6124        IviRegMgr       (213822072085b5bbad9af30ab577d817) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

15:41:28.0327 6124        IviRegMgr - ok

15:41:28.0437 6124        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

15:41:28.0467 6124        kbdclass - ok

15:41:28.0527 6124        kbdhid          (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys

15:41:28.0597 6124        kbdhid - ok

15:41:28.0637 6124        KeyIso          (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

15:41:28.0657 6124        KeyIso - ok

15:41:28.0727 6124        KSecDD          (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys

15:41:28.0757 6124        KSecDD - ok

15:41:28.0947 6124        KSecPkg         (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys

15:41:28.0977 6124        KSecPkg - ok

15:41:29.0057 6124        ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

15:41:29.0127 6124        ksthunk - ok

15:41:29.0257 6124        KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

15:41:29.0367 6124        KtmRm - ok

15:41:29.0517 6124        LanmanServer    (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll

15:41:29.0647 6124        LanmanServer - ok

15:41:29.0777 6124        LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll

15:41:29.0847 6124        LanmanWorkstation - ok

15:41:29.0987 6124        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

15:41:30.0057 6124        lltdio - ok

15:41:30.0147 6124        lltdsvc         (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

15:41:30.0247 6124        lltdsvc - ok

15:41:30.0347 6124        lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

15:41:30.0407 6124        lmhosts - ok

15:41:30.0557 6124        LMS             (3d23191672d83e90d1cf63927ee98136) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

15:41:30.0567 6124        LMS - ok

15:41:30.0647 6124        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys

15:41:30.0667 6124        LSI_FC - ok

15:41:30.0697 6124        LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys

15:41:30.0717 6124        LSI_SAS - ok

15:41:30.0767 6124        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys

15:41:30.0787 6124        LSI_SAS2 - ok

15:41:30.0847 6124        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys

15:41:30.0867 6124        LSI_SCSI - ok

15:41:30.0897 6124        luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

15:41:30.0967 6124        luafv - ok

15:41:31.0067 6124        MBAMProtector   (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys

15:41:31.0087 6124        MBAMProtector - ok

15:41:31.0277 6124        MBAMService     (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

15:41:31.0297 6124        MBAMService - ok

15:41:31.0437 6124        Mcx2Svc         (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll

15:41:31.0507 6124        Mcx2Svc - ok

15:41:31.0567 6124        megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys

15:41:31.0597 6124        megasas - ok

15:41:31.0667 6124        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys

15:41:31.0687 6124        MegaSR - ok

15:41:31.0767 6124        Megatech-Software-Protection (68b005af0bc4f8823eab5b105a40cc28) C:\Megatech\MProtect\MPSERV.EXE

15:41:31.0777 6124        Megatech-Software-Protection ( UnsignedFile.Multi.Generic ) - warning

15:41:31.0777 6124        Megatech-Software-Protection - detected UnsignedFile.Multi.Generic (1)

15:41:31.0867 6124        MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

15:41:31.0937 6124        MMCSS - ok

15:41:31.0987 6124        Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

15:41:32.0057 6124        Modem - ok

15:41:32.0147 6124        monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

15:41:32.0207 6124        monitor - ok

15:41:32.0277 6124        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

15:41:32.0307 6124        mouclass - ok

15:41:32.0447 6124        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

15:41:32.0477 6124        mouhid - ok

15:41:32.0567 6124        mountmgr        (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

15:41:32.0617 6124        mountmgr - ok

15:41:32.0927 6124        MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

15:41:32.0987 6124        MozillaMaintenance - ok

15:41:33.0127 6124        mpio            (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\drivers\mpio.sys

15:41:33.0167 6124        mpio - ok

15:41:33.0227 6124        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

15:41:33.0267 6124        mpsdrv - ok

15:41:33.0597 6124        MpsSvc          (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll

15:41:33.0687 6124        MpsSvc - ok

15:41:33.0747 6124        MRxDAV          (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

15:41:33.0797 6124        MRxDAV - ok

15:41:33.0887 6124        mrxsmb          (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys

15:41:33.0957 6124        mrxsmb - ok

15:41:34.0157 6124        mrxsmb10        (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys

15:41:34.0227 6124        mrxsmb10 - ok

15:41:34.0287 6124        mrxsmb20        (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys

15:41:34.0347 6124        mrxsmb20 - ok

15:41:34.0457 6124        msahci          (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\drivers\msahci.sys

15:41:34.0487 6124        msahci - ok

15:41:34.0527 6124        msdsm           (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\drivers\msdsm.sys

15:41:34.0547 6124        msdsm - ok

15:41:34.0607 6124        MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

15:41:34.0697 6124        MSDTC - ok

15:41:34.0797 6124        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

15:41:34.0827 6124        Msfs - ok

15:41:34.0847 6124        mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

15:41:34.0907 6124        mshidkmdf - ok

15:41:34.0937 6124        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

15:41:34.0957 6124        msisadrv - ok

15:41:35.0077 6124        MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

15:41:35.0147 6124        MSiSCSI - ok

15:41:35.0157 6124        msiserver - ok

15:41:35.0207 6124        MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

15:41:35.0267 6124        MSKSSRV - ok

15:41:35.0307 6124        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

15:41:35.0357 6124        MSPCLOCK - ok

15:41:35.0377 6124        MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

15:41:35.0437 6124        MSPQM - ok

15:41:35.0587 6124        MsRPC           (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

15:41:35.0617 6124        MsRPC - ok

15:41:35.0737 6124        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

15:41:35.0747 6124        mssmbios - ok

15:41:35.0787 6124        MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

15:41:35.0837 6124        MSTEE - ok

15:41:35.0867 6124        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys

15:41:35.0897 6124        MTConfig - ok

15:41:35.0957 6124        Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

15:41:35.0987 6124        Mup - ok

15:41:36.0067 6124        napagent        (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll

15:41:36.0117 6124        napagent - ok

15:41:36.0257 6124        NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

15:41:36.0317 6124        NativeWifiP - ok

15:41:36.0487 6124        NDIS            (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

15:41:36.0517 6124        NDIS - ok

15:41:36.0697 6124        NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

15:41:36.0767 6124        NdisCap - ok

15:41:36.0837 6124        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

15:41:36.0937 6124        NdisTapi - ok

15:41:37.0077 6124        Ndisuio         (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

15:41:37.0187 6124        Ndisuio - ok

15:41:37.0287 6124        NdisWan         (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

15:41:37.0357 6124        NdisWan - ok

15:41:37.0447 6124        NDProxy         (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

15:41:37.0507 6124        NDProxy - ok

15:41:37.0647 6124        Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll

15:41:37.0707 6124        Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

15:41:37.0707 6124        Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

15:41:37.0817 6124        NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

15:41:37.0897 6124        NetBIOS - ok

15:41:37.0977 6124        NetBT           (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

15:41:38.0087 6124        NetBT - ok

15:41:38.0167 6124        Netlogon        (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

15:41:38.0197 6124        Netlogon - ok

15:41:38.0347 6124        Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

15:41:38.0417 6124        Netman - ok

15:41:38.0547 6124        netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

15:41:38.0647 6124        netprofm - ok

15:41:38.0847 6124        NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

15:41:38.0897 6124        NetTcpPortSharing - ok

15:41:38.0967 6124        nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys

15:41:38.0987 6124        nfrd960 - ok

15:41:39.0157 6124        NlaSvc          (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll

15:41:39.0247 6124        NlaSvc - ok

15:41:39.0987 6124        NOBU            (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

15:41:40.0117 6124        NOBU - ok

15:41:40.0437 6124        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

15:41:40.0497 6124        Npfs - ok

15:41:40.0607 6124        nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

15:41:40.0657 6124        nsi - ok

15:41:40.0697 6124        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

15:41:40.0737 6124        nsiproxy - ok

15:41:41.0527 6124        Ntfs            (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys

15:41:41.0847 6124        Ntfs - ok

15:41:42.0397 6124        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

15:41:42.0447 6124        Null - ok

15:41:42.0587 6124        nvraid          (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys

15:41:42.0617 6124        nvraid - ok

15:41:42.0797 6124        nvstor          (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys

15:41:42.0827 6124        nvstor - ok

15:41:42.0887 6124        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

15:41:42.0907 6124        nv_agp - ok

15:41:42.0997 6124        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

15:41:43.0017 6124        ohci1394 - ok

15:41:43.0327 6124        ose             (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

15:41:43.0357 6124        ose - ok

15:41:44.0297 6124        osppsvc         (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

15:41:44.0657 6124        osppsvc - ok

15:41:45.0127 6124        p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

15:41:45.0187 6124        p2pimsvc - ok

15:41:45.0317 6124        p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

15:41:45.0357 6124        p2psvc - ok

15:41:45.0517 6124        Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys

15:41:45.0537 6124        Parport - ok

15:41:45.0597 6124        partmgr         (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys

15:41:45.0627 6124        partmgr - ok

15:41:45.0797 6124        PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

15:41:45.0837 6124        PcaSvc - ok

15:41:46.0117 6124        pci             (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys

15:41:46.0137 6124        pci - ok

15:41:46.0177 6124        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

15:41:46.0197 6124        pciide - ok

15:41:46.0287 6124        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys

15:41:46.0317 6124        pcmcia - ok

15:41:46.0507 6124        pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

15:41:46.0557 6124        pcw - ok

15:41:46.0947 6124        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

15:41:47.0107 6124        PEAUTH - ok

15:41:47.0697 6124        PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

15:41:47.0757 6124        PerfHost - ok

15:41:48.0347 6124        pla             (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll

15:41:48.0577 6124        pla - ok

15:41:48.0817 6124        PlugPlay        (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll

15:41:48.0977 6124        PlugPlay - ok

15:41:49.0197 6124        PMBDeviceInfoProvider (80e85394d8cd7f84340b1c6f4b9d698f) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe

15:41:49.0217 6124        PMBDeviceInfoProvider - ok

15:41:49.0437 6124        Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll

15:41:49.0487 6124        Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

15:41:49.0487 6124        Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

15:41:49.0557 6124        PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

15:41:49.0637 6124        PNRPAutoReg - ok

15:41:49.0767 6124        PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

15:41:49.0807 6124        PNRPsvc - ok

15:41:49.0927 6124        Point64         (b23f79e41e30ed500586151a9ef27d8f) C:\Windows\system32\DRIVERS\point64.sys

15:41:49.0947 6124        Point64 - ok

15:41:50.0177 6124        PolicyAgent     (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll

15:41:50.0257 6124        PolicyAgent - ok

15:41:50.0397 6124        Power           (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

15:41:50.0457 6124        Power - ok

15:41:50.0557 6124        PptpMiniport    (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

15:41:50.0657 6124        PptpMiniport - ok

15:41:50.0777 6124        Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys

15:41:50.0837 6124        Processor - ok

15:41:50.0897 6124        ProfSvc         (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll

15:41:51.0007 6124        ProfSvc - ok

15:41:51.0067 6124        ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

15:41:51.0087 6124        ProtectedStorage - ok

15:41:51.0177 6124        Psched          (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

15:41:51.0217 6124        Psched - ok

15:41:51.0327 6124        PSI_SVC_2       (a6a7ad767bf5141665f5c675f671b3e1) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

15:41:51.0347 6124        PSI_SVC_2 - ok

15:41:51.0497 6124        PxHlpa64        (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys

15:41:51.0537 6124        PxHlpa64 - ok

15:41:51.0937 6124        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys

15:41:52.0107 6124        ql2300 - ok

15:41:52.0517 6124        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys

15:41:52.0547 6124        ql40xx - ok

15:41:52.0697 6124        QWAVE           (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

15:41:52.0727 6124        QWAVE - ok

15:41:52.0847 6124        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

15:41:52.0907 6124        QWAVEdrv - ok

15:41:52.0977 6124        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

15:41:53.0087 6124        RasAcd - ok

15:41:53.0187 6124        RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

15:41:53.0247 6124        RasAgileVpn - ok

15:41:53.0377 6124        RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

15:41:53.0457 6124        RasAuto - ok

15:41:53.0607 6124        Rasl2tp         (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

15:41:53.0677 6124        Rasl2tp - ok

15:41:54.0387 6124        RasMan          (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll

15:41:54.0457 6124        RasMan - ok

15:41:54.0507 6124        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

15:41:54.0567 6124        RasPppoe - ok

15:41:54.0587 6124        RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

15:41:54.0647 6124        RasSstp - ok

15:41:54.0677 6124        rdbss           (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys

15:41:54.0727 6124        rdbss - ok

15:41:54.0747 6124        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys

15:41:54.0787 6124        rdpbus - ok

15:41:54.0807 6124        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

15:41:54.0847 6124        RDPCDD - ok

15:41:54.0887 6124        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

15:41:54.0937 6124        RDPENCDD - ok

15:41:54.0967 6124        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

15:41:55.0027 6124        RDPREFMP - ok

15:41:55.0157 6124        RDPWD           (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys

15:41:55.0257 6124        RDPWD - ok

15:41:55.0307 6124        rdyboost        (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\Windows\system32\drivers\rdyboost.sys

15:41:55.0327 6124        rdyboost - ok

15:41:55.0347 6124        regi            (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys

15:41:55.0347 6124        regi - ok

15:41:55.0427 6124        RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

15:41:55.0487 6124        RemoteAccess - ok

15:41:55.0587 6124        RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

15:41:55.0667 6124        RemoteRegistry - ok

15:41:55.0787 6124        RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

15:41:55.0837 6124        RFCOMM - ok

15:41:56.0077 6124        rimspci         (fa6abc06b629da29634d31f1fe0347bd) C:\Windows\system32\drivers\rimssne64.sys

15:41:56.0137 6124        rimspci - ok

15:41:56.0377 6124        risdsnpe        (8f8539a7f5c117d4407b2985995671f2) C:\Windows\system32\drivers\risdsne64.sys

15:41:56.0437 6124        risdsnpe - ok

15:41:56.0507 6124        RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

15:41:56.0577 6124        RpcEptMapper - ok

15:41:56.0647 6124        RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

15:41:56.0657 6124        RpcLocator - ok

15:41:56.0817 6124        RpcSs           (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll

15:41:56.0867 6124        RpcSs - ok

15:41:56.0997 6124        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

15:41:57.0067 6124        rspndr - ok

15:41:57.0207 6124        RTHDMIAzAudService (d6d381b76056c668679723938f06f16c) C:\Windows\system32\drivers\RtHDMIVX.sys

15:41:57.0227 6124        RTHDMIAzAudService - ok

15:41:57.0477 6124        s217bus         (b49951a2c8fd81307707443d01936e37) C:\Windows\system32\DRIVERS\s217bus.sys

15:41:57.0497 6124        s217bus - ok

15:41:57.0557 6124        s217mdfl        (58204ec551d1a94d60cac130440f0feb) C:\Windows\system32\DRIVERS\s217mdfl.sys

15:41:57.0587 6124        s217mdfl - ok

15:41:57.0667 6124        s217mdm         (e2b3de89339a7a807520c6063cd146d3) C:\Windows\system32\DRIVERS\s217mdm.sys

15:41:57.0687 6124        s217mdm - ok

15:41:57.0747 6124        s217nd5         (7bc7d18351b846f4544b54db38fb4208) C:\Windows\system32\DRIVERS\s217nd5.sys

15:41:57.0757 6124        s217nd5 - ok

15:41:57.0847 6124        s217obex        (d498b2082f51858f121d4584a7787cd5) C:\Windows\system32\DRIVERS\s217obex.sys

15:41:57.0867 6124        s217obex - ok

15:41:57.0907 6124        s217unic        (43512d0c3a59eb20fda06ce4265a1549) C:\Windows\system32\DRIVERS\s217unic.sys

15:41:57.0927 6124        s217unic - ok

15:41:58.0077 6124        SamSs           (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

15:41:58.0107 6124        SamSs - ok

15:41:58.0197 6124        sbp2port        (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\drivers\sbp2port.sys

15:41:58.0227 6124        sbp2port - ok

15:41:58.0277 6124        SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

15:41:58.0327 6124        SCardSvr - ok

15:41:58.0377 6124        scfilter        (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys

15:41:58.0497 6124        scfilter - ok

15:41:58.0737 6124        Schedule        (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll

15:41:58.0827 6124        Schedule - ok

15:41:58.0857 6124        SCPolicySvc     (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll

15:41:58.0907 6124        SCPolicySvc - ok

15:41:58.0987 6124        sdbus           (2c8d162efaf73abd36d8bcbb6340cae7) C:\Windows\system32\DRIVERS\sdbus.sys

15:41:59.0067 6124        sdbus - ok

15:41:59.0137 6124        SDRSVC          (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll

15:41:59.0227 6124        SDRSVC - ok

15:41:59.0247 6124        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

15:41:59.0307 6124        secdrv - ok

15:41:59.0377 6124        seclogon        (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll

15:41:59.0457 6124        seclogon - ok

15:41:59.0477 6124        SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

15:41:59.0527 6124        SENS - ok

15:41:59.0567 6124        SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

15:41:59.0637 6124        SensrSvc - ok

15:41:59.0697 6124        Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys

15:41:59.0737 6124        Serenum - ok

15:41:59.0957 6124        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys

15:42:00.0007 6124        Serial - ok

15:42:00.0117 6124        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys

15:42:00.0167 6124        sermouse - ok

15:42:00.0247 6124        SessionEnv      (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll

15:42:00.0307 6124        SessionEnv - ok

15:42:00.0397 6124        SFEP            (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys

15:42:00.0467 6124        SFEP - ok

15:42:00.0527 6124        sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

15:42:00.0567 6124        sffdisk - ok

15:42:00.0597 6124        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

15:42:00.0637 6124        sffp_mmc - ok

15:42:00.0647 6124        sffp_sd         (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\drivers\sffp_sd.sys

15:42:00.0687 6124        sffp_sd - ok

15:42:00.0747 6124        sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys

15:42:00.0767 6124        sfloppy - ok

15:42:00.0837 6124        SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

15:42:00.0917 6124        SharedAccess - ok

15:42:01.0167 6124        ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll

15:42:01.0207 6124        ShellHWDetection - ok

15:42:01.0257 6124        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys

15:42:01.0277 6124        SiSRaid2 - ok

15:42:01.0387 6124        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys

15:42:01.0417 6124        SiSRaid4 - ok

15:42:01.0467 6124        Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

15:42:01.0537 6124        Smb - ok

15:42:01.0617 6124        SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

15:42:01.0647 6124        SNMPTRAP - ok

15:42:01.0967 6124        SOHCImp         (c3e69db0a4e59564230e053232f39ac7) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe

15:42:01.0997 6124        SOHCImp - ok

15:42:02.0217 6124        SOHDms          (65cc4779a29c3e82b987bd4961790dff) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe

15:42:02.0267 6124        SOHDms - ok

15:42:02.0297 6124        SOHDs           (f47d75cee1844eef4a9ea6ee768828fb) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe

15:42:02.0317 6124        SOHDs - ok

15:42:02.0537 6124        Sony PC Companion (5177d14a78e60fd61dcfc6b388e7e971) C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe

15:42:02.0567 6124        Sony PC Companion - ok

15:42:02.0977 6124        SpfService      (5449fc97476f52e027409e703791e6a9) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe

15:42:03.0017 6124        SpfService - ok

15:42:03.0097 6124        spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

15:42:03.0107 6124        spldr - ok

15:42:03.0327 6124        Spooler         (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe

15:42:03.0387 6124        Spooler - ok

15:42:03.0777 6124        sppsvc          (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe

15:42:03.0907 6124        sppsvc - ok

15:42:04.0247 6124        sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

15:42:04.0307 6124        sppuinotify - ok

15:42:04.0437 6124        srv             (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys

15:42:04.0507 6124        srv - ok

15:42:04.0647 6124        srv2            (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys

15:42:04.0677 6124        srv2 - ok

15:42:04.0807 6124        srvnet          (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys

15:42:04.0857 6124        srvnet - ok

15:42:04.0997 6124        SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

15:42:05.0127 6124        SSDPSRV - ok

15:42:05.0177 6124        SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

15:42:05.0207 6124        SstpSvc - ok

15:42:05.0397 6124        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys

15:42:05.0437 6124        stexstor - ok

15:42:05.0517 6124        stisvc          (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll

15:42:05.0567 6124        stisvc - ok

15:42:05.0597 6124        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

15:42:05.0607 6124        swenum - ok

15:42:05.0707 6124        swprv           (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

15:42:05.0757 6124        swprv - ok

15:42:06.0057 6124        SysMain         (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll

15:42:06.0157 6124        SysMain - ok

15:42:06.0387 6124        TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll

15:42:06.0427 6124        TabletInputService - ok

15:42:06.0617 6124        TapiSrv         (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll

15:42:06.0707 6124        TapiSrv - ok

15:42:06.0747 6124        TBS             (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

15:42:06.0797 6124        TBS - ok

15:42:06.0977 6124        Tcpip           (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys

15:42:07.0067 6124        Tcpip - ok

15:42:07.0627 6124        TCPIP6          (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys

15:42:07.0667 6124        TCPIP6 - ok

15:42:07.0877 6124        tcpipreg        (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys

15:42:07.0937 6124        tcpipreg - ok

15:42:07.0977 6124        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

15:42:08.0067 6124        TDPIPE - ok

15:42:08.0127 6124        TDTCP           (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys

15:42:08.0177 6124        TDTCP - ok

15:42:08.0217 6124        tdx             (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys

15:42:08.0277 6124        tdx - ok

15:42:08.0387 6124        TermDD          (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys

15:42:08.0407 6124        TermDD - ok

15:42:08.0857 6124        TermService     (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll

15:42:08.0937 6124        TermService - ok

15:42:09.0047 6124        Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

15:42:09.0077 6124        Themes - ok

15:42:09.0117 6124        THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

15:42:09.0147 6124        THREADORDER - ok

15:42:09.0237 6124        TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

15:42:09.0297 6124        TrkWks - ok

15:42:09.0497 6124        truecrypt       (c6a1a2b4e8a7b92c11ca038369bd7dbe) C:\Windows\syswow64\drivers\truecrypt.sys

15:42:09.0517 6124        truecrypt - ok

15:42:09.0557 6124        TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe

15:42:09.0597 6124        TrustedInstaller - ok

15:42:09.0677 6124        tssecsrv        (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys

15:42:09.0717 6124        tssecsrv - ok

15:42:09.0757 6124        tunnel          (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys

15:42:09.0827 6124        tunnel - ok

15:42:09.0857 6124        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys

15:42:09.0887 6124        uagp35 - ok

15:42:09.0967 6124        uCamMonitor     (63f6d08c54d5b3c1b12a6172032055c7) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

15:42:09.0987 6124        uCamMonitor - ok

15:42:10.0037 6124        udfs            (0e5e962b5649d544be54e8c90761ea2b) C:\Windows\system32\DRIVERS\udfs.sys

15:42:10.0117 6124        udfs - ok

15:42:10.0147 6124        UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

15:42:10.0167 6124        UI0Detect - ok

15:42:10.0207 6124        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

15:42:10.0217 6124        uliagpkx - ok

15:42:10.0297 6124        umbus           (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys

15:42:10.0337 6124        umbus - ok

15:42:10.0377 6124        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys

15:42:10.0387 6124        UmPass - ok

15:42:10.0667 6124        UNS             (11a559e0f10cc5e788984023df400a6f) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

15:42:10.0767 6124        UNS - ok

15:42:10.0917 6124        upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

15:42:10.0977 6124        upnphost - ok

15:42:11.0067 6124        usbccgp         (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys

15:42:11.0127 6124        usbccgp - ok

15:42:11.0187 6124        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

15:42:11.0237 6124        usbcir - ok

15:42:11.0277 6124        usbehci         (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys

15:42:11.0297 6124        usbehci - ok

15:42:11.0347 6124        usbhub          (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys

15:42:11.0397 6124        usbhub - ok

15:42:11.0427 6124        usbohci         (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys

15:42:11.0447 6124        usbohci - ok

15:42:11.0487 6124        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

15:42:11.0527 6124        usbprint - ok

15:42:11.0557 6124        usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

15:42:11.0577 6124        usbscan - ok

15:42:11.0607 6124        USBSTOR         (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS

15:42:11.0697 6124        USBSTOR - ok

15:42:11.0727 6124        usbuhci         (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys

15:42:11.0757 6124        usbuhci - ok

15:42:11.0857 6124        usbvideo        (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys

15:42:11.0937 6124        usbvideo - ok

15:42:11.0967 6124        UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

15:42:11.0997 6124        UxSms - ok

15:42:12.0107 6124        VAIO Event Service (a60605fc66552b421ee1f3d4ebb9a4e0) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe

15:42:12.0117 6124        VAIO Event Service - ok

15:42:12.0307 6124        VAIO Power Management (d469be2723f79cf4b384680b1fdc577d) C:\Program Files\Sony\VAIO Power Management\SPMService.exe

15:42:12.0337 6124        VAIO Power Management - ok

15:42:12.0417 6124        VaultSvc        (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

15:42:12.0427 6124        VaultSvc - ok

15:42:12.0517 6124        VBTUSB          (70a90412f0ae18021794a0754c2d6299) C:\Windows\system32\Drivers\VBTUSB.sys

15:42:12.0527 6124        VBTUSB ( UnsignedFile.Multi.Generic ) - warning

15:42:12.0527 6124        VBTUSB - detected UnsignedFile.Multi.Generic (1)

15:42:12.0677 6124        VCFw            (96efa2698d6b9e2931609a3ea73fc5dc) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe

15:42:12.0697 6124        VCFw - ok

15:42:12.0857 6124        VcmIAlzMgr      (7bebf6a5285ffc03c34a7297a4e177cb) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe

15:42:12.0917 6124        VcmIAlzMgr - ok

15:42:12.0967 6124        VcmINSMgr       (e005b04dfca99f5880c5111933194ca9) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe

15:42:12.0997 6124        VcmINSMgr - ok

15:42:13.0097 6124        VcmXmlIfHelper  (829a32fd1334f72429ca0515760eb7a7) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe

15:42:13.0107 6124        VcmXmlIfHelper - ok

15:42:13.0207 6124        VCService       (d347d3abe070aa09c22fc37121555d52) C:\Program Files\Sony\VAIO Care\VCService.exe

15:42:13.0217 6124        VCService - ok

15:42:13.0447 6124        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

15:42:13.0457 6124        vdrvroot - ok

15:42:13.0527 6124        vds             (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe

15:42:13.0547 6124        vds - ok

15:42:13.0597 6124        vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

15:42:13.0637 6124        vga - ok

15:42:13.0637 6124        VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

15:42:13.0707 6124        VgaSave - ok

15:42:13.0757 6124        vhdmp           (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys

15:42:13.0787 6124        vhdmp - ok

15:42:13.0827 6124        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

15:42:13.0837 6124        viaide - ok

15:42:13.0887 6124        volmgr          (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys

15:42:13.0907 6124        volmgr - ok

15:42:13.0987 6124        volmgrx         (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys

15:42:14.0037 6124        volmgrx - ok

15:42:14.0127 6124        volsnap         (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys

15:42:14.0147 6124        volsnap - ok

15:42:14.0267 6124        vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys

15:42:14.0287 6124        vsmraid - ok

15:42:14.0777 6124        VSNService      (a7eb62c664a03901165290a714bd48d0) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe

15:42:14.0807 6124        VSNService ( UnsignedFile.Multi.Generic ) - warning

15:42:14.0807 6124        VSNService - detected UnsignedFile.Multi.Generic (1)

15:42:14.0967 6124        VSS             (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe

15:42:15.0007 6124        VSS - ok

15:42:15.0247 6124        VUAgent         (d62d16e057be87f5b84a54d1b83822c4) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe

15:42:15.0277 6124        VUAgent - ok

15:42:15.0487 6124        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

15:42:15.0497 6124        vwifibus - ok

15:42:15.0537 6124        vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

15:42:15.0597 6124        vwififlt - ok

15:42:15.0667 6124        W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

15:42:15.0707 6124        W32Time - ok

15:42:15.0737 6124        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys

15:42:15.0767 6124        WacomPen - ok

15:42:15.0837 6124        WANARP          (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

15:42:15.0877 6124        WANARP - ok

15:42:15.0877 6124        Wanarpv6        (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

15:42:15.0917 6124        Wanarpv6 - ok

15:42:16.0067 6124        wbengine        (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe

15:42:16.0137 6124        wbengine - ok

15:42:16.0297 6124        WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

15:42:16.0327 6124        WbioSrvc - ok

15:42:16.0377 6124        wcncsvc         (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll

15:42:16.0457 6124        wcncsvc - ok

15:42:16.0487 6124        WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

15:42:16.0547 6124        WcsPlugInService - ok

15:42:16.0607 6124        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys

15:42:16.0617 6124        Wd - ok

15:42:16.0707 6124        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

15:42:16.0737 6124        Wdf01000 - ok

15:42:16.0757 6124        WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

15:42:16.0797 6124        WdiServiceHost - ok

15:42:16.0797 6124        WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

15:42:16.0817 6124        WdiSystemHost - ok

15:42:16.0867 6124        WebClient       (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll

15:42:16.0917 6124        WebClient - ok

15:42:16.0977 6124        Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

15:42:17.0027 6124        Wecsvc - ok

15:42:17.0077 6124        wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

15:42:17.0137 6124        wercplsupport - ok

15:42:17.0187 6124        WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

15:42:17.0237 6124        WerSvc - ok

15:42:17.0417 6124        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

15:42:17.0457 6124        WfpLwf - ok

15:42:17.0537 6124        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

15:42:17.0557 6124        WIMMount - ok

15:42:17.0737 6124        WinDefend - ok

15:42:17.0747 6124        WinHttpAutoProxySvc - ok

15:42:18.0027 6124        Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

15:42:18.0087 6124        Winmgmt - ok

15:42:18.0587 6124        WinRM           (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll

15:42:18.0717 6124        WinRM - ok

15:42:18.0887 6124        WinUsb          (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys

15:42:18.0907 6124        WinUsb - ok

15:42:18.0987 6124        Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

15:42:19.0017 6124        Wlansvc - ok

15:42:19.0057 6124        WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

15:42:19.0067 6124        WmiAcpi - ok

15:42:19.0127 6124        wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

15:42:19.0177 6124        wmiApSrv - ok

15:42:19.0227 6124        WMPNetworkSvc - ok

15:42:19.0267 6124        WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

15:42:19.0317 6124        WPCSvc - ok

15:42:19.0337 6124        WPDBusEnum      (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll

15:42:19.0397 6124        WPDBusEnum - ok

15:42:19.0417 6124        ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

15:42:19.0477 6124        ws2ifsl - ok

15:42:19.0527 6124        wscsvc          (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll

15:42:19.0597 6124        wscsvc - ok

15:42:19.0597 6124        WSearch - ok

15:42:19.0767 6124        wuauserv        (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll

15:42:19.0837 6124        wuauserv - ok

15:42:19.0997 6124        WudfPf          (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys

15:42:20.0037 6124        WudfPf - ok

15:42:20.0267 6124        WUDFRd          (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys

15:42:20.0327 6124        WUDFRd - ok

15:42:20.0357 6124        wudfsvc         (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll

15:42:20.0407 6124        wudfsvc - ok

15:42:20.0447 6124        WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

15:42:20.0497 6124        WwanSvc - ok

15:42:20.0587 6124        yukonw7         (5250193ef8e173aa7491250f00eb367f) C:\Windows\system32\DRIVERS\yk62x64.sys

15:42:20.0597 6124        yukonw7 - ok

15:42:20.0667 6124        MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

15:42:21.0347 6124        \Device\Harddisk0\DR0 - ok

15:42:21.0367 6124        Boot (0x1200)   (afb50ac67b2958360cae28bac7bd7f1b) \Device\Harddisk0\DR0\Partition0

15:42:21.0377 6124        \Device\Harddisk0\DR0\Partition0 - ok

15:42:21.0387 6124        Boot (0x1200)   (8a6dc18ba0564a73262625f882328fae) \Device\Harddisk0\DR0\Partition1

15:42:21.0387 6124        \Device\Harddisk0\DR0\Partition1 - ok

15:42:21.0387 6124        ============================================================

15:42:21.0387 6124        Scan finished

15:42:21.0387 6124        ============================================================

15:42:21.0397 6576        Detected object count: 11

15:42:21.0397 6576        Actual detected object count: 11

15:42:57.0527 6576        hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user

15:42:57.0527 6576        hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

15:42:57.0527 6576        hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user

15:42:57.0527 6576        hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 

15:42:57.0537 6576        HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user

15:42:57.0537 6576        HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 

15:42:57.0537 6576        IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

15:42:57.0537 6576        IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 

15:42:57.0537 6576        igfx ( UnsignedFile.Multi.Generic ) - skipped by user

15:42:57.0537 6576        igfx ( UnsignedFile.Multi.Generic ) - User select action: Skip 

15:42:57.0537 6576        IntcDAud ( UnsignedFile.Multi.Generic ) - skipped by user

15:42:57.0537 6576        IntcDAud ( UnsignedFile.Multi.Generic ) - User select action: Skip 

15:42:57.0537 6576        Megatech-Software-Protection ( UnsignedFile.Multi.Generic ) - skipped by user

15:42:57.0537 6576        Megatech-Software-Protection ( UnsignedFile.Multi.Generic ) - User select action: Skip 

15:42:57.0537 6576        Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

15:42:57.0537 6576        Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

15:42:57.0537 6576        Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

15:42:57.0537 6576        Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

15:42:57.0547 6576        VBTUSB ( UnsignedFile.Multi.Generic ) - skipped by user

15:42:57.0547 6576        VBTUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip 

15:42:57.0547 6576        VSNService ( UnsignedFile.Multi.Generic ) - skipped by user

15:42:57.0547 6576        VSNService ( UnsignedFile.Multi.Generic ) - User select action: Skip 

15:43:14.0663 6920        ============================================================

15:43:14.0663 6920        Scan started

15:43:14.0663 6920        Mode: Manual; SigCheck; TDLFS; 

15:43:14.0663 6920        ============================================================

15:43:15.0630 6920        1394ohci        (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\drivers\1394ohci.sys

15:43:15.0692 6920        1394ohci - ok

15:43:15.0755 6920        6077757b        (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys

15:43:15.0770 6920        6077757b - ok

15:43:15.0989 6920        ACDaemon        (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

15:43:16.0004 6920        ACDaemon - ok

15:43:16.0223 6920        ACPI            (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys

15:43:16.0238 6920        ACPI - ok

15:43:16.0285 6920        AcpiPmi         (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys

15:43:16.0301 6920        AcpiPmi - ok

15:43:16.0597 6920        AdobeActiveFileMonitor8.0 (34400005de52842c4d6d4ee978b4d7ce) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe

15:43:16.0613 6920        AdobeActiveFileMonitor8.0 - ok

15:43:17.0627 6920        AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

15:43:17.0642 6920        AdobeFlashPlayerUpdateSvc - ok

15:43:17.0814 6920        adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys

15:43:17.0845 6920        adp94xx - ok

15:43:18.0656 6920        adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys

15:43:18.0687 6920        adpahci - ok

15:43:18.0843 6920        adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys

15:43:18.0875 6920        adpu320 - ok

15:43:18.0937 6920        AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

15:43:18.0999 6920        AeLookupSvc - ok

15:43:19.0639 6920        AFD             (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys

15:43:19.0670 6920        AFD - ok

15:43:19.0733 6920        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

15:43:19.0748 6920        agp440 - ok

15:43:19.0920 6920        ALG             (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

15:43:19.0951 6920        ALG - ok

15:43:19.0998 6920        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

15:43:20.0013 6920        aliide - ok

15:43:20.0325 6920        AMD External Events Utility (3f9b03b72577a6a7405bf30801cbd159) C:\Windows\system32\atiesrxx.exe

15:43:20.0341 6920        AMD External Events Utility - ok

15:43:20.0419 6920        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

15:43:20.0435 6920        amdide - ok

15:43:20.0700 6920        AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys

15:43:20.0715 6920        AmdK8 - ok

15:43:24.0912 6920        amdkmdag        (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys

15:43:25.0099 6920        amdkmdag - ok

15:43:25.0739 6920        amdkmdap        (dca6e341a4a7c31ea8a14c6166c9b249) C:\Windows\system32\DRIVERS\atikmpag.sys

15:43:25.0770 6920        amdkmdap - ok

15:43:25.0832 6920        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys

15:43:25.0863 6920        AmdPPM - ok

15:43:26.0113 6920        amdsata         (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys

15:43:26.0144 6920        amdsata - ok

15:43:26.0238 6920        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys

15:43:26.0269 6920        amdsbs - ok

15:43:26.0316 6920        amdxata         (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys

15:43:26.0316 6920        amdxata - ok

15:43:26.0628 6920        AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

15:43:26.0643 6920        AntiVirSchedulerService - ok

15:43:26.0721 6920        AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

15:43:26.0737 6920        AntiVirService - ok

15:43:26.0987 6920        ApfiltrService  (2d45f2dfbc3d8f53df7ebeffa8c9bc38) C:\Windows\system32\drivers\Apfiltr.sys

15:43:27.0018 6920        ApfiltrService - ok

15:43:27.0143 6920        AppID           (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

15:43:27.0174 6920        AppID - ok

15:43:27.0283 6920        AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

15:43:27.0345 6920        AppIDSvc - ok

15:43:27.0486 6920        Appinfo         (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll

15:43:27.0501 6920        Appinfo - ok

15:43:27.0579 6920        arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys

15:43:27.0595 6920        arc - ok

15:43:27.0767 6920        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys

15:43:27.0798 6920        arcsas - ok

15:43:27.0829 6920        ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys

15:43:27.0845 6920        ArcSoftKsUFilter - ok

15:43:27.0907 6920        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

15:43:27.0954 6920        AsyncMac - ok

15:43:28.0016 6920        atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

15:43:28.0032 6920        atapi - ok

15:43:28.0640 6920        athr            (cca705cdf038d5bc243203ce4416b345) C:\Windows\system32\DRIVERS\athrx.sys

15:43:28.0718 6920        athr - ok

15:43:34.0740 6920        atikmdag        (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys

15:43:34.0818 6920        atikmdag - ok

15:43:35.0723 6920        AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll

15:43:35.0769 6920        AudioEndpointBuilder - ok

15:43:35.0785 6920        AudioSrv        (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll

15:43:35.0816 6920        AudioSrv - ok

15:43:36.0035 6920        avgntflt        (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys

15:43:36.0050 6920        avgntflt - ok

15:43:36.0175 6920        avipbb          (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys

15:43:36.0191 6920        avipbb - ok

15:43:36.0237 6920        avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys

15:43:36.0253 6920        avkmgr - ok

15:43:36.0378 6920        AxInstSV        (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll

15:43:36.0409 6920        AxInstSV - ok

15:43:37.0345 6920        b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys

15:43:37.0392 6920        b06bdrv - ok

15:43:37.0673 6920        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

15:43:37.0704 6920        b57nd60a - ok

15:43:37.0860 6920        BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

15:43:37.0875 6920        BDESVC - ok

15:43:37.0907 6920        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

15:43:37.0953 6920        Beep - ok

15:43:38.0546 6920        BFE             (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll

15:43:38.0640 6920        BFE - ok

15:43:38.0936 6920        BITS            (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll

15:43:39.0030 6920        BITS - ok

15:43:39.0217 6920        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys

15:43:39.0233 6920        blbdrive - ok

15:43:39.0326 6920        bowser          (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys

15:43:39.0357 6920        bowser - ok

15:43:39.0435 6920        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys

15:43:39.0451 6920        BrFiltLo - ok

15:43:39.0529 6920        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys

15:43:39.0545 6920        BrFiltUp - ok

15:43:39.0685 6920        Browser         (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll

15:43:39.0732 6920        Browser - ok

15:43:39.0997 6920        Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

15:43:40.0028 6920        Brserid - ok

15:43:40.0169 6920        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

15:43:40.0200 6920        BrSerWdm - ok

15:43:40.0231 6920        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

15:43:40.0262 6920        BrUsbMdm - ok

15:43:40.0325 6920        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

15:43:40.0356 6920        BrUsbSer - ok

15:43:40.0403 6920        BthEnum         (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys

15:43:40.0434 6920        BthEnum - ok

15:43:40.0559 6920        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

15:43:40.0590 6920        BTHMODEM - ok

15:43:40.0839 6920        BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

15:43:40.0871 6920        BthPan - ok

15:43:41.0417 6920        BTHPORT         (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\system32\Drivers\BTHport.sys

15:43:41.0463 6920        BTHPORT - ok

15:43:41.0557 6920        bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

15:43:41.0604 6920        bthserv - ok

15:43:41.0744 6920        BTHUSB          (8504842634dd144c075b6b0c982ccec4) C:\Windows\system32\Drivers\BTHUSB.sys

15:43:41.0760 6920        BTHUSB - ok

15:43:41.0885 6920        btwampfl        (59e3510784548c6939c1b3b985c232e3) C:\Windows\system32\drivers\btwampfl.sys

15:43:41.0916 6920        btwampfl - ok

15:43:42.0165 6920        btwaudio        (1872074ed0a3fb22e3f1e3197b984bfa) C:\Windows\system32\drivers\btwaudio.sys

15:43:42.0181 6920        btwaudio - ok

15:43:42.0399 6920        btwavdt         (691cf076c33ab1c3a5b2fd5450300733) C:\Windows\system32\DRIVERS\btwavdt.sys

15:43:42.0415 6920        btwavdt - ok

15:43:42.0930 6920        btwdins         (8ba6e93a182126781952a7895ec1e4b2) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

15:43:42.0992 6920        btwdins - ok

15:43:43.0055 6920        btwl2cap        (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys

15:43:43.0070 6920        btwl2cap - ok

15:43:43.0195 6920        btwrchid        (c9273b20dec8ce38dbce5d29de63c907) C:\Windows\system32\DRIVERS\btwrchid.sys

15:43:43.0211 6920        btwrchid - ok

15:43:43.0289 6920        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

15:43:43.0335 6920        cdfs - ok

15:43:43.0710 6920        cdrom           (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys

15:43:43.0725 6920        cdrom - ok

15:43:43.0897 6920        CertPropSvc     (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll

15:43:43.0959 6920        CertPropSvc - ok

15:43:44.0037 6920        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys

15:43:44.0053 6920        circlass - ok

15:43:44.0381 6920        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

15:43:44.0396 6920        CLFS - ok

15:43:44.0693 6920        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

15:43:44.0708 6920        clr_optimization_v2.0.50727_32 - ok

15:43:44.0849 6920        clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

15:43:44.0864 6920        clr_optimization_v2.0.50727_64 - ok

15:43:45.0098 6920        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

15:43:45.0114 6920        clr_optimization_v4.0.30319_32 - ok

15:43:45.0395 6920        clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

15:43:45.0410 6920        clr_optimization_v4.0.30319_64 - ok

15:43:45.0473 6920        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys

15:43:45.0504 6920        CmBatt - ok

15:43:45.0582 6920        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

15:43:45.0597 6920        cmdide - ok

15:43:45.0707 6920        CNG             (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys

15:43:45.0738 6920        CNG - ok

15:43:45.0816 6920        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys

15:43:45.0831 6920        Compbatt - ok

15:43:45.0909 6920        CompositeBus    (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys

15:43:45.0925 6920        CompositeBus - ok

15:43:45.0925 6920        COMSysApp - ok

15:43:45.0956 6920        crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys

15:43:45.0972 6920        crcdisk - ok

15:43:46.0253 6920        CryptSvc        (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll

15:43:46.0284 6920        CryptSvc - ok

15:43:46.0346 6920        dc3d            (23d4b856725f5fc3c4f410c150ab107b) C:\Windows\system32\DRIVERS\dc3d.sys

15:43:46.0362 6920        dc3d - ok

15:43:46.0502 6920        DcomLaunch      (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll

15:43:46.0565 6920        DcomLaunch - ok

15:43:46.0658 6920        defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

15:43:46.0721 6920        defragsvc - ok

15:43:46.0877 6920        DfsC            (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys

15:43:46.0908 6920        DfsC - ok

15:43:47.0204 6920        Dhcp            (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll

15:43:47.0251 6920        Dhcp - ok

15:43:47.0329 6920        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

15:43:47.0376 6920        discache - ok

15:43:47.0469 6920        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys

15:43:47.0485 6920        Disk - ok

15:43:47.0672 6920        Dnscache        (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll

15:43:47.0703 6920        Dnscache - ok

15:43:48.0327 6920        dot3svc         (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll

15:43:48.0390 6920        dot3svc - ok

15:43:48.0499 6920        Dot4            (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys

15:43:48.0530 6920        Dot4 - ok

15:43:48.0577 6920        Dot4Print       (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys

15:43:48.0593 6920        Dot4Print - ok

15:43:48.0686 6920        dot4usb         (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys

15:43:48.0717 6920        dot4usb - ok

15:43:49.0029 6920        DPS             (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll

15:43:49.0092 6920        DPS - ok

15:43:49.0170 6920        drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

15:43:49.0201 6920        drmkaud - ok

15:43:49.0497 6920        DXGKrnl         (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys

15:43:49.0513 6920        DXGKrnl - ok

15:43:49.0669 6920        EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

15:43:49.0716 6920        EapHost - ok

15:43:51.0759 6920        ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys

15:43:51.0822 6920        ebdrv - ok

15:43:52.0352 6920        EFS             (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe

15:43:52.0383 6920        EFS - ok

15:43:53.0195 6920        ehRecvr         (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe

15:43:53.0226 6920        ehRecvr - ok

15:43:53.0413 6920        ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

15:43:53.0429 6920        ehSched - ok

15:43:54.0193 6920        elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys

15:43:54.0224 6920        elxstor - ok

15:43:54.0255 6920        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

15:43:54.0271 6920        ErrDev - ok

15:43:54.0583 6920        EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

15:43:54.0645 6920        EventSystem - ok

15:43:54.0739 6920        exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

15:43:54.0770 6920        exfat - ok

15:43:54.0942 6920        fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

15:43:54.0989 6920        fastfat - ok

15:43:55.0722 6920        Fax             (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe

15:43:55.0784 6920        Fax - ok

15:43:55.0878 6920        fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys

15:43:55.0893 6920        fdc - ok

15:43:55.0971 6920        fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

15:43:56.0034 6920        fdPHost - ok

15:43:56.0127 6920        FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

15:43:56.0190 6920        FDResPub - ok

15:43:56.0315 6920        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

15:43:56.0346 6920        FileInfo - ok

15:43:56.0377 6920        Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

15:43:56.0408 6920        Filetrace - ok

15:43:56.0736 6920        FLEXnet Licensing Service (abedfd48ac042c6aaad32452e77217a1) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

15:43:56.0767 6920        FLEXnet Licensing Service - ok

15:43:56.0861 6920        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys

15:43:56.0876 6920        flpydisk - ok

15:43:56.0985 6920        FltMgr          (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

15:43:57.0017 6920        FltMgr - ok

15:43:58.0062 6920        FontCache       (97223981a9214f1b4997e9075abb6bf5) C:\Windows\system32\FntCache.dll

15:43:58.0124 6920        FontCache - ok

15:43:58.0358 6920        FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

15:43:58.0374 6920        FontCache3.0.0.0 - ok

15:43:58.0545 6920        FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

15:43:58.0561 6920        FsDepends - ok

15:43:58.0608 6920        Fs_Rec          (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys

15:43:58.0623 6920        Fs_Rec - ok

15:43:58.0717 6920        fvevol          (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys

15:43:58.0733 6920        fvevol - ok

15:43:58.0795 6920        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys

15:43:58.0811 6920        gagp30kx - ok

15:43:58.0873 6920        ggflt           (a4198f2bd8aa592cb90476277a81b5e1) C:\Windows\system32\DRIVERS\ggflt.sys

15:43:58.0889 6920        ggflt - ok

15:43:58.0951 6920        ggsemc          (d266350bdaab9eb6c1aec370eeaaff3a) C:\Windows\system32\DRIVERS\ggsemc.sys

15:43:58.0967 6920        ggsemc - ok

15:43:59.0669 6920        gpsvc           (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll

15:43:59.0747 6920        gpsvc - ok

15:43:59.0856 6920        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

15:43:59.0871 6920        hcw85cir - ok

15:44:00.0137 6920        HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys

15:44:00.0168 6920        HdAudAddService - ok

15:44:00.0355 6920        HDAudBus        (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys

15:44:00.0371 6920        HDAudBus - ok

15:44:00.0433 6920        HECIx64         (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\drivers\HECIx64.sys

15:44:00.0449 6920        HECIx64 - ok

15:44:00.0589 6920        HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys

15:44:00.0605 6920        HidBatt - ok

15:44:00.0823 6920        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys

15:44:00.0854 6920        HidBth - ok

15:44:00.0885 6920        HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys

15:44:00.0901 6920        HidIr - ok

15:44:00.0932 6920        hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

15:44:00.0979 6920        hidserv - ok

15:44:01.0041 6920        HidUsb          (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys

15:44:01.0057 6920        HidUsb - ok

15:44:01.0307 6920        hkmsvc          (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll

15:44:01.0369 6920        hkmsvc - ok

15:44:01.0478 6920        HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll

15:44:01.0525 6920        HomeGroupListener - ok

15:44:01.0743 6920        HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll

15:44:01.0775 6920        HomeGroupProvider - ok

15:44:02.0071 6920        hpqcxs08        (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll

15:44:02.0087 6920        hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning

15:44:02.0087 6920        hpqcxs08 - detected UnsignedFile.Multi.Generic (1)

15:44:02.0165 6920        hpqddsvc        (75cc8c5146a3fb76221a7606628778d5) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll

15:44:02.0180 6920        hpqddsvc ( UnsignedFile.Multi.Generic ) - warning

15:44:02.0180 6920        hpqddsvc - detected UnsignedFile.Multi.Generic (1)

15:44:02.0305 6920        HpSAMD          (0886d440058f203eba0e1825e4355914) C:\Windows\system32\drivers\HpSAMD.sys

15:44:02.0321 6920        HpSAMD - ok

15:44:02.0960 6920        HPSLPSVC        (f37882f128efacefe353e0bae2766909) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL

15:44:03.0023 6920        HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning

15:44:03.0023 6920        HPSLPSVC - detected UnsignedFile.Multi.Generic (1)

15:44:04.0380 6920        HTTP            (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

15:44:04.0442 6920        HTTP - ok

15:44:04.0473 6920        hwpolicy        (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

15:44:04.0520 6920        hwpolicy - ok

15:44:04.0707 6920        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

15:44:04.0723 6920        i8042prt - ok

15:44:04.0926 6920        iaStor          (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\drivers\iaStor.sys

15:44:04.0973 6920        iaStor - ok

15:44:05.0253 6920        IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

15:44:05.0269 6920        IAStorDataMgrSvc - ok

15:44:05.0659 6920        iaStorV         (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys

15:44:05.0690 6920        iaStorV - ok

15:44:05.0831 6920        IDriverT        (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

15:44:05.0831 6920        IDriverT ( UnsignedFile.Multi.Generic ) - warning

15:44:05.0831 6920        IDriverT - detected UnsignedFile.Multi.Generic (1)

15:44:06.0127 6920        idsvc           (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

15:44:06.0158 6920        idsvc - ok

15:44:13.0319 6920        igfx            (2a22ab054f4630d2ef4bab2853f6d5f6) C:\Windows\system32\DRIVERS\igdkmd64.sys

15:44:13.0428 6920        igfx ( UnsignedFile.Multi.Generic ) - warning

15:44:13.0428 6920        igfx - detected UnsignedFile.Multi.Generic (1)

15:44:14.0208 6920        iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys

15:44:14.0223 6920        iirsp - ok

15:44:14.0910 6920        IKEEXT          (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll

15:44:15.0003 6920        IKEEXT - ok

15:44:15.0222 6920        Impcd           (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys

15:44:15.0284 6920        Impcd - ok

15:44:17.0983 6920        IntcAzAudAddService (526e482afb586cb1cdd687869decf686) C:\Windows\system32\drivers\RTKVHD64.sys

15:44:18.0077 6920        IntcAzAudAddService - ok

15:44:20.0167 6920        IntcDAud        (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys

15:44:20.0167 6920        IntcDAud ( UnsignedFile.Multi.Generic ) - warning

15:44:20.0167 6920        IntcDAud - detected UnsignedFile.Multi.Generic (1)

15:44:20.0245 6920        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

15:44:20.0276 6920        intelide - ok

15:44:20.0401 6920        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys

15:44:20.0417 6920        intelppm - ok

15:44:20.0666 6920        IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

15:44:20.0713 6920        IPBusEnum - ok

15:44:20.0885 6920        IpFilterDriver  (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

15:44:20.0947 6920        IpFilterDriver - ok

15:44:21.0680 6920        iphlpsvc        (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll

15:44:21.0774 6920        iphlpsvc - ok

15:44:21.0899 6920        IPMIDRV         (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\drivers\IPMIDrv.sys

15:44:21.0914 6920        IPMIDRV - ok

15:44:22.0164 6920        IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

15:44:22.0211 6920        IPNAT - ok

15:44:22.0273 6920        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

15:44:22.0304 6920        IRENUM - ok

15:44:22.0367 6920        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

15:44:22.0398 6920        isapnp - ok

15:44:22.0679 6920        iScsiPrt        (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\drivers\msiscsi.sys

15:44:22.0694 6920        iScsiPrt - ok

15:44:22.0975 6920        IviRegMgr       (213822072085b5bbad9af30ab577d817) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

15:44:22.0991 6920        IviRegMgr - ok

15:44:23.0100 6920        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

15:44:23.0115 6920        kbdclass - ok

15:44:23.0225 6920        kbdhid          (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys

15:44:23.0256 6920        kbdhid - ok

15:44:23.0318 6920        KeyIso          (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

15:44:23.0334 6920        KeyIso - ok

15:44:23.0396 6920        KSecDD          (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys

15:44:23.0412 6920        KSecDD - ok

15:44:23.0817 6920        KSecPkg         (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys

15:44:23.0833 6920        KSecPkg - ok

15:44:23.0911 6920        ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

15:44:23.0958 6920        ksthunk - ok

15:44:24.0067 6920        KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

15:44:24.0098 6920        KtmRm - ok

15:44:24.0223 6920        LanmanServer    (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll

15:44:24.0254 6920        LanmanServer - ok

15:44:24.0441 6920        LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll

15:44:24.0488 6920        LanmanWorkstation - ok

15:44:24.0535 6920        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

15:44:24.0566 6920        lltdio - ok

15:44:24.0691 6920        lltdsvc         (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

15:44:24.0753 6920        lltdsvc - ok

15:44:24.0800 6920        lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

15:44:24.0863 6920        lmhosts - ok

15:44:25.0253 6920        LMS             (3d23191672d83e90d1cf63927ee98136) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

15:44:25.0268 6920        LMS - ok

15:44:25.0596 6920        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys

15:44:25.0611 6920        LSI_FC - ok

15:44:25.0752 6920        LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys

15:44:25.0767 6920        LSI_SAS - ok

15:44:25.0908 6920        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys

15:44:25.0923 6920        LSI_SAS2 - ok

15:44:25.0986 6920        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys

15:44:26.0017 6920        LSI_SCSI - ok

15:44:26.0220 6920        luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

15:44:26.0282 6920        luafv - ok

15:44:26.0360 6920        MBAMProtector   (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys

15:44:26.0376 6920        MBAMProtector - ok

15:44:27.0546 6920        MBAMService     (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

15:44:27.0608 6920        MBAMService - ok

15:44:27.0795 6920        Mcx2Svc         (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll

15:44:27.0811 6920        Mcx2Svc - ok

15:44:27.0905 6920        megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys

15:44:27.0920 6920        megasas - ok

15:44:28.0326 6920        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys

15:44:28.0357 6920        MegaSR - ok

15:44:28.0497 6920        Megatech-Software-Protection (68b005af0bc4f8823eab5b105a40cc28) C:\Megatech\MProtect\MPSERV.EXE

15:44:28.0513 6920        Megatech-Software-Protection ( UnsignedFile.Multi.Generic ) - warning

15:44:28.0513 6920        Megatech-Software-Protection - detected UnsignedFile.Multi.Generic (1)

15:44:28.0669 6920        MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

15:44:28.0716 6920        MMCSS - ok

15:44:28.0825 6920        Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

15:44:28.0872 6920        Modem - ok

15:44:28.0981 6920        monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

15:44:29.0012 6920        monitor - ok

15:44:29.0059 6920        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

15:44:29.0075 6920        mouclass - ok

15:44:29.0168 6920        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

15:44:29.0199 6920        mouhid - ok

15:44:29.0387 6920        mountmgr        (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

15:44:29.0418 6920        mountmgr - ok

15:44:29.0761 6920        MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

15:44:29.0777 6920        MozillaMaintenance - ok

15:44:29.0933 6920        mpio            (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\drivers\mpio.sys

15:44:29.0964 6920        mpio - ok

15:44:30.0089 6920        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

15:44:30.0151 6920        mpsdrv - ok

15:44:30.0416 6920        MpsSvc          (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll

15:44:30.0494 6920        MpsSvc - ok

15:44:30.0619 6920        MRxDAV          (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

15:44:30.0650 6920        MRxDAV - ok

15:44:31.0227 6920        mrxsmb          (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys

15:44:31.0259 6920        mrxsmb - ok

15:44:31.0399 6920        mrxsmb10        (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys

15:44:31.0430 6920        mrxsmb10 - ok

15:44:31.0508 6920        mrxsmb20        (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys

15:44:31.0524 6920        mrxsmb20 - ok

15:44:31.0617 6920        msahci          (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\drivers\msahci.sys

15:44:31.0633 6920        msahci - ok

15:44:31.0773 6920        msdsm           (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\drivers\msdsm.sys

15:44:31.0789 6920        msdsm - ok

15:44:31.0867 6920        MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

15:44:31.0883 6920        MSDTC - ok

15:44:31.0929 6920        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

15:44:31.0976 6920        Msfs - ok

15:44:32.0007 6920        mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

15:44:32.0085 6920        mshidkmdf - ok

15:44:32.0179 6920        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

15:44:32.0195 6920        msisadrv - ok

15:44:32.0273 6920        MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

15:44:32.0319 6920        MSiSCSI - ok

15:44:32.0335 6920        msiserver - ok

15:44:32.0397 6920        MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

15:44:32.0444 6920        MSKSSRV - ok

15:44:32.0475 6920        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

15:44:32.0507 6920        MSPCLOCK - ok

15:44:32.0538 6920        MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

15:44:32.0616 6920        MSPQM - ok

15:44:32.0819 6920        MsRPC           (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

15:44:32.0850 6920        MsRPC - ok

15:44:32.0943 6920        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

15:44:32.0959 6920        mssmbios - ok

15:44:33.0006 6920        MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

15:44:33.0084 6920        MSTEE - ok

15:44:33.0162 6920        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys

15:44:33.0177 6920        MTConfig - ok

15:44:33.0271 6920        Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

15:44:33.0302 6920        Mup - ok

15:44:33.0427 6920        napagent        (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll

15:44:33.0474 6920        napagent - ok

15:44:33.0645 6920        NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

15:44:33.0677 6920        NativeWifiP - ok

15:44:33.0973 6920        NDIS            (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

15:44:34.0035 6920        NDIS - ok

15:44:34.0082 6920        NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

15:44:34.0113 6920        NdisCap - ok

15:44:34.0160 6920        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

15:44:34.0207 6920        NdisTapi - ok

15:44:34.0332 6920        Ndisuio         (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

15:44:34.0379 6920        Ndisuio - ok

15:44:34.0457 6920        NdisWan         (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

15:44:34.0519 6920        NdisWan - ok

15:44:34.0566 6920        NDProxy         (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

15:44:34.0597 6920        NDProxy - ok

15:44:34.0800 6920        Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll

15:44:34.0815 6920        Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

15:44:34.0815 6920        Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

15:44:34.0971 6920        NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

15:44:35.0003 6920        NetBIOS - ok

15:44:35.0486 6920        NetBT           (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

15:44:35.0533 6920        NetBT - ok

15:44:35.0611 6920        Netlogon        (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

15:44:35.0611 6920        Netlogon - ok

15:44:35.0861 6920        Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

15:44:35.0907 6920        Netman - ok

15:44:36.0095 6920        netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

15:44:36.0173 6920        netprofm - ok

15:44:36.0360 6920        NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

15:44:36.0375 6920        NetTcpPortSharing - ok

15:44:36.0453 6920        nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys

15:44:36.0469 6920        nfrd960 - ok

15:44:36.0703 6920        NlaSvc          (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll

15:44:36.0750 6920        NlaSvc - ok

15:44:41.0445 6920        NOBU            (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

15:44:41.0492 6920        NOBU - ok

15:44:44.0456 6920        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

15:44:44.0503 6920        Npfs - ok

15:44:44.0612 6920        nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

15:44:44.0675 6920        nsi - ok

15:44:44.0753 6920        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

15:44:44.0799 6920        nsiproxy - ok

15:44:49.0074 6920        Ntfs            (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys

15:44:49.0121 6920        Ntfs - ok

15:44:51.0664 6920        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

15:44:51.0742 6920        Null - ok

15:44:51.0960 6920        nvraid          (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys

15:44:51.0991 6920        nvraid - ok

15:44:52.0288 6920        nvstor          (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys

15:44:52.0303 6920        nvstor - ok

15:44:52.0490 6920        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

15:44:52.0506 6920        nv_agp - ok

15:44:52.0662 6920        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

15:44:52.0678 6920        ohci1394 - ok

15:44:52.0927 6920        ose             (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

15:44:52.0943 6920        ose - ok

15:45:00.0322 6920        osppsvc         (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

15:45:00.0400 6920        osppsvc - ok

15:45:01.0897 6920        p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

15:45:01.0944 6920        p2pimsvc - ok

15:45:02.0599 6920        p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

15:45:02.0630 6920        p2psvc - ok

15:45:03.0020 6920        Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys

15:45:03.0052 6920        Parport - ok

15:45:03.0332 6920        partmgr         (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys

15:45:03.0348 6920        partmgr - ok

15:45:03.0410 6920        PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

15:45:03.0442 6920        PcaSvc - ok

15:45:03.0629 6920        pci             (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys

15:45:03.0676 6920        pci - ok

15:45:03.0707 6920        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

15:45:03.0707 6920        pciide - ok

15:45:03.0988 6920        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys

15:45:04.0019 6920        pcmcia - ok

15:45:04.0175 6920        pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

15:45:04.0190 6920        pcw - ok

15:45:04.0799 6920        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

15:45:04.0861 6920        PEAUTH - ok

15:45:05.0641 6920        PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

15:45:05.0672 6920        PerfHost - ok

15:45:08.0262 6920        pla             (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll

15:45:08.0324 6920        pla - ok

15:45:08.0668 6920        PlugPlay        (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll

15:45:08.0699 6920        PlugPlay - ok

15:45:09.0385 6920        PMBDeviceInfoProvider (80e85394d8cd7f84340b1c6f4b9d698f) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe

15:45:09.0385 6920        PMBDeviceInfoProvider - ok

15:45:09.0494 6920        Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll

15:45:09.0494 6920        Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

15:45:09.0494 6920        Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

15:45:09.0572 6920        PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

15:45:09.0619 6920        PNRPAutoReg - ok

15:45:09.0994 6920        PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

15:45:10.0025 6920        PNRPsvc - ok

15:45:10.0212 6920        Point64         (b23f79e41e30ed500586151a9ef27d8f) C:\Windows\system32\DRIVERS\point64.sys

15:45:10.0228 6920        Point64 - ok

15:45:10.0961 6920        PolicyAgent     (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll

15:45:11.0054 6920        PolicyAgent - ok

15:45:11.0398 6920        Power           (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

15:45:11.0476 6920        Power - ok

15:45:11.0616 6920        PptpMiniport    (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

15:45:11.0663 6920        PptpMiniport - ok

15:45:11.0772 6920        Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys

15:45:11.0788 6920        Processor - ok

15:45:12.0349 6920        ProfSvc         (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll

15:45:12.0396 6920        ProfSvc - ok

15:45:12.0412 6920        ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

15:45:12.0427 6920        ProtectedStorage - ok

15:45:13.0004 6920        Psched          (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

15:45:13.0067 6920        Psched - ok

15:45:13.0691 6920        PSI_SVC_2       (a6a7ad767bf5141665f5c675f671b3e1) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

15:45:13.0706 6920        PSI_SVC_2 - ok

15:45:13.0784 6920        PxHlpa64        (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys

15:45:13.0800 6920        PxHlpa64 - ok

15:45:14.0533 6920        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys

15:45:14.0580 6920        ql2300 - ok

15:45:15.0812 6920        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys

15:45:15.0844 6920        ql40xx - ok

15:45:16.0109 6920        QWAVE           (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

15:45:16.0140 6920        QWAVE - ok

15:45:16.0234 6920        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

15:45:16.0249 6920        QWAVEdrv - ok

15:45:16.0312 6920        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

15:45:16.0374 6920        RasAcd - ok

15:45:16.0514 6920        RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

15:45:16.0561 6920        RasAgileVpn - ok

15:45:16.0702 6920        RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

15:45:16.0748 6920        RasAuto - ok

15:45:17.0123 6920        Rasl2tp         (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

15:45:17.0185 6920        Rasl2tp - ok

15:45:17.0950 6920        RasMan          (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll

15:45:17.0996 6920        RasMan - ok

15:45:18.0137 6920        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

15:45:18.0184 6920        RasPppoe - ok

15:45:18.0308 6920        RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

15:45:18.0371 6920        RasSstp - ok

15:45:18.0745 6920        rdbss           (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys

15:45:18.0808 6920        rdbss - ok

15:45:18.0854 6920        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys

15:45:18.0886 6920        rdpbus - ok

15:45:18.0917 6920        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

15:45:18.0964 6920        RDPCDD - ok

15:45:18.0995 6920        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

15:45:19.0042 6920        RDPENCDD - ok

15:45:19.0088 6920        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

15:45:19.0151 6920        RDPREFMP - ok

15:45:19.0229 6920        RDPWD           (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys

15:45:19.0260 6920        RDPWD - ok

15:45:19.0432 6920        rdyboost        (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\Windows\system32\drivers\rdyboost.sys

15:45:19.0463 6920        rdyboost - ok

15:45:19.0572 6920        regi            (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys

15:45:19.0603 6920        regi - ok

15:45:19.0837 6920        RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

15:45:19.0884 6920        RemoteAccess - ok

15:45:20.0399 6920        RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

15:45:20.0446 6920        RemoteRegistry - ok

15:45:20.0602 6920        RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

15:45:20.0633 6920        RFCOMM - ok

15:45:20.0758 6920        rimspci         (fa6abc06b629da29634d31f1fe0347bd) C:\Windows\system32\drivers\rimssne64.sys

15:45:20.0773 6920        rimspci - ok

15:45:20.0898 6920        risdsnpe        (8f8539a7f5c117d4407b2985995671f2) C:\Windows\system32\drivers\risdsne64.sys

15:45:20.0929 6920        risdsnpe - ok

15:45:21.0007 6920        RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

15:45:21.0054 6920        RpcEptMapper - ok

15:45:21.0085 6920        RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

15:45:21.0116 6920        RpcLocator - ok

15:45:21.0584 6920        RpcSs           (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll

15:45:21.0631 6920        RpcSs - ok

15:45:21.0772 6920        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

15:45:21.0834 6920        rspndr - ok

15:45:22.0052 6920        RTHDMIAzAudService (d6d381b76056c668679723938f06f16c) C:\Windows\system32\drivers\RtHDMIVX.sys

15:45:22.0068 6920        RTHDMIAzAudService - ok

15:45:22.0162 6920        s217bus         (b49951a2c8fd81307707443d01936e37) C:\Windows\system32\DRIVERS\s217bus.sys

15:45:22.0177 6920        s217bus - ok

15:45:22.0333 6920        s217mdfl        (58204ec551d1a94d60cac130440f0feb) C:\Windows\system32\DRIVERS\s217mdfl.sys

15:45:22.0364 6920        s217mdfl - ok

15:45:22.0474 6920        s217mdm         (e2b3de89339a7a807520c6063cd146d3) C:\Windows\system32\DRIVERS\s217mdm.sys

15:45:22.0505 6920        s217mdm - ok

15:45:22.0614 6920        s217nd5         (7bc7d18351b846f4544b54db38fb4208) C:\Windows\system32\DRIVERS\s217nd5.sys

15:45:22.0630 6920        s217nd5 - ok

15:45:22.0864 6920        s217obex        (d498b2082f51858f121d4584a7787cd5) C:\Windows\system32\DRIVERS\s217obex.sys

15:45:22.0879 6920        s217obex - ok

15:45:23.0020 6920        s217unic        (43512d0c3a59eb20fda06ce4265a1549) C:\Windows\system32\DRIVERS\s217unic.sys

15:45:23.0035 6920        s217unic - ok

15:45:23.0129 6920        SamSs           (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

15:45:23.0144 6920        SamSs - ok

15:45:23.0300 6920        sbp2port        (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\drivers\sbp2port.sys

15:45:23.0316 6920        sbp2port - ok

15:45:23.0534 6920        SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

15:45:23.0581 6920        SCardSvr - ok

15:45:23.0644 6920        scfilter        (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys

15:45:23.0690 6920        scfilter - ok

15:45:24.0127 6920        Schedule        (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll

15:45:24.0205 6920        Schedule - ok

15:45:24.0486 6920        SCPolicySvc     (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll

15:45:24.0548 6920        SCPolicySvc - ok

15:45:24.0658 6920        sdbus           (2c8d162efaf73abd36d8bcbb6340cae7) C:\Windows\system32\DRIVERS\sdbus.sys

15:45:24.0689 6920        sdbus - ok

15:45:24.0829 6920        SDRSVC          (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll

15:45:24.0845 6920        SDRSVC - ok

15:45:24.0876 6920        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

15:45:24.0907 6920        secdrv - ok

15:45:24.0970 6920        seclogon        (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll

15:45:25.0016 6920        seclogon - ok

15:45:25.0094 6920        SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

15:45:25.0157 6920        SENS - ok

15:45:25.0172 6920        SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

15:45:25.0188 6920        SensrSvc - ok

15:45:25.0204 6920        Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys

15:45:25.0219 6920        Serenum - ok

15:45:25.0250 6920        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys

15:45:25.0266 6920        Serial - ok

15:45:25.0328 6920        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys

15:45:25.0344 6920        sermouse - ok

15:45:25.0406 6920        SessionEnv      (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll

15:45:25.0469 6920        SessionEnv - ok

15:45:25.0531 6920        SFEP            (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys

15:45:25.0562 6920        SFEP - ok

15:45:25.0609 6920        sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

15:45:25.0625 6920        sffdisk - ok

15:45:25.0687 6920        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

15:45:25.0703 6920        sffp_mmc - ok

15:45:25.0781 6920        sffp_sd         (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\drivers\sffp_sd.sys

15:45:25.0796 6920        sffp_sd - ok

15:45:25.0828 6920        sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys

15:45:25.0859 6920        sfloppy - ok

15:45:26.0015 6920        SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

15:45:26.0077 6920        SharedAccess - ok

15:45:26.0218 6920        ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll

15:45:26.0249 6920        ShellHWDetection - ok

15:45:26.0296 6920        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys

15:45:26.0311 6920        SiSRaid2 - ok

15:45:26.0342 6920        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys

15:45:26.0358 6920        SiSRaid4 - ok

15:45:26.0436 6920        Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

15:45:26.0483 6920        Smb - ok

15:45:26.0530 6920        SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

15:45:26.0561 6920        SNMPTRAP - ok

15:45:26.0857 6920        SOHCImp         (c3e69db0a4e59564230e053232f39ac7) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe

15:45:26.0873 6920        SOHCImp - ok

15:45:27.0091 6920        SOHDms          (65cc4779a29c3e82b987bd4961790dff) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe

15:45:27.0107 6920        SOHDms - ok

15:45:27.0169 6920        SOHDs           (f47d75cee1844eef4a9ea6ee768828fb) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe

15:45:27.0185 6920        SOHDs - ok

15:45:27.0388 6920        Sony PC Companion (5177d14a78e60fd61dcfc6b388e7e971) C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe

15:45:27.0403 6920        Sony PC Companion - ok

15:45:27.0637 6920        SpfService      (5449fc97476f52e027409e703791e6a9) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe

15:45:27.0653 6920        SpfService - ok

15:45:27.0684 6920        spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

15:45:27.0715 6920        spldr - ok

15:45:28.0121 6920        Spooler         (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe

15:45:28.0183 6920        Spooler - ok

15:45:29.0072 6920        sppsvc          (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe

15:45:29.0182 6920        sppsvc - ok

15:45:30.0305 6920        sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

15:45:30.0367 6920        sppuinotify - ok

15:45:31.0646 6920        srv             (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys

15:45:31.0693 6920        srv - ok

15:45:32.0021 6920        srv2            (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys

15:45:32.0036 6920        srv2 - ok

15:45:32.0239 6920        srvnet          (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys

15:45:32.0270 6920        srvnet - ok

15:45:32.0754 6920        SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

15:45:32.0816 6920        SSDPSRV - ok

15:45:32.0988 6920        SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

15:45:33.0050 6920        SstpSvc - ok

15:45:33.0144 6920        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys

15:45:33.0160 6920        stexstor - ok

15:45:33.0581 6920        stisvc          (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll

15:45:33.0628 6920        stisvc - ok

15:45:33.0690 6920        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

15:45:33.0706 6920        swenum - ok

15:45:34.0018 6920        swprv           (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

15:45:34.0096 6920        swprv - ok

15:45:34.0891 6920        SysMain         (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll

15:45:34.0985 6920        SysMain - ok

15:45:35.0578 6920        TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll

15:45:35.0609 6920        TabletInputService - ok

15:45:35.0796 6920        TapiSrv         (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll

15:45:35.0843 6920        TapiSrv - ok

15:45:35.0983 6920        TBS             (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

15:45:36.0046 6920        TBS - ok

15:45:37.0528 6920        Tcpip           (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys

15:45:37.0559 6920        Tcpip - ok

15:45:40.0975 6920        TCPIP6          (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys

15:45:41.0069 6920        TCPIP6 - ok

15:45:42.0535 6920        tcpipreg        (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys

15:45:42.0582 6920        tcpipreg - ok

15:45:42.0676 6920        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

15:45:42.0707 6920        TDPIPE - ok

15:45:42.0800 6920        TDTCP           (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys

15:45:42.0847 6920        TDTCP - ok

15:45:43.0034 6920        tdx             (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys

15:45:43.0081 6920        tdx - ok

15:45:43.0175 6920        TermDD          (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys

15:45:43.0190 6920        TermDD - ok

15:45:44.0345 6920        TermService     (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll

15:45:44.0407 6920        TermService - ok

15:45:44.0454 6920        Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

15:45:44.0501 6920        Themes - ok

15:45:44.0594 6920        THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

15:45:44.0641 6920        THREADORDER - ok

15:45:44.0688 6920        TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

15:45:44.0766 6920        TrkWks - ok

15:45:45.0437 6920        truecrypt       (c6a1a2b4e8a7b92c11ca038369bd7dbe) C:\Windows\syswow64\drivers\truecrypt.sys

15:45:45.0468 6920        truecrypt - ok

15:45:45.0889 6920        TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe

15:45:45.0920 6920        TrustedInstaller - ok

15:45:46.0076 6920        tssecsrv        (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys

15:45:46.0139 6920        tssecsrv - ok

15:45:46.0357 6920        tunnel          (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys

15:45:46.0404 6920        tunnel - ok

15:45:46.0498 6920        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys

15:45:46.0513 6920        uagp35 - ok

15:45:46.0981 6920        uCamMonitor     (63f6d08c54d5b3c1b12a6172032055c7) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

15:45:46.0997 6920        uCamMonitor - ok

15:45:47.0293 6920        udfs            (0e5e962b5649d544be54e8c90761ea2b) C:\Windows\system32\DRIVERS\udfs.sys

15:45:47.0340 6920        udfs - ok

15:45:47.0418 6920        UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

15:45:47.0449 6920        UI0Detect - ok

15:45:47.0574 6920        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

15:45:47.0605 6920        uliagpkx - ok

15:45:47.0683 6920        umbus           (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys

15:45:47.0699 6920        umbus - ok

15:45:47.0746 6920        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys

15:45:47.0761 6920        UmPass - ok

15:45:49.0633 6920        UNS             (11a559e0f10cc5e788984023df400a6f) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

15:45:49.0680 6920        UNS - ok

15:45:50.0164 6920        upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

15:45:50.0226 6920        upnphost - ok

15:45:50.0538 6920        usbccgp         (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys

15:45:50.0569 6920        usbccgp - ok

15:45:50.0710 6920        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

15:45:50.0725 6920        usbcir - ok

15:45:50.0788 6920        usbehci         (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys

15:45:50.0803 6920        usbehci - ok

15:45:50.0990 6920        usbhub          (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys

15:45:51.0022 6920        usbhub - ok

15:45:51.0100 6920        usbohci         (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys

15:45:51.0115 6920        usbohci - ok

15:45:51.0193 6920        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

15:45:51.0209 6920        usbprint - ok

15:45:51.0349 6920        usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

15:45:51.0380 6920        usbscan - ok

15:45:51.0505 6920        USBSTOR         (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS

15:45:51.0536 6920        USBSTOR - ok

15:45:51.0630 6920        usbuhci         (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys

15:45:51.0646 6920        usbuhci - ok

15:45:51.0989 6920        usbvideo        (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys

15:45:52.0036 6920        usbvideo - ok

15:45:52.0145 6920        UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

15:45:52.0207 6920        UxSms - ok

15:45:52.0566 6920        VAIO Event Service (a60605fc66552b421ee1f3d4ebb9a4e0) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe

15:45:52.0582 6920        VAIO Event Service - ok

15:45:53.0003 6920        VAIO Power Management (d469be2723f79cf4b384680b1fdc577d) C:\Program Files\Sony\VAIO Power Management\SPMService.exe

15:45:53.0034 6920        VAIO Power Management - ok

15:45:53.0128 6920        VaultSvc        (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe

15:45:53.0143 6920        VaultSvc - ok

15:45:53.0237 6920        VBTUSB          (70a90412f0ae18021794a0754c2d6299) C:\Windows\system32\Drivers\VBTUSB.sys

15:45:53.0237 6920        VBTUSB ( UnsignedFile.Multi.Generic ) - warning

15:45:53.0237 6920        VBTUSB - detected UnsignedFile.Multi.Generic (1)

15:45:53.0814 6920        VCFw            (96efa2698d6b9e2931609a3ea73fc5dc) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe

15:45:53.0845 6920        VCFw - ok

15:45:54.0422 6920        VcmIAlzMgr      (7bebf6a5285ffc03c34a7297a4e177cb) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe

15:45:54.0454 6920        VcmIAlzMgr - ok

15:45:54.0922 6920        VcmINSMgr       (e005b04dfca99f5880c5111933194ca9) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe

15:45:54.0953 6920        VcmINSMgr - ok

15:45:55.0374 6920        VcmXmlIfHelper  (829a32fd1334f72429ca0515760eb7a7) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe

15:45:55.0390 6920        VcmXmlIfHelper - ok

15:45:55.0530 6920        VCService       (d347d3abe070aa09c22fc37121555d52) C:\Program Files\Sony\VAIO Care\VCService.exe

15:45:55.0546 6920        VCService - ok

15:45:56.0060 6920        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

15:45:56.0092 6920        vdrvroot - ok

15:45:56.0279 6920        vds             (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe

15:45:56.0326 6920        vds - ok

15:45:56.0372 6920        vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

15:45:56.0404 6920        vga - ok

15:45:56.0450 6920        VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

15:45:56.0497 6920        VgaSave - ok

15:45:56.0903 6920        vhdmp           (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys

15:45:56.0934 6920        vhdmp - ok

15:45:56.0996 6920        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

15:45:57.0028 6920        viaide - ok

15:45:57.0199 6920        volmgr          (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys

15:45:57.0230 6920        volmgr - ok

15:45:57.0402 6920        volmgrx         (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys

15:45:57.0433 6920        volmgrx - ok

15:45:57.0605 6920        volsnap         (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys

15:45:57.0636 6920        volsnap - ok

15:45:57.0808 6920        vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys

15:45:57.0823 6920        vsmraid - ok

15:45:59.0118 6920        VSNService      (a7eb62c664a03901165290a714bd48d0) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe

15:45:59.0134 6920        VSNService ( UnsignedFile.Multi.Generic ) - warning

15:45:59.0134 6920        VSNService - detected UnsignedFile.Multi.Generic (1)

15:46:00.0038 6920        VSS             (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe

15:46:00.0132 6920        VSS - ok

15:46:01.0801 6920        VUAgent         (d62d16e057be87f5b84a54d1b83822c4) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe

15:46:01.0832 6920        VUAgent - ok

15:46:02.0862 6920        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

15:46:02.0878 6920        vwifibus - ok

15:46:02.0987 6920        vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

15:46:03.0018 6920        vwififlt - ok

15:46:03.0205 6920        W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

15:46:03.0268 6920        W32Time - ok

15:46:03.0330 6920        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys

15:46:03.0346 6920        WacomPen - ok

15:46:03.0439 6920        WANARP          (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

15:46:03.0486 6920        WANARP - ok

15:46:03.0486 6920        Wanarpv6        (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

15:46:03.0517 6920        Wanarpv6 - ok

15:46:04.0796 6920        wbengine        (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe

15:46:04.0859 6920        wbengine - ok

15:46:06.0278 6920        WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

15:46:06.0310 6920        WbioSrvc - ok

15:46:06.0980 6920        wcncsvc         (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll

15:46:07.0012 6920        wcncsvc - ok

15:46:07.0121 6920        WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

15:46:07.0152 6920        WcsPlugInService - ok

15:46:07.0277 6920        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys

15:46:07.0308 6920        Wd - ok

15:46:08.0135 6920        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

15:46:08.0166 6920        Wdf01000 - ok

15:46:08.0291 6920        WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

15:46:08.0322 6920        WdiServiceHost - ok

15:46:08.0322 6920        WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

15:46:08.0353 6920        WdiSystemHost - ok

15:46:08.0665 6920        WebClient       (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll

15:46:08.0712 6920        WebClient - ok

15:46:08.0946 6920        Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

15:46:08.0993 6920        Wecsvc - ok

15:46:09.0118 6920        wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

15:46:09.0180 6920        wercplsupport - ok

15:46:09.0274 6920        WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

15:46:09.0336 6920        WerSvc - ok

15:46:09.0492 6920        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

15:46:09.0554 6920        WfpLwf - ok

15:46:09.0617 6920        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

15:46:09.0632 6920        WIMMount - ok

15:46:09.0742 6920        WinDefend - ok

15:46:09.0757 6920        WinHttpAutoProxySvc - ok

15:46:10.0038 6920        Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

15:46:10.0100 6920        Winmgmt - ok

15:46:12.0082 6920        WinRM           (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll

15:46:12.0144 6920        WinRM - ok

15:46:13.0189 6920        WinUsb          (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys

15:46:13.0220 6920        WinUsb - ok

15:46:13.0829 6920        Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

15:46:13.0891 6920        Wlansvc - ok

15:46:13.0985 6920        WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

15:46:14.0016 6920        WmiAcpi - ok

15:46:14.0390 6920        wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

15:46:14.0422 6920        wmiApSrv - ok

15:46:14.0500 6920        WMPNetworkSvc - ok

15:46:14.0562 6920        WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

15:46:14.0609 6920        WPCSvc - ok

15:46:14.0796 6920        WPDBusEnum      (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll

15:46:14.0827 6920        WPDBusEnum - ok

15:46:14.0858 6920        ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

15:46:14.0905 6920        ws2ifsl - ok

15:46:14.0999 6920        wscsvc          (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll

15:46:15.0046 6920        wscsvc - ok

15:46:15.0046 6920        WSearch - ok

15:46:17.0900 6920        wuauserv        (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll

15:46:18.0041 6920        wuauserv - ok

15:46:19.0195 6920        WudfPf          (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys

15:46:19.0258 6920        WudfPf - ok

15:46:19.0382 6920        WUDFRd          (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys

15:46:19.0429 6920        WUDFRd - ok

15:46:19.0523 6920        wudfsvc         (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll

15:46:19.0601 6920        wudfsvc - ok

15:46:19.0897 6920        WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

15:46:19.0928 6920        WwanSvc - ok

15:46:20.0459 6920        yukonw7         (5250193ef8e173aa7491250f00eb367f) C:\Windows\system32\DRIVERS\yk62x64.sys

15:46:20.0490 6920        yukonw7 - ok

15:46:20.0521 6920        MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

15:46:22.0190 6920        \Device\Harddisk0\DR0 - ok

15:46:22.0237 6920        Boot (0x1200)   (afb50ac67b2958360cae28bac7bd7f1b) \Device\Harddisk0\DR0\Partition0

15:46:22.0237 6920        \Device\Harddisk0\DR0\Partition0 - ok

15:46:22.0253 6920        Boot (0x1200)   (8a6dc18ba0564a73262625f882328fae) \Device\Harddisk0\DR0\Partition1

15:46:22.0268 6920        \Device\Harddisk0\DR0\Partition1 - ok

15:46:22.0268 6920        ============================================================

15:46:22.0268 6920        Scan finished

15:46:22.0268 6920        ============================================================

15:46:22.0284 6908        Detected object count: 11

15:46:22.0284 6908        Actual detected object count: 11

16:21:49.0488 6908        hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user

16:21:49.0488 6908        hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

16:21:49.0488 6908        hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user

16:21:49.0488 6908        hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 

16:21:49.0488 6908        HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user

16:21:49.0488 6908        HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 

16:21:49.0488 6908        IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

16:21:49.0488 6908        IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 

16:21:49.0488 6908        igfx ( UnsignedFile.Multi.Generic ) - skipped by user

16:21:49.0488 6908        igfx ( UnsignedFile.Multi.Generic ) - User select action: Skip 

16:21:49.0488 6908        IntcDAud ( UnsignedFile.Multi.Generic ) - skipped by user

16:21:49.0488 6908        IntcDAud ( UnsignedFile.Multi.Generic ) - User select action: Skip 

16:21:49.0488 6908        Megatech-Software-Protection ( UnsignedFile.Multi.Generic ) - skipped by user

16:21:49.0488 6908        Megatech-Software-Protection ( UnsignedFile.Multi.Generic ) - User select action: Skip 

16:21:49.0488 6908        Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

16:21:49.0488 6908        Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

16:21:49.0504 6908        Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

16:21:49.0504 6908        Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

16:21:49.0504 6908        VBTUSB ( UnsignedFile.Multi.Generic ) - skipped by user

16:21:49.0504 6908        VBTUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip 

16:21:49.0504 6908        VSNService ( UnsignedFile.Multi.Generic ) - skipped by user

16:21:49.0504 6908        VSNService ( UnsignedFile.Multi.Generic ) - User select action: Skip 

16:21:52.0483 5788        Deinitialize success

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Lade dir ComboFix hier herunter auf deinen Desktop.

Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

Code:

ComboFix 12-06-28.03 - Frederik 30.06.2012  13:45:20.1.4 - x64

Microsoft Windows 7 Home Premium   6.1.7600.0.1252.49.1031.18.3950.1628 [GMT 2:00]

ausgeführt von:: c:\users\Frederik\Desktop\ComboFix.exe

AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\Windows Searchqu Toolbar

c:\users\Frederik\Documents\~WRL1058.tmp

.

.

(((((((((((((((((((((((   Dateien erstellt von 2012-05-28 bis 2012-06-30  ))))))))))))))))))))))))))))))

.

.

2012-06-30 11:57 . 2012-06-30 11:57        --------        d-----w-        c:\users\Default\AppData\Local\temp

2012-06-30 11:57 . 2012-06-30 11:57        --------        d-----w-        c:\users\Elfir\AppData\Local\temp

2012-06-29 13:50 . 2012-05-31 04:04        9013136        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{6857072D-66E3-4FDC-B4C0-4C7C0F8E170B}\mpengine.dll

2012-06-27 12:25 . 2012-06-02 22:19        57880        ----a-w-        c:\windows\system32\wuauclt.exe

2012-06-27 12:25 . 2012-06-02 22:19        44056        ----a-w-        c:\windows\system32\wups2.dll

2012-06-27 12:25 . 2012-06-02 22:19        2428952        ----a-w-        c:\windows\system32\wuaueng.dll

2012-06-27 12:25 . 2012-06-02 22:15        2622464        ----a-w-        c:\windows\system32\wucltux.dll

2012-06-27 12:25 . 2012-06-02 22:19        38424        ----a-w-        c:\windows\system32\wups.dll

2012-06-27 12:25 . 2012-06-02 22:19        701976        ----a-w-        c:\windows\system32\wuapi.dll

2012-06-27 12:25 . 2012-06-02 22:15        99840        ----a-w-        c:\windows\system32\wudriver.dll

2012-06-27 12:24 . 2012-06-02 13:19        186752        ----a-w-        c:\windows\system32\wuwebv.dll

2012-06-27 12:24 . 2012-06-02 13:15        36864        ----a-w-        c:\windows\system32\wuapp.exe

2012-06-25 18:00 . 2012-06-25 18:00        --------        d-----w-        c:\program files (x86)\ESET

2012-06-25 17:57 . 2012-06-25 17:57        --------        d-----w-        c:\users\Frederik\AppData\Local\Macromedia

2012-06-25 16:01 . 2012-04-26 05:34        76288        ----a-w-        c:\windows\system32\rdpwsx.dll

2012-06-25 16:01 . 2012-04-26 05:34        149504        ----a-w-        c:\windows\system32\rdpcorekmts.dll

2012-06-25 16:01 . 2012-04-26 05:28        9216        ----a-w-        c:\windows\system32\rdrmemptylst.exe

2012-06-25 16:01 . 2012-05-02 05:32        208896        ----a-w-        c:\windows\system32\profsvc.dll

2012-06-25 15:59 . 2012-05-04 10:52        5505392        ----a-w-        c:\windows\system32\ntoskrnl.exe

2012-06-25 15:59 . 2012-05-04 10:08        3958128        ----a-w-        c:\windows\SysWow64\ntkrnlpa.exe

2012-06-25 15:59 . 2012-05-04 10:08        3902320        ----a-w-        c:\windows\SysWow64\ntoskrnl.exe

2012-06-25 15:59 . 2012-05-15 01:32        3144192        ----a-w-        c:\windows\system32\win32k.sys

2012-06-25 15:58 . 2012-04-28 03:50        204800        ----a-w-        c:\windows\system32\drivers\rdpwd.sys

2012-06-25 15:58 . 2012-04-07 12:18        3213824        ----a-w-        c:\windows\system32\msi.dll

2012-06-25 15:58 . 2012-04-07 11:34        2342400        ----a-w-        c:\windows\SysWow64\msi.dll

2012-06-25 15:58 . 2012-04-24 05:59        1460224        ----a-w-        c:\windows\system32\crypt32.dll

2012-06-25 15:58 . 2012-04-24 04:47        1156608        ----a-w-        c:\windows\SysWow64\crypt32.dll

2012-06-25 15:58 . 2012-04-24 05:59        182272        ----a-w-        c:\windows\system32\cryptsvc.dll

2012-06-25 15:58 . 2012-04-24 05:59        140288        ----a-w-        c:\windows\system32\cryptnet.dll

2012-06-25 15:58 . 2012-04-24 04:47        139264        ----a-w-        c:\windows\SysWow64\cryptsvc.dll

2012-06-25 15:58 . 2012-04-24 04:47        103936        ----a-w-        c:\windows\SysWow64\cryptnet.dll

2012-06-25 15:45 . 2012-06-25 15:45        --------        d-----w-        c:\users\Frederik\AppData\Roaming\Malwarebytes

2012-06-25 15:45 . 2012-06-25 15:45        --------        d-----w-        c:\programdata\Malwarebytes

2012-06-25 15:45 . 2012-06-25 15:45        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware

2012-06-25 15:45 . 2012-04-04 13:56        24904        ----a-w-        c:\windows\system32\drivers\mbam.sys

2012-06-25 00:50 . 2012-06-25 16:18        --------        d-----w-        C:\_OTL

2012-06-03 14:33 . 2012-06-11 20:05        --------        d-----w-        c:\users\Frederik\AppData\Roaming\.minecraft

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-06-25 16:22 . 2012-03-30 10:24        426184        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe

2012-06-25 16:22 . 2011-05-30 10:36        70344        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-05-08 11:56 . 2011-10-15 07:36        98848        ----a-w-        c:\windows\system32\drivers\avgntflt.sys

2012-05-08 11:56 . 2011-10-15 07:36        132832        ----a-w-        c:\windows\system32\drivers\avipbb.sys

2012-05-06 18:14 . 2012-05-06 18:14        2895373        ----a-w-        c:\users\Frederik\AppData\Roaming\Microsoft\Windows\Templates\SetupDJ3.exe

2012-04-18 18:56 . 2012-04-18 18:56        94208        ----a-w-        c:\windows\SysWow64\QuickTimeVR.qtx

2012-04-18 18:56 . 2012-04-18 18:56        69632        ----a-w-        c:\windows\SysWow64\QuickTime.qts

2011-06-19 09:40 . 2011-06-19 09:40        1660147        ----a-w-        c:\program files (x86)\WinRAR.exe

2011-04-12 13:50 . 2011-04-12 13:49        12420392        ----a-w-        c:\program files (x86)\Firefox.exe

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-01-18 18:49        94208        ----a-w-        c:\users\Frederik\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-01-18 18:49        94208        ----a-w-        c:\users\Frederik\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-01-18 18:49        94208        ----a-w-        c:\users\Frederik\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2012-01-18 18:49        94208        ----a-w-        c:\users\Frederik\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]

"Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2012-04-12 445624]

"Spotify Web Helper"="c:\users\Frederik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-05-27 932528]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]

"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2010-05-31 673136]

"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]

"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-06-01 600928]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-20 102400]

"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-05-08 348624]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]

"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]

.

c:\users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\Frederik\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-8 1128224]

HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-23 270336]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 Megatech-Software-Protection;Megatech-Software-Protection;c:\megatech\MProtect\MPSERV.EXE [2007-12-12 36864]

R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 14112]

R3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-25 250056]

R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-06-23 342056]

R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-06-23 39464]

R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-01-06 51584]

R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2011-09-24 13352]

R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-06-24 271872]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-06 129976]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-01-07 45408]

R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-06-20 108400]

R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-06-18 423280]

R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-06-20 67952]

R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]

R3 VBTUSB;VBTUSB.Sys VAIO Bluetooth Driver over USB device;c:\windows\system32\Drivers\VBTUSB.sys [2010-06-17 14848]

R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-06-09 537456]

R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-06-09 384880]

R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-06-09 101232]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-07-12 55856]

S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-10-11 27760]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

S2 6077757b;6077757b;c:\windows\system32\drivers\regi.sys [2007-04-17 14112]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-10-08 202752]

S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]

S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]

S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]

S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-06-01 367456]

S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [2010-06-23 94208]

S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [2010-06-23 78848]

S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]

S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]

S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-05-28 2320920]

S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2010-06-21 575856]

S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-06-17 851824]

S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2010-06-08 836608]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-10-08 6661120]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-10-08 195584]

S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]

S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2010-05-28 56344]

S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-05-28 158976]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 24904]

S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2010-04-26 12032]

S3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-06-06 304496]

S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]

S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2011-09-23 1429608]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2010-05-31 402720]

.

.

--- Andere Dienste/Treiber im Speicher ---

.

*NewlyCreated* - 45505357

*Deregistered* - 45505357

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

hpdevmgmt        REG_MULTI_SZ           hpqcxs08 hpqddsvc

.

Inhalt des "geplante Tasks" Ordners

.

2012-06-30 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 16:22]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2011-12-05 19:17        97792        ----a-w-        c:\users\Frederik\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2011-12-05 19:17        97792        ----a-w-        c:\users\Frederik\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2011-12-05 19:17        97792        ----a-w-        c:\users\Frederik\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2011-12-05 19:17        97792        ----a-w-        c:\users\Frederik\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-05-31 10775584]

"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-05-31 2040352]

"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2010-07-21 2306448]

"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-01-07 2328944]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x1

.

------- Zusätzlicher Suchlauf -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = https://www.google.de/

mLocal Page = 

uInternet Settings,ProxyOverride = <local>

IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: Free YouTube to MP3 Converter - c:\users\Frederik\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000

TCP: DhcpNameServer = 212.18.0.5 212.18.3.5

FF - ProfilePath - c:\users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\

FF - prefs.js: browser.search.defaulturl - 

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

Wow6432Node-HKCU-Run-Facebook Update - c:\users\Frederik\AppData\Local\Facebook\Update\FacebookUpdate.exe

HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe

AddRemove-CraftBukkit - c:\users\Frederik\Desktop\1.2.4 Minecraft-Server\Uninstall.exe

AddRemove-loadtbs-2.1 - c:\users\Frederik\AppData\Roaming\loadtbs\uninstall.exe

.

.

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector]

"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Zeit der Fertigstellung: 2012-06-30  14:02:53

ComboFix-quarantined-files.txt  2012-06-30 12:02

.

Vor Suchlauf: 19 Verzeichnis(se), 321.507.086.336 Bytes frei

Nach Suchlauf: 25 Verzeichnis(se), 321.416.089.600 Bytes frei

.

- - End Of File - - 3D4F8E13EB2D59DF70B2A25A1F3DA749

Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte

aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe - (aswMBR.exe Anleitung)
Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS-Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

Hier das GMER log:

Code:

GMER 1.0.15.15641 - hxxp://www.gmer.net

Rootkit scan 2012-07-03 21:14:35

Windows 6.1.7600  

Running: edk59oct.exe
 
 

---- Registry - GMER 1.0.15 ----
 

Reg   HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0c6076a27abb                                       

Reg   HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0cb38e4d1c5                                       

Reg   HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0cb38e4d1c5@2021a57f526a                          0x58 0xFD 0x39 0xD9 ...

Reg   HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\f07bcbe77cb4                                       

Reg   HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Export                                                ?????g??????os??t????????????????????????????????s??m3??Avira mini-filter driver????????????????s???v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|LPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=fdrespub|Name=@FirewallAPI.dll,-32809|Desc=@FirewallAPI.dll,-32810|EmbedCtxt=@FirewallAPI.dll,-32752|????v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe|Name=McAfee Shared Service Host|?????? ??????s???????????????????-??????????????????01???????????????????????????????6???????????????????????????????????????????????????????????t??????????v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|LPort=5357|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=@FirewallAPI.dll,-32817|Desc=@FirewallAPI.dll,-32818|EmbedCtxt=@FirewallAPI.dll,-32752|???????????????z???z???????????s??t????????x???$???????m??????????????????e1??????????????????????sp????.??????z?????e??????????????????????V

Reg   HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Export                                           ???z??????:????????g80???????x??????????Microsoft????????????????????????????????????????{????????????|?????????????????????6-21-2006??????????????????'?????????????????????????????????????????????u?????????r??????N??????????????????????A??????sP??????????????????????????????te??????????????t?????4??z?????????e??????H??z???s???????????)???????)??Microsoft???????????????????????????????*6to4mp??????????<??v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=143:*|RA6=LocalSubnet|Name=@FirewallAPI.dll,-25076|Desc=@FirewallAPI.dll,-25081|EmbedCtxt=@FirewallAPI.dll,-25000|???????6??z???:??????am?????????????????s?????????????"??Tc????v??????C??????? ??????????????????????????????4332?????z??????????????v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|Profile=Public|ICMP6=128:*|RA6=LocalSubnet|Name=@FirewallAPI.dll,-28546|Desc=@FirewallAPI.dll,-28547|EmbedCtxt=@FirewallAPI.dll,-28502|??API.dll,-28502|?????????????????????????????e???Virtual WiFi Bus Driver?rivers\vwifibus.sys,-257?????????????e??6.???|?????

Reg   HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0c6076a27abb (not active ControlSet)                   

Reg   HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c0cb38e4d1c5 (not active ControlSet)                   

Reg   HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c0cb38e4d1c5@2021a57f526a                              0x58 0xFD 0x39 0xD9 ...

Reg   HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\f07bcbe77cb4 (not active ControlSet)                   

Reg   HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Export                                                    ???n?p???????????????????????????????????0?????s????? 0????????????z?????????d??????s???????????Volume???????????o??BanzaiU??????????h???????????????d??????????? V??m???????????????????????????????????????k????????????V??????????????????????????????l?z??????N??l?????????D?????????????????????n???????????????????????????????????????l?l???????k?&???????k???????????????l????????????:??l??????????machine.inf?????8&20955f15&0?????????k???????????????l???2???????l?l????? ???????k???????????k????????????????????????s?????SLP\HPSLPDEVICE?????? ???????k???????????????????????????????f??? ???????k?????l???????0??L????????? ??????????????l???l???l????????? ???????l?????l???????0????????????&???????????????????????? ???????l?????l???????0?????????????????????l?l????? ???????l???????????i?0?????????????????????????j???????e?????l????? ???????l?????l???????0???????????????????????l???l????? ???????l???????????j?0????????????????????root\rdp_mou???????????????????????????????l????? ???????l?????l???????0????????????&??????

Reg   HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Export                                               ???p?????????s??ep???t?t?t?????????????????????????????????????????????e?????????????????????p??????????????? ???????n???????????o??????????x?X??????????????????????????????????p???o??to????????????????????s??????????????????????????????????????????????????????p???%???????????????p???%??????????kbd101a.dll?dl???????p???6?????????????hpa??PCAT_101KEY????????????????????e????Standbild???? ???????n???????????n??????????R?Y??????????????????7???????????e???????????0???????????e???p?p?p?p?p?p?p?pem??????????????????11?er????????f???????????????h????8???????????h??????????????B??????????????0???1?????????????X??????s???????????????????????????{?{?{??????? ???????n???????????o??????????2?Z????G?????????????s??ep????8??q????????h?????????????7&16e97060&1? ??????????????t???????????????!???????????????t???????????????????????????????????????????????????????????????? ???????n???????????o??????????V?[?????????System32\Drivers\ksecpkg.sys?????????p???0??????Video Save??????????????????????????t????????t??\SystemRoot\sys
 

---- Files - GMER 1.0.15 ----
 

File  C:\Users\Frederik\AppData\Local\Temp\Sony\Sony PC Companion\AutoUpdate\Sony PC Companion_2.10.079_NetStorage.exe  (size mismatch) 688128/0 bytes executable
 

---- EOF - GMER 1.0.15 ----

Das OSAM log:

Code:

Report of OSAM: Autorun Manager v5.0.11926.0

hxxp://www.online-solutions.ru/en/

Saved at 21:27:22 on 03.07.2012
 

OS: Windows 7 Home Premium Edition (Build 7600), 64-bit

Default Browser: Microsoft Corporation Internet Explorer 9.00.8112.16421
 

Scanner Settings

[x] Rootkits detection (hidden registry)

[x] Rootkits detection (hidden files)

[x] Retrieve files information

[x] Check Microsoft signatures
 

Filters

[ ] Trusted entries

[ ] Empty entries

[x] Hidden registry entries (rootkit activity)

[x] Exclusively opened files

[x] Not found files

[x] Files without detailed information

[x] Existing files

[ ] Non-startable services

[ ] Non-startable drivers

[x] Active entries

[x] Disabled entries
 
 

[Common]

-----( %SystemRoot%\Tasks )-----

"Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
 

[Control Panel Objects]

-----( %SystemRoot%\system32 )-----

"igfxcpl.cpl" - "Intel Corporation" - C:\Windows\system32\igfxcpl.cpl

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----

"mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\MLCFG32.CPL

"QuickTime" - "Apple Inc." - C:\Program Files (x86)\QuickTime\QTSystem\QuickTime.cpl
 

[Drivers]

-----( HKLM\SYSTEM\CurrentControlSet\Services )-----

"6077757b" (6077757b) - "InterVideo" - C:\Windows\system32\drivers\regi.sys

"avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys

"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys

"avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys

"catchme" (catchme) - ? - C:\ComboFix\catchme.sys  (File not found)

"igfx" (igfx) - "Intel Corporation" - C:\Windows\System32\DRIVERS\igdkmd64.sys

"Intel(R) Display Audio" (IntcDAud) - "Intel(R) Corporation" - C:\Windows\System32\DRIVERS\IntcDAud.sys

"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys

"PxHlpa64" (PxHlpa64) - "Sonic Solutions" - C:\Windows\System32\Drivers\PxHlpa64.sys

"regi" (regi) - "InterVideo" - C:\Windows\system32\drivers\regi.sys

"truecrypt" (truecrypt) - "TrueCrypt Foundation" - C:\Windows\SysWOW64\drivers\truecrypt.sys

"VBTUSB.Sys VAIO Bluetooth Driver over USB device" (VBTUSB) - "Sony Corporation" - C:\Windows\System32\Drivers\VBTUSB.sys
 

[Explorer]

-----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----

{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -   (File not found | COM-object registry key not found)

{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -   (File not found | COM-object registry key not found)

{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -   (File not found | COM-object registry key not found)

{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -   (File not found | COM-object registry key not found)

-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----

{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll

-----( HKLM\Software\Classes\Protocols\Filter )-----

{807573E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

-----( HKLM\Software\Classes\Protocols\Handler )-----

{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll

{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL

{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL

{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----

{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files (x86)\7-Zip\7-zip.dll

{5E2121EE-0300-11D4-8D3B-444553540000} "Catalyst Context Menu extension" - ? -   (File not found | COM-object registry key not found)

{D66DC78C-4F61-447F-942B-3FB6980118CF} "CInfoTipShellExt Class" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\VISSHE.DLL

{0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll

{506F4668-F13E-4AA1-BB04-B43203AB3CC0} "ImageExtractorShellExt Class" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\VISSHE.DLL

{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\msohevi.dll

{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\msoshext.dll

{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\msoshext.dll

{0875DCB6-C686-4243-9432-ADCCF0B9F2D7} "Microsoft OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\ONFILTER.DLL

{00020D75-0000-0000-C000-000000000046} "Microsoft Outlook" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\MLSHEXT.DLL

{0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\OLKFSTUB.DLL

{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe

{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe

{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll

{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll

{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll

{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe

{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll

{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe
 

[Internet Explorer]

-----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )-----

{555D4D79-4BD2-4094-A395-CFC534424A05} "HP Smart Web Printing" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----

ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)

<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)

-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----

{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\npjpi160_29.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

{67DABFBF-D0AB-41FA-9C46-CC0F21721616} "{67DABFBF-D0AB-41FA-9C46-CC0F21721616}" - ? -   (File not found | COM-object registry key not found) / hxxp://download.divx.com/player/DivXBrowserPlugin.cab

-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----

{BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} "Add to Evernote" - "Evernote Corporation" - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll

{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

{DDE87865-83C5-48c4-8357-2F5B1AA84522} "HP Smart Web Printing ein- oder ausblenden" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

{5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

{FFFDC614-B694-4AE6-AB38-5D6374584B52} "Verknüpfte &OneNote-Notizen" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----

{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

{0347C33E-8762-4905-BF09-768834316C61} "HP Print Enhancer" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} "HP Smart BHO Class" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

{B4F3A835-0E21-4959-BA22-42B3008E02FF} "Office Document Cache Handler" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 

[Logon]

-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----

"desktop.ini" - ? - C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

"Dropbox.lnk" - "Dropbox, Inc." - C:\Users\Frederik\AppData\Roaming\Dropbox\bin\Dropbox.exe  (Shortcut exists | File exists)

-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----

"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

"HP Digital Imaging Monitor.lnk" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe  (Shortcut exists | File exists)

"Bluetooth.lnk" - ? - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe  (Shortcut exists | File not found)

-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----

"Sony PC Companion" - "Sony" - "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background

"Spotify Web Helper" - ? - "C:\Users\Frederik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"  (File found, but it contains no detailed information)

-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----

"StartupPrograms" - ? - rdpclip  (File not found)

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----

"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

"APSDaemon" - "Apple Inc." - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

"HP Software Update" - "Hewlett-Packard" - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

"IAStorIcon" - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

"ISBMgr.exe" - ? - "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"

"Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

"Norton Online Backup" - "Symantec Corporation" - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

"PMBVolumeWatcher" - "Sony Corporation" - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

"QuickTime Task" - "Apple Inc." - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

"StartCCC" - "Advanced Micro Devices, Inc." - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
 

[Services]

-----( HKLM\SYSTEM\CurrentControlSet\Services )-----

"@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll  (File not found)

"@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe"  (File not found)

"Adobe Active File Monitor V8" (AdobeActiveFileMonitor8.0) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe

"Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

"ArcSoft Connect Daemon" (ACDaemon) - "ArcSoft Inc." - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

"Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

"Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

"Bluetooth Service" (btwdins) - "Broadcom Corporation." - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

"CamMonitor" (uCamMonitor) - "ArcSoft, Inc." - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

"FLEXnet Licensing Service" (FLEXnet Licensing Service) - "Acresso Software Inc." - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

"HP CUE DeviceDiscovery Service" (hpqddsvc) - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll

"HP Network Devices Support" (HPSLPSVC) - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL

"hpqcxs08" (hpqcxs08) - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll

"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

"Intel(R) Management & Security Application User Notification Service" (UNS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

"Intel(R) Management and Security Application Local Management Service" (LMS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

"Intel(R) Rapid Storage Technology" (IAStorDataMgrSvc) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

"IviRegMgr" (IviRegMgr) - "InterVideo" - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

"Megatech-Software-Protection" (Megatech-Software-Protection) - ? - C:\Megatech\MProtect\MPSERV.EXE  (File found, but it contains no detailed information)

"Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

"Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

"Net Driver HPZ12" (Net Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZinw12.dll

"Norton Online Backup" (NOBU) - "Symantec Corporation" - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

"Office  Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

"Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

"PMBDeviceInfoProvider" (PMBDeviceInfoProvider) - "Sony Corporation" - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe

"Pml Driver HPZ12" (Pml Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZipm12.dll

"Protexis Licensing V2" (PSI_SVC_2) - "Protexis Inc." - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

"Sony PC Companion" (Sony PC Companion) - "Avanquest Software" - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe

"VAIO Care Performance Service" (SampleCollector) - "Sony Corporation" - C:\Program Files\Sony\VAIO Care\VCPerfService.exe

"VAIO Content Folder Watcher" (VCFw) - "Sony Corporation" - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe

"VAIO Content Metadata Intelligent Analyzing Manager" (VcmIAlzMgr) - "Sony Corporation" - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe

"VAIO Content Metadata Intelligent Network Service Manager" (VcmINSMgr) - "Sony Corporation" - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe

"VAIO Content Metadata XML Interface" (VcmXmlIfHelper) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe

"VAIO Entertainment Common Service" (SpfService) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe

"VAIO Event Service" (VAIO Event Service) - "Sony Corporation" - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe

"VAIO Media plus Content Importer" (SOHCImp) - "Sony Corporation" - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe

"VAIO Media plus Device Searcher" (SOHDs) - "Sony Corporation" - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe

"VAIO Media plus Digital Media Server" (SOHDms) - "Sony Corporation" - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe

"VAIO Power Management" (VAIO Power Management) - "Sony Corporation" - C:\Program Files\Sony\VAIO Power Management\SPMService.exe

"VCService" (VCService) - "Sony Corporation" - C:\Program Files\Sony\VAIO Care\VCService.exe

"VSNService" (VSNService) - "Sony Corporation" - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe

"VUAgent" (VUAgent) - "Sony Corporation" - C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
 

===[ Logfile end ]=========================================[ Logfile end ]===
 

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

und hier noch das von aswMBR

Code:

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software

Run date: 2012-07-03 21:35:44

-----------------------------

21:35:44.939    OS Version: Windows x64 6.1.7600 

21:35:44.939    Number of processors: 4 586 0x2505

21:35:44.939    ComputerName: FREDERIK-VAIO  UserName: Frederik

21:35:46.780    Initialize success

21:35:50.758    AVAST engine defs: 12070300

21:35:57.934    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

21:35:57.950    Disk 0 Vendor: SAMSUNG_ 2AC1 Size: 476940MB BusType: 3

21:35:57.981    Disk 0 MBR read successfully

21:35:57.981    Disk 0 MBR scan

21:35:57.981    Disk 0 Windows 7 default MBR code

21:35:57.996    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        13756 MB offset 2048

21:35:58.012    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 28174336

21:35:58.028    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       463082 MB offset 28379136

21:35:58.074    Disk 0 scanning C:\Windows\system32\drivers

21:36:09.821    Service scanning

21:36:35.499    Modules scanning

21:36:35.499    Disk 0 trace - called modules:

21:36:35.546    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll 

21:36:35.546    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800638e060]

21:36:35.561    3 CLASSPNP.SYS[fffff88001b1043f] -> nt!IofCallDriver -> [0xfffffa8003571b20]

21:36:35.561    5 ACPI.sys[fffff88000f8f781] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800434d050]

21:36:35.577    Scan finished successfully

21:38:28.022    Disk 0 MBR has been saved successfully to "C:\Users\Frederik\Desktop\MBR.dat"

21:38:28.022    The log file has been saved successfully to "C:\Users\Frederik\Desktop\aswMBR.txt"

Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!