| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 7, von meinem Yahoo Account werden scheinbar Spam-Mails verschicktWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
21.10.2014, 16:17
| #1 |
| |  Windows 7, von meinem Yahoo Account werden scheinbar Spam-Mails verschickt Hallo zusammen, ich erhielt heute von mehreren Freunden den Hinweis, dass sie eine Email erhalten haben, die scheinbar von meinem Yahoo Emailaccount kam. Allerdings nicht mit meiner Endung .de sondern mit .com. Die Email erhält ausschließlich einen Link, sonst nichts. Verschiedene Kontakte haben unterschiedliche Links erhalten. Im Verteiler der Email stehen jeweils mehrere Adressaten. Dies sind teilweise Kontakte von mir, teilweise aber auch Emailadressen, mit denen ich mal Emailkontakt hatte. Das ganze trat schon einmal im Juni dieses Jahres auf, woraufhin ich vermutete, dass mein Account bei Yahoo gehackt wurde. Ich änderte damals mein dortiges Passwort und danach war Ruhe. Da das Problem heute wieder auftrat, befürchte ich, dass ich doch Malware oder sonstige Plagegeister auf meinem Rechner habe. Als Schutzprogramm habe ich McAfee Internetsecurity installiert. Könnt Ihr helfen? Hier einige Logfiles: Defogger: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 16:35 on 21/10/2014 (Chris)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-10-2014
Ran by Chris (administrator) on CHRIS-VAIO on 21-10-2014 16:38:47
Running from C:\Users\Chris\Desktop
Loaded Profiles: Chris & UpdatusUser (Available profiles: Chris & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Users\Chris\AppData\LocalLow\Flagfox\IE\FlagfoxUpdater.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(McAfee, Inc.) C:\Program Files\McAfee\VUL\McVulCtr.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\MSM\McSmtFwk.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\McAfee.com\Agent\mcupdate.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\mcupdmgr.exe
(McAfee, Inc.) C:\Program Files\McAfee\MQS\QcShm.exe
(McAfee, Inc.) C:\Program Files\McAfee\VUL\McVulAlert.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\mcinfo.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-03-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-11-21] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [316784 2010-01-15] (Sony Corporation)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [538472 2009-06-17] (Symantec Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [597792 2010-01-21] (Sony Corporation)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-02-09] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-3461466893-888975716-1916642457-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-06-17] (Google Inc.)
HKU\S-1-5-21-3461466893-888975716-1916642457-1001\...\MountPoints2: {faa2d1b3-e211-11e2-803a-f07bcbdfce16} - D:\Setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: [MOBK] -> {3c3f3c1a-9153-7c05-f938-622e7003894d} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.)
ShellIconOverlayIdentifiers: [MOBK2] -> {e6ea1d7d-144e-b977-98c4-84c53c1a69d0} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.)
ShellIconOverlayIdentifiers: [MOBK3] -> {b4caf489-1eec-c617-49ad-8d7088598c06} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.)
BootExecute: autocheck autochk *
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVED&bmod=EU01
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {FD42AB9D-6DC3-4D09-B759-0BC1BCAED841} URL = https://de.search.yahoo.com/search?fr=mcafee&type=A011DE649&p={SearchTerms}
SearchScopes: HKCU - {0166E18D-59B5-46E5-BC35-98170E9AFF8B} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKCU - {0173D216-15FE-4C55-8059-3FD5417D5B7C} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKCU - {25AC93C8-8AFB-41C2-AE29-951815BFEAA9} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {37838F35-F33B-43FF-966B-6C2F81F29222} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {40FCEB9A-88A3-429D-8D6F-9561273B211F} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = https://www.google.com/search?q={searchTerms}&rlz=1I7SVED_deDE398
SearchScopes: HKCU - {BC2A6D13-9B47-4F6E-A7F1-216142CAD8B2} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {E7DD11D1-255F-4AE5-9338-4EAABADBCC7C} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-0/4?satitle={searchTerms}
SearchScopes: HKCU - {F1CDE91D-3B6C-44B4-BAF8-9719505573B7} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=121978d7000000000000002314b77990&r=934
SearchScopes: HKCU - {FD42AB9D-6DC3-4D09-B759-0BC1BCAED841} URL = https://de.search.yahoo.com/search?fr=mcafee&type=A011DE649&p={SearchTerms}
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\Sony\MSS\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Flagfox -> {A02B5E09-122E-4A2D-B996-D997485B8C9E} -> C:\Users\Chris\AppData\LocalLow\Flagfox\IE\Flagfox.dll (Dave G)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} - No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Chris\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF user.js: detected! => C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\searchplugins\softonic.xml
FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\Extensions\2020Player_IKEA@2020Technologies.com [2012-04-15]
FF Extension: softonic.com - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\Extensions\ffxtlbra@softonic.com [2013-12-23]
FF Extension: Flagfox - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\Extensions\info@flagfox.net [2012-03-15]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-11-13]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-11-13]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Chrome:
=======
CHR HomePage: Default -> hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=48&cc=&mi=121978d7000000000000002314b77990
CHR StartupUrls: Default -> "https://www.facebook.com/?ref=logo"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-18]
CHR Extension: (Google-Suche) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-18]
CHR Extension: (SiteAdvisor) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2011-02-08]
CHR Extension: (Flagfox) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ildldcbkkbkhnjghnbidklpepakbepnd [2012-03-15]
CHR Extension: (Google Wallet) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbjlpbcjbhgeeloohnpbcfblhnkhffm [2012-03-14]
CHR Extension: (Google Mail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-18]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-10-16]
CHR HKLM-x32\...\Chrome\Extension: [ildldcbkkbkhnjghnbidklpepakbepnd] - C:\Users\Chris\AppData\LocalLow\Flagfox\CHROME\Flagfox.crx [2012-02-28]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
R2 FlagfoxUpdater; C:\Users\Chris\AppData\LocalLow\Flagfox\IE\FlagfoxUpdater.exe [18432 2012-02-28] () [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MOBKbackup; C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [231224 2010-04-13] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2009-11-25] (Sonic Solutions)
S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2009-11-25] (Sonic Solutions)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-01] (Intel Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [69632 2010-04-08] (Sony Corporation) [File not signed]
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [852336 2010-03-18] (Sony Corporation)
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [845312 2010-08-11] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
S3 AF9035BDA; C:\Windows\System32\DRIVERS\AF15BDA.sys [514144 2009-10-02] (ITETech )
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R1 MOBKFilter; C:\Windows\System32\DRIVERS\MOBK.sys [66040 2010-04-13] (Mozy, Inc.)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-04-18] ()
S3 TVICHW32; C:\Windows\system32\DRIVERS\TVICHW32.SYS [21200 2010-09-21] (EnTech Taiwan)
S3 TVICHW32; C:\Windows\SysWOW64\DRIVERS\TVICHW32.SYS [29536 2010-09-21] (EnTech Taiwan)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-21 16:38 - 2014-10-21 16:39 - 00029926 _____ () C:\Users\Chris\Desktop\FRST.txt
2014-10-21 16:38 - 2014-10-21 16:38 - 00000000 ____D () C:\FRST
2014-10-21 16:37 - 2014-10-21 16:37 - 02110976 _____ (Farbar) C:\Users\Chris\Desktop\FRST64.exe
2014-10-21 16:35 - 2014-10-21 16:35 - 00000472 _____ () C:\Users\Chris\Desktop\defogger_disable.log
2014-10-21 16:35 - 2014-10-21 16:35 - 00000000 _____ () C:\Users\Chris\defogger_reenable
2014-10-21 16:34 - 2014-10-21 16:34 - 00050477 _____ () C:\Users\Chris\Downloads\Defogger.exe
2014-10-21 16:34 - 2014-10-21 16:34 - 00050477 _____ () C:\Users\Chris\Desktop\Defogger.exe
2014-10-21 14:53 - 2014-10-21 15:33 - 00024618 _____ () C:\Users\Chris\Documents\Lasagne Rezept.odt
2014-10-21 14:53 - 2014-10-21 15:33 - 00000119 ____H () C:\Users\Chris\Documents\.~lock.Lasagne Rezept.odt#
2014-10-21 14:25 - 2014-10-21 14:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-10-16 19:37 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 19:37 - 2014-08-29 04:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-16 19:37 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-10-16 19:37 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-10-16 19:37 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-10-16 19:37 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-10-16 19:37 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-10-16 19:37 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-10-16 19:37 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-10-16 19:37 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-10-16 19:37 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-10-16 19:37 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-10-16 19:37 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-10-16 19:37 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-10-16 19:37 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 19:37 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 19:37 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 19:37 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 19:37 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 19:37 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 19:36 - 2014-10-10 04:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-16 19:36 - 2014-10-10 04:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-16 19:36 - 2014-10-10 04:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-16 19:36 - 2014-10-07 04:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 19:36 - 2014-10-07 04:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-16 19:36 - 2014-09-26 00:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 19:36 - 2014-09-26 00:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-16 19:36 - 2014-09-26 00:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 19:36 - 2014-09-26 00:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 19:36 - 2014-09-26 00:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 19:36 - 2014-09-26 00:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 19:36 - 2014-09-26 00:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 19:36 - 2014-09-19 04:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 19:36 - 2014-09-19 03:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 19:36 - 2014-09-19 03:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 19:36 - 2014-09-19 03:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 19:36 - 2014-09-19 03:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 19:36 - 2014-09-19 03:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 19:36 - 2014-09-19 03:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 19:36 - 2014-09-19 03:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-16 19:36 - 2014-09-19 03:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 19:36 - 2014-09-19 03:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 19:36 - 2014-09-19 03:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 19:36 - 2014-09-19 03:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 19:36 - 2014-09-19 03:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 19:36 - 2014-09-19 03:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 19:36 - 2014-09-19 03:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 19:36 - 2014-09-19 03:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 19:36 - 2014-09-19 03:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-16 19:36 - 2014-09-19 03:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 19:36 - 2014-09-19 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-16 19:36 - 2014-09-19 03:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 19:36 - 2014-09-19 03:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 19:36 - 2014-09-19 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-16 19:36 - 2014-09-19 03:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 19:36 - 2014-09-19 03:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-16 19:36 - 2014-09-19 03:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-16 19:36 - 2014-09-19 03:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 19:36 - 2014-09-19 02:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-16 19:36 - 2014-09-19 02:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 19:36 - 2014-09-19 02:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 19:36 - 2014-09-19 02:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-16 19:36 - 2014-09-19 02:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-16 19:36 - 2014-09-19 02:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-16 19:36 - 2014-09-19 02:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-16 19:36 - 2014-09-19 02:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-16 19:36 - 2014-09-19 02:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 19:36 - 2014-09-19 02:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 19:36 - 2014-09-19 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-16 19:36 - 2014-09-19 02:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-16 19:36 - 2014-09-19 02:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 19:36 - 2014-09-19 02:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-16 19:36 - 2014-09-19 02:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 19:36 - 2014-09-19 02:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-16 19:36 - 2014-09-19 02:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 19:36 - 2014-09-19 01:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 19:36 - 2014-09-19 01:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 19:36 - 2014-09-19 01:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 19:36 - 2014-09-19 01:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-16 19:33 - 2014-09-18 04:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 19:33 - 2014-09-18 03:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-16 19:32 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 19:32 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 19:32 - 2014-09-05 04:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 19:32 - 2014-09-05 03:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-16 19:32 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 19:32 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 19:32 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 19:32 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 19:32 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 19:32 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 19:32 - 2014-07-17 04:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 19:32 - 2014-07-17 04:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 19:32 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-16 19:32 - 2014-07-17 03:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-16 19:32 - 2014-07-17 03:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-16 19:32 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 19:32 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 11:03 - 2014-10-15 11:03 - 00000418 _____ () C:\Users\Chris\Downloads\GDA-ORGAcheck 15-10-2014 (1).gda
2014-10-15 11:02 - 2014-10-15 11:02 - 00000418 _____ () C:\Users\Chris\Downloads\GDA-ORGAcheck 15-10-2014.gda
2014-10-01 14:48 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 14:48 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-30 08:10 - 2014-09-30 08:10 - 00001141 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2014-09-29 08:02 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-29 08:02 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-22 21:44 - 2014-09-22 21:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-22 21:43 - 2014-09-22 21:44 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-22 21:43 - 2014-09-22 21:44 - 00000000 ____D () C:\Program Files\iTunes
2014-09-22 21:43 - 2014-09-22 21:44 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-22 21:43 - 2014-09-22 21:43 - 00000000 ____D () C:\Program Files\iPod
2014-09-22 09:51 - 2014-09-22 09:52 - 00000000 ____D () C:\Users\Chris\Documents\2014-09-22 Datensicherung Fotos iPhone
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-21 16:37 - 2010-06-17 07:32 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-21 16:35 - 2010-09-20 20:57 - 00000000 ____D () C:\Users\Chris
2014-10-21 16:27 - 2013-02-28 20:27 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-21 15:10 - 2013-07-21 03:05 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3461466893-888975716-1916642457-1001UA.job
2014-10-21 14:28 - 2010-06-17 07:24 - 01133326 _____ () C:\Windows\WindowsUpdate.log
2014-10-21 14:28 - 2009-07-14 06:45 - 00018928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-21 14:28 - 2009-07-14 06:45 - 00018928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-21 14:23 - 2010-09-20 21:06 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2939C52E-8CED-4836-BCA9-A203DC71A142}
2014-10-21 14:21 - 2010-06-17 07:32 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-21 14:20 - 2014-03-02 18:08 - 00011503 _____ () C:\Windows\setupact.log
2014-10-21 14:20 - 2010-03-26 00:17 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-21 14:20 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-17 20:48 - 2009-07-14 06:45 - 00315136 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-17 20:45 - 2014-05-06 22:46 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-17 20:44 - 2014-03-02 18:08 - 00021108 _____ () C:\Windows\PFRO.log
2014-10-16 21:43 - 2013-08-15 22:54 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 21:37 - 2010-09-20 21:48 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-08 16:31 - 2010-06-17 17:19 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-10-08 16:31 - 2010-06-17 17:19 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-10-08 16:31 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-07 20:57 - 2011-10-06 23:48 - 00000000 ____D () C:\Users\Chris\Documents\Bewerbung
2014-10-02 14:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-10-01 14:39 - 2010-09-20 21:21 - 00000000 ____D () C:\Update
2014-09-30 08:17 - 2010-06-17 07:34 - 00000000 ____D () C:\Program Files\Sony
2014-09-30 08:11 - 2011-04-13 23:58 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation
2014-09-30 08:11 - 2010-03-26 01:44 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-09-30 08:10 - 2010-03-26 00:14 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-30 08:01 - 2014-01-29 15:50 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-30 07:57 - 2013-02-28 20:27 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-29 08:27 - 2013-01-04 12:20 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-29 08:27 - 2011-12-20 09:40 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-22 14:26 - 2011-11-07 20:57 - 00000000 ____D () C:\Program Files\Common Files\McAfee
Some content of TEMP:
====================
C:\Users\Chris\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Chris\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-16 21:11
==================== End Of Log ============================
Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-10-2014
Ran by Chris at 2014-10-21 16:40:02
Running from C:\Users\Chris\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{C23EE7CE-C1A3-4F94-A8F0-9E0AC9C6DE6E}) (Version: 1.1 - Eyeo GmbH)
Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - )
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AIDA Bildschirmschoner (HKLM-x32\...\AIDA Bildschirmschoner_is1) (Version: 1.0 - AIDA Cruises)
AIDAblu Fotoservice 2.9.2 (HKLM-x32\...\aida_blu_is1) (Version: - 1STEIN Corp.)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ALPS ELECTRIC CO., LTD.)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{7BB90344-0647-468E-925A-7F69F7983421}) (Version: 2.0.1.85 - ArcSoft)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.278 - ArcSoft)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version: - AVM Berlin)
Becker Content Manager 5.21.1092 (HKLM-x32\...\Becker Content Manager) (Version: 5.21.1092.0 - HARMAN)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite MFC-J265W (HKLM-x32\...\{FB83EAC4-E3F6-4666-B45B-44522F2344B6}) (Version: 1.0.3.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
Cinergy T Stick MKII V9.06.3.01 (HKLM-x32\...\Cinergy T Stick MKII) (Version: 9.06.3.01 - )
Click to Disc MergeModules x64 (Version: 1.0.14230 - Sony Corporation) Hidden
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.538 - Corel Inc.)
Einstellungen für VAIO-Inhaltsüberwachung (HKLM-x32\...\{23825B69-36DF-4DAD-9CFD-118D11D80F16}) (Version: 2.5.0.13220 - Sony Corporation)
ElsterFormular (HKLM-x32\...\ElsterFormular 12.4.0.7094p) (Version: 15.0.13345 - Landesfinanzdirektion Thüringen)
Evernote (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 3.5.2.1525 - Evernote Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Free Video Flip and Rotate version 2.1.9.822 (HKLM-x32\...\Free Video Flip and Rotate_is1) (Version: 2.1.9.822 - DVDVideoSoft Ltd.)
Free Video to iPhone Converter version 5.0.32.1219 (HKLM-x32\...\Free Video to iPhone Converter_is1) (Version: 5.0.32.1219 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{CCAFF072-4DDB-4846-963D-15F02A8E9472}) (Version: 13.00.0000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.4.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.01.01.1007 - Intel Corporation)
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Java(TM) 6 Update 18 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416018FF}) (Version: 6.0.180 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 12.8.988 - McAfee, Inc.)
McAfee Online Backup (Version: 1.16.4.0 - McAfee, Inc.) Hidden
McAfee Online Backup (x32 Version: - McAfee, Inc.) Hidden
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.143 - McAfee, Inc.)
Media Gallery (HKLM-x32\...\{DD88F979-FA58-41AC-980C-A6E1A82B61D9}) (Version: 1.2.0.15040 - Sony Corporation)
Media Gallery (x32 Version: 1.2.0.15040 - Sony Corporation) Hidden
Media Gallery MergeModules x64 (Version: 1.0.14250 - Sony Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 x64 English (HKLM\...\{F83779DF-E1F5-43A2-A7BE-732F856FADB7}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MSI_SPF_x64 (Version: 1.0.0 - Sony Corporation) Hidden
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MusicStation (HKLM-x32\...\{AB259D46-F851-41B0-9AFA-AED8998AD68A}) (Version: 2.0.4.1199 - Omnifone)
Need for Speed™ SHIFT Demo (HKLM-x32\...\{BBF0A67B-5DBA-452F-9D2E-6F168BC226E5}) (Version: 1.0.0.0 - Electronic Arts)
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.20.0 - Symantec)
NVIDIA 3D Vision Treiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{5DB65884-C963-4454-AABA-4CA3089281FA}) (Version: 9.09.0720 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2702 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
OpenOffice.org 3.2 (HKLM-x32\...\{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}) (Version: 3.2.9502 - OpenOffice.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.4.0 - Frank Heindörfer, Philip Chinery)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pixum Fotobuch (HKLM-x32\...\Pixum Fotobuch) (Version: - )
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.1.02.03310 - Sony Corporation)
PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{88C252C8-A7EE-4B60-BF74-8E5919A8048F}) (Version: 1.2.00.15250 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.2.00.15250 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (Click to Disc) (HKLM-x32\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 3.2.00.16060 - Sony Corporation)
PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.2.00.16060 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Image Optimizer) (HKLM-x32\...\InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}) (Version: 1.2.00.15250 - Sony Corporation)
PMB VAIO Edition plug-in (VAIO Image Optimizer) (x32 Version: 1.2.00.15250 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Movie Story) (HKLM-x32\...\InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 2.2.00.15250 - Sony Corporation)
PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.2.00.15250 - Sony Corporation) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6045 - Realtek Semiconductor Corp.)
Remote Play mit PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.0.0.15090 - Sony Corporation)
Remote Play with PlayStation 3 (x32 Version: 1.0.0.15090 - Sony Corporation) Hidden
Remote-Tastatur mit PlayStation 3 (HKLM-x32\...\{65B138AE-F636-4D4C-BA5D-A06E21E47C53}) (Version: 1.0.0.15190 - Sony Corporation)
Roxio Central Audio (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Copy (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Core (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Data (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Tools (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Easy Media Creator 10 LJ (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3 - Roxio)
Roxio Easy Media Creator Home (x32 Version: 10.3.263 - Roxio) Hidden
Setting Utility Series (HKLM-x32\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 5.2.0.14250 - Sony Corporation)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Sony Home Network Library (HKLM-x32\...\{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}) (Version: 2.1.0.14240 - Sony Corporation)
Sony Home Network Library (x32 Version: 2.1.0.14240 - Sony Corporation) Hidden
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
TeamViewer 6 (HKLM-x32\...\TeamViewer 6) (Version: 6.0.10722 - TeamViewer GmbH)
TerraTec Home Cinema (HKLM-x32\...\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}) (Version: 6.11.5 - )
VAIO Care (HKLM\...\{FDCC09EA-A33E-4639-B1CD-FC1702815FA7}) (Version: 8.4.0.14281 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation)
VAIO Content Monitoring Settings (x32 Version: 2.5.0.13220 - Sony Corporation) Hidden
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.2.0.15020 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.3.0.13150 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.3.0.13150 - Sony Corporation) Hidden
VAIO DVD Menu Data (HKLM-x32\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 2.1.00.15050 - Sony Corporation)
VAIO Energie Verwaltung (HKLM-x32\...\{803E4FA5-A940-4420-B89D-A8BC2E160247}) (Version: 5.1.0.13200 - Sony Corporation)
VAIO Entertainment Platform (HKLM-x32\...\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}) (Version: 3.7.0.16080 - Sony Corporation)
VAIO Entertainment Platform (x32 Version: 3.7.0.16080 - Sony Corporation) Hidden
VAIO Event Service (HKLM-x32\...\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}) (Version: 5.2.0.15020 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.2.1.09131 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.0.0.04160 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 3.9.1 - Sony Corporation) Hidden
VAIO Media plus (HKLM-x32\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 2.1.0.15040 - Sony Corporation)
VAIO Media plus (x32 Version: 2.1.0.15040 - Sony Corporation) Hidden
VAIO Media plus Opening Movie (HKLM-x32\...\{9238E8A4-BEBA-43A3-B926-769BDBF194C5}) (Version: 2.1.0.13220 - Sony Corporation)
VAIO Movie Story MergeModules x64 (Version: 1.0.14240 - Sony Corporation) Hidden
VAIO Movie Story Template Data (HKLM-x32\...\InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 2.2.00.15250 - Sony Corporation)
VAIO Movie Story Template Data (x32 Version: 2.1.00.14040 - Sony Corporation) Hidden
VAIO Original Function Settings (x32 Version: 2.1.0.13120 - Sony Corporation) Hidden
VAIO Original Funktion Einstellungen (HKLM-x32\...\{A63E7492-A0BC-4BB9-89A7-352965222380}) (Version: 2.1.0.13120 - Sony Corporation)
VAIO Premium Partners (HKLM-x32\...\VAIO Premium Partners) (Version: 1.0 - Sony Europe)
VAIO screensaver (HKLM-x32\...\VAIO screensaver) (Version: 1.0.0.0 - Sony Europe)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.3.1.08110 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VAIO Wallpaper Contents (HKLM-x32\...\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}) (Version: 2.1.0.14090 - Sony Corporation)
VAIO Window Organizer (HKLM-x32\...\{6D320CE8-79EB-4D45-8C6D-DEF74D84B49A}) (Version: 2.1.0.13200 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.1.2.06030 - Sony Corporation)
VMp MergeModule x64 (Version: 1.0.0 - Default Company Name) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.3950 - Broadcom Corporation)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8118.427 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
15-09-2014 20:16:51 Windows Update
22-09-2014 09:39:06 Windows-Sicherung
29-09-2014 07:00:46 Windows Update
30-09-2014 06:08:51 Entfernt VAIO Update
30-09-2014 06:10:23 Installiert VAIO Update
01-10-2014 12:57:48 Windows Update
16-10-2014 19:19:21 Geplanter Prüfpunkt
16-10-2014 19:37:08 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0E654A5A-823A-4546-BDDD-419D394E6F41} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-03-01] (Sony Corporation)
Task: {0FB9F9AF-37A4-4FDD-9EFE-A4D617C3CBAB} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {14FE3BA8-577E-4A5C-B984-DFA5801AD757} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {160E50E4-311B-430D-ABDC-D0260BB4E38A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {37F91DD1-28A8-40DF-8075-481823586559} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-19] (Sony Corporation)
Task: {3B861A86-DF81-4C05-8092-114B39311714} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {401E0087-2056-425F-B607-FD48F87BDD24} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-19] (Sony Corporation)
Task: {495B59FA-AC3E-4412-9C37-F4BBB45B474D} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {549623E4-12B3-480D-B8E8-F1154F4166FF} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {5A76D234-DF65-45CD-9F4E-06F550AD83E0} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {62A80739-9705-41B4-B292-25AF9F232C8D} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-19] (Sony Corporation)
Task: {64FD8F1D-7EED-44ED-A500-A3979A389463} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3461466893-888975716-1916642457-1001UA => C:\Users\Chris\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-21] (Facebook Inc.)
Task: {668E7379-85B2-4B8C-8C39-CF804B3BAA73} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-06-17] (Google Inc.)
Task: {7304C4BB-995B-4106-A3B6-2C321E91919E} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {858BCA89-E46E-44E4-AD30-234E178514A2} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {873DCD76-5450-4D47-AC1A-2A6C524E6A91} - System32\Tasks\SONY\Remote Keyboard with PlayStation 3\Remote Keyboard with PlayStation 3 => C:\Program Files\Sony\Remote Keyboard with PlayStation 3\VBTKBUtil.exe [2010-03-21] (Sony Corporation)
Task: {8AEB77C7-5CF3-4B04-AED0-824392422D8B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3461466893-888975716-1916642457-1001Core => C:\Users\Chris\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-21] (Facebook Inc.)
Task: {8D9F8937-9F71-46F2-9184-277C88489697} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-02-27] (Sony Corporation)
Task: {8DF5CA00-146F-476F-9246-1EF631AABA47} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-29] (Adobe Systems Incorporated)
Task: {8EBDF0E2-B8C4-46E7-A721-69AAC3235AD5} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {9606A00B-6622-4E3A-8761-9D5A4B4953A1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-06-17] (Google Inc.)
Task: {987989BB-FF97-472A-909B-68856FE34E85} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {A233F20E-CA9E-4A73-AB2C-A4DC07406C04} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {A782B225-D577-4E4F-A0A2-B3D0DC52B80F} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {B1E08592-1E1D-4767-8D39-3315372B5DE0} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {CF3D961C-D10A-462E-97FB-B4CEF9BB83F4} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {D998E822-EA63-4404-98A2-1647E973F0DA} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-03-01] (Sony Corporation)
Task: {DB1FFEE1-7903-4A45-861A-0E03D2AE94E2} - System32\Tasks\SONY\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2010-10-25] (Sony Corporation)
Task: {ED54D01F-ED60-432F-896C-8628D9BD2189} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {F65C141A-4771-4522-B5D0-0A71A9164228} - System32\Tasks\SONY\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2010-10-25] (Sony Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3461466893-888975716-1916642457-1001Core.job => C:\Users\Chris\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3461466893-888975716-1916642457-1001UA.job => C:\Users\Chris\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2009-09-21 15:04 - 2009-09-21 15:04 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2014-01-31 19:52 - 2013-08-30 00:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-02-28 19:11 - 2012-02-28 19:11 - 00018432 _____ () C:\Users\Chris\AppData\LocalLow\Flagfox\IE\FlagfoxUpdater.exe
2011-07-22 18:29 - 2005-04-22 06:36 - 00143360 ____R () C:\Windows\system32\BrSNMP64.dll
2010-04-13 21:11 - 2010-04-13 21:11 - 00083256 _____ () C:\Program Files (x86)\McAfee Online Backup\librs2.dll
2013-11-01 14:59 - 2013-11-01 14:59 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2014-02-12 21:58 - 2014-02-12 21:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 21:58 - 2014-02-12 21:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-06-17 07:50 - 2010-03-02 16:22 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2010-06-17 07:50 - 2010-03-02 16:22 - 00013312 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
2010-05-04 15:36 - 2010-05-04 15:36 - 00970752 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2010-03-24 21:51 - 2010-10-04 20:24 - 00166400 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll
2011-07-22 18:28 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-09-29 08:41 - 2014-09-23 06:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-29 08:41 - 2014-09-23 06:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-29 08:41 - 2014-09-23 06:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-29 08:41 - 2014-09-23 06:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-29 08:41 - 2014-09-23 06:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
2014-09-29 08:41 - 2014-09-23 06:07 - 14891848 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
========================= Accounts: ==========================
Administrator (S-1-5-21-3461466893-888975716-1916642457-500 - Administrator - Disabled)
Chris (S-1-5-21-3461466893-888975716-1916642457-1001 - Administrator - Enabled) => C:\Users\Chris
Gast (S-1-5-21-3461466893-888975716-1916642457-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3461466893-888975716-1916642457-1002 - Limited - Enabled)
UpdatusUser (S-1-5-21-3461466893-888975716-1916642457-1003 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/21/2014 02:30:37 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "D:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (10/21/2014 02:23:38 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {7aa3ead9-7abb-4bd7-be69-0739ec1a6f5b}
Error: (10/17/2014 09:04:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VCSystemTray.exe, Version: 8.4.0.14200, Zeitstempel: 0x53056230
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000007fe8b7c2ef7
ID des fehlerhaften Prozesses: 0x18d0
Startzeit der fehlerhaften Anwendung: 0xVCSystemTray.exe0
Pfad der fehlerhaften Anwendung: VCSystemTray.exe1
Pfad des fehlerhaften Moduls: VCSystemTray.exe2
Berichtskennung: VCSystemTray.exe3
Error: (10/17/2014 09:04:01 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: VCSystemTray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
bei VDS.Common.MultiDictionary`2[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].<.ctor>b__0(System.__Canon)
bei VDS.RDF.TreeIndexedTripleCollection.Delete(VDS.RDF.Triple)
bei VDS.RDF.Graph.Retract(VDS.RDF.Triple)
bei Solution.InferenceEngineCore.Reasoners.BaseReasoner.RetractSubjectFromContext(VDS.RDF.INode)
bei Solution.InferenceEngineCore.Reasoners.BaseReasoner.UpdateContext(System.String, Boolean)
bei Solution.InferenceEngineCore.InferenceEngine.InferenceEngine.UpdateContext(System.String, Boolean)
bei VAIOCareToolkit.App.CrossModuleCommunication`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].Publish(System.__Canon)
bei VAIOCareToolkit.App.BaseBootstrapper.PluginInitialization(System.ComponentModel.Composition.Hosting.AggregateCatalog)
bei VAIOCareToolkit.App.BaseBootstrapper.InitializePluginsInThread(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart(System.Object)
Error: (10/17/2014 08:54:13 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {1faba8ef-fcf3-4d6d-8dd3-cf3efa174055}
Error: (10/16/2014 08:43:37 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {45d7332d-ebbc-4fc4-8211-c803bbe2f6f9}
Error: (10/16/2014 07:34:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VCSystemTray.exe, Version: 8.4.0.14200, Zeitstempel: 0x53056230
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x5315a05a
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0x1d84
Startzeit der fehlerhaften Anwendung: 0xVCSystemTray.exe0
Pfad der fehlerhaften Anwendung: VCSystemTray.exe1
Pfad des fehlerhaften Moduls: VCSystemTray.exe2
Berichtskennung: VCSystemTray.exe3
Error: (10/16/2014 07:34:19 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: VCSystemTray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ArgumentException
Stapel:
bei VDS.RDF.Parsing.TurtleParser.Load(VDS.RDF.IRdfHandler, System.IO.TextReader)
bei Solution.InferenceEngineCore.Graphs.TerraGraph.LoadFromTurtleString(System.String)
bei Solution.InferenceEngineBL.ModuleInit.GetLanguageFromUserContext(System.String)
bei Solution.InferenceEngineBL.ModuleInit.InitializePostLoadPlugins(VAIOCareToolkit.PubSub.PluginLoadXME)
bei VAIOCareToolkit.App.CrossModuleCommunication`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].Publish(System.__Canon)
bei VAIOCareToolkit.App.BaseBootstrapper.PluginInitialization(System.ComponentModel.Composition.Hosting.AggregateCatalog)
bei VAIOCareToolkit.App.BaseBootstrapper.InitializePluginsInThread(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart(System.Object)
Error: (10/16/2014 07:17:36 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {72804e49-3dbb-46af-95b2-1252b8240717}
Error: (10/15/2014 10:16:47 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "D:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
System errors:
=============
Error: (10/21/2014 02:23:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Roxio Upnp Server 10 erreicht.
Error: (10/21/2014 02:21:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) Rapid Storage Technology" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (10/21/2014 02:21:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) Rapid Storage Technology erreicht.
Error: (10/17/2014 08:55:36 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80242016 fehlgeschlagen: Update für Windows 7 für x64-basierte Systeme (KB2952664)
Error: (10/17/2014 08:54:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Roxio Upnp Server 10 erreicht.
Error: (10/16/2014 08:43:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Roxio Upnp Server 10 erreicht.
Error: (10/16/2014 08:39:03 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (10/16/2014 08:27:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Platform Services" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (10/16/2014 08:27:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee Platform Services erreicht.
Error: (10/16/2014 08:27:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Platform Services" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office Sessions:
=========================
Error: (10/21/2014 02:30:37 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: D:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)
Error: (10/21/2014 02:23:38 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {7aa3ead9-7abb-4bd7-be69-0739ec1a6f5b}
Error: (10/17/2014 09:04:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: VCSystemTray.exe8.4.0.1420053056230unknown0.0.0.000000000c0000005000007fe8b7c2ef718d001cfea3cb167d04bC:\Program Files\Sony\VAIO Care\VCSystemTray.exeunknown5b75fe07-5630-11e4-91b1-5442495cb672
Error: (10/17/2014 09:04:01 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: VCSystemTray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
bei VDS.Common.MultiDictionary`2[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].<.ctor>b__0(System.__Canon)
bei VDS.RDF.TreeIndexedTripleCollection.Delete(VDS.RDF.Triple)
bei VDS.RDF.Graph.Retract(VDS.RDF.Triple)
bei Solution.InferenceEngineCore.Reasoners.BaseReasoner.RetractSubjectFromContext(VDS.RDF.INode)
bei Solution.InferenceEngineCore.Reasoners.BaseReasoner.UpdateContext(System.String, Boolean)
bei Solution.InferenceEngineCore.InferenceEngine.InferenceEngine.UpdateContext(System.String, Boolean)
bei VAIOCareToolkit.App.CrossModuleCommunication`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].Publish(System.__Canon)
bei VAIOCareToolkit.App.BaseBootstrapper.PluginInitialization(System.ComponentModel.Composition.Hosting.AggregateCatalog)
bei VAIOCareToolkit.App.BaseBootstrapper.InitializePluginsInThread(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart(System.Object)
Error: (10/17/2014 08:54:13 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {1faba8ef-fcf3-4d6d-8dd3-cf3efa174055}
Error: (10/16/2014 08:43:37 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {45d7332d-ebbc-4fc4-8211-c803bbe2f6f9}
Error: (10/16/2014 07:34:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: VCSystemTray.exe8.4.0.1420053056230KERNELBASE.dll6.1.7601.184095315a05ae0434352000000000000940d1d8401cfe9656923f267C:\Program Files\Sony\VAIO Care\VCSystemTray.exeC:\Windows\system32\KERNELBASE.dlla88fc2e0-555a-11e4-9038-5442495cb672
Error: (10/16/2014 07:34:19 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: VCSystemTray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ArgumentException
Stapel:
bei VDS.RDF.Parsing.TurtleParser.Load(VDS.RDF.IRdfHandler, System.IO.TextReader)
bei Solution.InferenceEngineCore.Graphs.TerraGraph.LoadFromTurtleString(System.String)
bei Solution.InferenceEngineBL.ModuleInit.GetLanguageFromUserContext(System.String)
bei Solution.InferenceEngineBL.ModuleInit.InitializePostLoadPlugins(VAIOCareToolkit.PubSub.PluginLoadXME)
bei VAIOCareToolkit.App.CrossModuleCommunication`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].Publish(System.__Canon)
bei VAIOCareToolkit.App.BaseBootstrapper.PluginInitialization(System.ComponentModel.Composition.Hosting.AggregateCatalog)
bei VAIOCareToolkit.App.BaseBootstrapper.InitializePluginsInThread(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart(System.Object)
Error: (10/16/2014 07:17:36 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {72804e49-3dbb-46af-95b2-1252b8240717}
Error: (10/15/2014 10:16:47 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: D:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)
CodeIntegrity Errors:
===================================
Date: 2014-01-27 23:33:37.839
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-27 23:33:37.588
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-27 23:33:37.313
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-27 23:33:36.835
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-27 23:33:34.914
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-27 23:33:34.703
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-27 23:33:34.398
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\gpapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-27 23:33:34.169
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\gpapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5 CPU M 450 @ 2.40GHz
Percentage of memory in use: 72%
Total physical RAM: 4014.08 MB
Available physical RAM: 1093.19 MB
Total Pagefile: 8026.34 MB
Available Pagefile: 4635.38 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:455.4 GB) (Free:152.57 GB) NTFS
Drive f: () (Removable) (Total:3.69 GB) (Free:1.9 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 4FBD649C)
Partition 1: (Not Active) - (Size=10.3 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=455.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
Geändert von ChrisXX (21.10.2014 um 16:34 Uhr) Grund: Logs vergessen |
|
21.10.2014, 16:46
| #2 |
| /// the machine /// TB-Ausbilder    | Windows 7, von meinem Yahoo Account werden scheinbar Spam-Mails verschickt hi,
__________________Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
21.10.2014, 17:05
| #3 |
| | Windows 7, von meinem Yahoo Account werden scheinbar Spam-Mails verschickt Hi schrauber,
__________________danke für die schnelle Antwort. Habe TDSSkiller wie beschrieben eingestellt und scannen lassen. Hier das Logfile: Code:
ATTFilter 18:01:35.0345 0x1d80 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
18:01:42.0121 0x1d80 ============================================================
18:01:42.0121 0x1d80 Current date / time: 2014/10/21 18:01:42.0121
18:01:42.0121 0x1d80 SystemInfo:
18:01:42.0122 0x1d80
18:01:42.0122 0x1d80 OS Version: 6.1.7601 ServicePack: 1.0
18:01:42.0122 0x1d80 Product type: Workstation
18:01:42.0122 0x1d80 ComputerName: CHRIS-VAIO
18:01:42.0122 0x1d80 UserName: Chris
18:01:42.0122 0x1d80 Windows directory: C:\Windows
18:01:42.0122 0x1d80 System windows directory: C:\Windows
18:01:42.0122 0x1d80 Running under WOW64
18:01:42.0122 0x1d80 Processor architecture: Intel x64
18:01:42.0122 0x1d80 Number of processors: 4
18:01:42.0122 0x1d80 Page size: 0x1000
18:01:42.0122 0x1d80 Boot type: Normal boot
18:01:42.0122 0x1d80 ============================================================
18:01:48.0446 0x1d80 KLMD registered as C:\Windows\system32\drivers\63764702.sys
18:01:51.0561 0x1d80 System UUID: {AE5A3D55-BB37-8753-36F4-436B2687FC2A}
18:01:56.0600 0x1d80 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:01:57.0781 0x1d80 Drive \Device\Harddisk1\DR1 - Size: 0xEC180000 ( 3.69 Gb ), SectorSize: 0x200, Cylinders: 0x1E1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:01:57.0786 0x1d80 ============================================================
18:01:57.0786 0x1d80 \Device\Harddisk0\DR0:
18:01:58.0176 0x1d80 MBR partitions:
18:01:58.0176 0x1d80 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1487800, BlocksNum 0x32000
18:01:58.0176 0x1d80 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x14B9800, BlocksNum 0x38ECC030
18:01:58.0176 0x1d80 \Device\Harddisk1\DR1:
18:01:58.0177 0x1d80 MBR partitions:
18:01:58.0177 0x1d80 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0x760C00
18:01:58.0177 0x1d80 ============================================================
18:01:58.0393 0x1d80 C: <-> \Device\Harddisk0\DR0\Partition2
18:01:59.0196 0x1d80 ============================================================
18:01:59.0196 0x1d80 Initialize success
18:01:59.0196 0x1d80 ============================================================
18:05:59.0594 0x25ec ============================================================
18:05:59.0594 0x25ec Scan started
18:05:59.0594 0x25ec Mode: Manual; SigCheck; TDLFS;
18:05:59.0594 0x25ec ============================================================
18:05:59.0594 0x25ec KSN ping started
18:06:02.0464 0x25ec KSN ping finished: true
18:06:03.0266 0x25ec ================ Scan system memory ========================
18:06:03.0266 0x25ec System memory - ok
18:06:03.0267 0x25ec ================ Scan services =============================
18:06:03.0456 0x25ec [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:06:04.0149 0x25ec 1394ohci - ok
18:06:04.0483 0x25ec [ E0A8525A951ADDB4655BC2068566407D, 7C08B9DB7C281422FD64219DF81B7064CE16EA53CF00EB1FC33CB0741CE6605F ] 61883 C:\Windows\system32\DRIVERS\61883.sys
18:06:04.0611 0x25ec 61883 - ok
18:06:04.0673 0x25ec [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
18:06:04.0738 0x25ec ACDaemon - ok
18:06:04.0796 0x25ec [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:06:04.0867 0x25ec ACPI - ok
18:06:04.0918 0x25ec [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:06:05.0020 0x25ec AcpiPmi - ok
18:06:05.0116 0x25ec [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:06:05.0154 0x25ec AdobeARMservice - ok
18:06:05.0287 0x25ec [ 4ECFCAAE5CB380F58934F0DCF5F64E7F, D82B37E57D93484D7A3CB65470BCD54A578A695F0203A8DD441B1348C1EEA751 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:06:05.0333 0x25ec AdobeFlashPlayerUpdateSvc - ok
18:06:05.0367 0x25ec [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:06:05.0414 0x25ec adp94xx - ok
18:06:05.0438 0x25ec [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:06:05.0488 0x25ec adpahci - ok
18:06:05.0504 0x25ec [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:06:05.0532 0x25ec adpu320 - ok
18:06:05.0552 0x25ec [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:06:05.0770 0x25ec AeLookupSvc - ok
18:06:05.0839 0x25ec [ 65F8D71074FCE72B6C491F63535FEDC6, D5EF748DA71AC0EC88E0D33A753FF215CAD42ECEE1263D9FAEA6D059059DE260 ] AF9035BDA C:\Windows\system32\DRIVERS\AF15BDA.sys
18:06:05.0892 0x25ec AF9035BDA - ok
18:06:05.0972 0x25ec [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
18:06:06.0063 0x25ec AFD - ok
18:06:06.0110 0x25ec [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
18:06:06.0142 0x25ec agp440 - ok
18:06:06.0160 0x25ec [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
18:06:06.0243 0x25ec ALG - ok
18:06:06.0283 0x25ec [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
18:06:06.0331 0x25ec aliide - ok
18:06:06.0355 0x25ec [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
18:06:06.0379 0x25ec amdide - ok
18:06:06.0407 0x25ec [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:06:06.0470 0x25ec AmdK8 - ok
18:06:06.0489 0x25ec [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
18:06:06.0529 0x25ec AmdPPM - ok
18:06:06.0570 0x25ec [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:06:06.0599 0x25ec amdsata - ok
18:06:06.0618 0x25ec [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:06:06.0646 0x25ec amdsbs - ok
18:06:06.0658 0x25ec [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:06:06.0687 0x25ec amdxata - ok
18:06:06.0708 0x25ec [ 2D45F2DFBC3D8F53DF7EBEFFA8C9BC38, 916CA4FE1899609AB36E66CB90D69EC487C1913C9C542760564BCFFF1B6E8070 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
18:06:06.0751 0x25ec ApfiltrService - ok
18:06:06.0793 0x25ec [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
18:06:07.0005 0x25ec AppID - ok
18:06:07.0031 0x25ec [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:06:07.0104 0x25ec AppIDSvc - ok
18:06:07.0151 0x25ec [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
18:06:07.0269 0x25ec Appinfo - ok
18:06:07.0363 0x25ec [ 608D6A90E989C6522F170E5526A64BF4, 36EDD07DF6BD2D20121F63CF720C289FCCF7C53574D37F99C2F9ED68298D655B ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:06:07.0395 0x25ec Apple Mobile Device - ok
18:06:07.0419 0x25ec [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
18:06:07.0454 0x25ec arc - ok
18:06:07.0476 0x25ec [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:06:07.0502 0x25ec arcsas - ok
18:06:07.0523 0x25ec [ C130BC4A51B1382B2BE8E44579EC4C0A, CC1FD33ED7CAD87A504D8678F8482CAECACD18C727BB97FFB86F39255563EEF2 ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
18:06:07.0544 0x25ec ArcSoftKsUFilter - ok
18:06:07.0646 0x25ec [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:06:07.0786 0x25ec aspnet_state - ok
18:06:07.0797 0x25ec [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:06:07.0869 0x25ec AsyncMac - ok
18:06:07.0907 0x25ec [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
18:06:07.0936 0x25ec atapi - ok
18:06:08.0024 0x25ec [ 08BAAA2432E81031A6C3B11AD5A67E2B, BB909746B0FBC731BA7D64E9332FF367C8D37E7053B304F0FC08B270D3683D57 ] athr C:\Windows\system32\DRIVERS\athrx.sys
18:06:08.0187 0x25ec athr - ok
18:06:08.0250 0x25ec [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:06:08.0360 0x25ec AudioEndpointBuilder - ok
18:06:08.0396 0x25ec [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:06:08.0470 0x25ec AudioSrv - ok
18:06:08.0508 0x25ec [ 16FABE84916623D0607E4A975544032C, 9D960CAE27B1769ED5B024C0A3375912432521C73C1F59E21111596A7981BDC3 ] Avc C:\Windows\system32\DRIVERS\avc.sys
18:06:08.0556 0x25ec Avc - ok
18:06:08.0601 0x25ec [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:06:08.0747 0x25ec AxInstSV - ok
18:06:08.0787 0x25ec [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
18:06:08.0874 0x25ec b06bdrv - ok
18:06:08.0901 0x25ec [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:06:08.0954 0x25ec b57nd60a - ok
18:06:08.0981 0x25ec [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
18:06:09.0049 0x25ec BDESVC - ok
18:06:09.0058 0x25ec [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
18:06:09.0124 0x25ec Beep - ok
18:06:09.0191 0x25ec [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
18:06:09.0330 0x25ec BFE - ok
18:06:09.0427 0x25ec [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
18:06:09.0558 0x25ec BITS - ok
18:06:09.0585 0x25ec [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
18:06:09.0623 0x25ec blbdrive - ok
18:06:09.0718 0x25ec [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:06:09.0780 0x25ec Bonjour Service - ok
18:06:09.0828 0x25ec [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:06:09.0896 0x25ec bowser - ok
18:06:09.0915 0x25ec [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
18:06:09.0973 0x25ec BrFiltLo - ok
18:06:09.0979 0x25ec [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
18:06:10.0015 0x25ec BrFiltUp - ok
18:06:10.0070 0x25ec [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
18:06:10.0148 0x25ec Browser - ok
18:06:10.0171 0x25ec [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:06:10.0239 0x25ec Brserid - ok
18:06:10.0253 0x25ec [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:06:10.0314 0x25ec BrSerWdm - ok
18:06:10.0329 0x25ec [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:06:10.0373 0x25ec BrUsbMdm - ok
18:06:10.0380 0x25ec [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:06:10.0454 0x25ec BrUsbSer - ok
18:06:10.0504 0x25ec [ EA7E57F87D6FEE5FD6C5F813C04E8CD2, 1EB84F4DEE3034FAFBEA2A3F84EECE036E803872DA94D54E958E9F2F09519E88 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe
18:06:10.0536 0x25ec BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
18:06:12.0992 0x25ec Detect skipped due to KSN trusted
18:06:12.0993 0x25ec BrYNSvc - ok
18:06:13.0040 0x25ec [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
18:06:13.0168 0x25ec BthEnum - ok
18:06:13.0194 0x25ec [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:06:13.0240 0x25ec BTHMODEM - ok
18:06:13.0260 0x25ec [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
18:06:13.0303 0x25ec BthPan - ok
18:06:13.0338 0x25ec [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
18:06:13.0414 0x25ec BTHPORT - ok
18:06:13.0442 0x25ec [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
18:06:13.0510 0x25ec bthserv - ok
18:06:13.0527 0x25ec [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
18:06:13.0566 0x25ec BTHUSB - ok
18:06:13.0602 0x25ec [ 71A07B6FC98030935E60EDBFFE9E9C85, DEEDEF1381E16C41646EB28915BC6BABEB4F47CFA30549F904D08E341FA987AC ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
18:06:13.0645 0x25ec btwampfl - ok
18:06:13.0681 0x25ec [ BA5622F5544C6C445DFF1A05ACC8B19D, D9B3FBED2EDE92E16AEC5A6E3E69768540083A9AB3D80E3E8DC9218B7BD78DED ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
18:06:13.0708 0x25ec btwaudio - ok
18:06:13.0733 0x25ec [ A11905D0F4BD34771F195217B6AA5AE0, 2E7096E278978773C42E06833D2207DE7B4A9DBC4AF09415DCADD27372C4C0AE ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
18:06:13.0759 0x25ec btwavdt - ok
18:06:13.0825 0x25ec [ 1AF4ADB12E5EC25041166DA38C3B42C9, 1EFC43C4B0F4F83DFB40FBAEC8DCAF45FEEC6221EC2036C07A7774B511D104EE ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
18:06:13.0883 0x25ec btwdins - ok
18:06:13.0903 0x25ec [ 07096D2BC22CCB6CEA5A532DF0BE8A75, A9B7F2EFFDF1E4EC0A5DC098F0ED2BE44E271844A4F1CBAD2FA1655DE1E03F6E ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
18:06:13.0924 0x25ec btwl2cap - ok
18:06:13.0935 0x25ec [ BD776F32D64EC615BE4563DC2747224E, D0CFB25919051DC5654CC47BBD785D304BEEA4BEBC99BEFCE74C53C439AB33ED ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
18:06:13.0970 0x25ec btwrchid - ok
18:06:13.0995 0x25ec [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:06:14.0056 0x25ec cdfs - ok
18:06:14.0111 0x25ec [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:06:14.0187 0x25ec cdrom - ok
18:06:14.0234 0x25ec [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
18:06:14.0332 0x25ec CertPropSvc - ok
18:06:14.0385 0x25ec [ 27468DB367ABCFE855796775DB949AC1, F2DFC8CFBFCDC94798A5ADAAC96001927F9CE316751D42651C3AF1E52F1DC7EF ] cfwids C:\Windows\system32\drivers\cfwids.sys
18:06:14.0412 0x25ec cfwids - ok
18:06:14.0443 0x25ec [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
18:06:14.0485 0x25ec circlass - ok
18:06:14.0516 0x25ec [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
18:06:14.0554 0x25ec CLFS - ok
18:06:14.0609 0x25ec [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:06:14.0633 0x25ec clr_optimization_v2.0.50727_32 - ok
18:06:14.0674 0x25ec [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:06:14.0731 0x25ec clr_optimization_v2.0.50727_64 - ok
18:06:14.0800 0x25ec [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:06:14.0952 0x25ec clr_optimization_v4.0.30319_32 - ok
18:06:14.0982 0x25ec [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:06:15.0026 0x25ec clr_optimization_v4.0.30319_64 - ok
18:06:15.0045 0x25ec [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
18:06:15.0079 0x25ec CmBatt - ok
18:06:15.0119 0x25ec [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:06:15.0143 0x25ec cmdide - ok
18:06:15.0207 0x25ec [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
18:06:15.0316 0x25ec CNG - ok
18:06:15.0345 0x25ec [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
18:06:15.0379 0x25ec Compbatt - ok
18:06:15.0418 0x25ec [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:06:15.0472 0x25ec CompositeBus - ok
18:06:15.0479 0x25ec COMSysApp - ok
18:06:15.0491 0x25ec [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:06:15.0522 0x25ec crcdisk - ok
18:06:15.0577 0x25ec [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:06:15.0704 0x25ec CryptSvc - ok
18:06:15.0777 0x25ec [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:06:15.0872 0x25ec DcomLaunch - ok
18:06:15.0910 0x25ec [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
18:06:15.0998 0x25ec defragsvc - ok
18:06:16.0041 0x25ec [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:06:16.0107 0x25ec DfsC - ok
18:06:16.0163 0x25ec [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:06:16.0243 0x25ec Dhcp - ok
18:06:16.0274 0x25ec [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
18:06:16.0337 0x25ec discache - ok
18:06:16.0372 0x25ec [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
18:06:16.0396 0x25ec Disk - ok
18:06:16.0446 0x25ec [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:06:16.0501 0x25ec Dnscache - ok
18:06:16.0554 0x25ec [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
18:06:16.0634 0x25ec dot3svc - ok
18:06:16.0678 0x25ec [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
18:06:16.0742 0x25ec DPS - ok
18:06:16.0788 0x25ec [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:06:16.0863 0x25ec drmkaud - ok
18:06:16.0942 0x25ec [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:06:17.0009 0x25ec DXGKrnl - ok
18:06:17.0036 0x25ec [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
18:06:17.0090 0x25ec EapHost - ok
18:06:17.0235 0x25ec [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
18:06:17.0464 0x25ec ebdrv - ok
18:06:17.0518 0x25ec [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
18:06:17.0678 0x25ec EFS - ok
18:06:17.0811 0x25ec [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:06:17.0955 0x25ec ehRecvr - ok
18:06:18.0006 0x25ec [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
18:06:18.0084 0x25ec ehSched - ok
18:06:18.0182 0x25ec [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:06:18.0255 0x25ec elxstor - ok
18:06:18.0301 0x25ec [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:06:18.0338 0x25ec ErrDev - ok
18:06:18.0426 0x25ec [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
18:06:18.0525 0x25ec EventSystem - ok
18:06:18.0636 0x25ec [ 51643EE2712D9212E1E53CA7E8D8EB4A, A365245D1F0354E57FDD23925259787ECE63E6B0C29F3DC2D43BD7027F06D906 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
18:06:18.0709 0x25ec EvtEng - ok
18:06:18.0728 0x25ec [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
18:06:18.0790 0x25ec exfat - ok
18:06:18.0816 0x25ec [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:06:18.0885 0x25ec fastfat - ok
18:06:18.0955 0x25ec [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
18:06:19.0098 0x25ec Fax - ok
18:06:19.0121 0x25ec [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
18:06:19.0166 0x25ec fdc - ok
18:06:19.0203 0x25ec [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
18:06:19.0280 0x25ec fdPHost - ok
18:06:19.0298 0x25ec [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
18:06:19.0356 0x25ec FDResPub - ok
18:06:19.0387 0x25ec [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:06:19.0418 0x25ec FileInfo - ok
18:06:19.0429 0x25ec [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:06:19.0478 0x25ec Filetrace - ok
18:06:19.0564 0x25ec [ 414FFB55A82C3E0378DA2A4D80F59926, 66784D357D51D112719390C1CD48072BDFB8387DCC3B14D439A2CF45D7EF7806 ] FlagfoxUpdater C:\Users\Chris\AppData\LocalLow\Flagfox\IE\FlagfoxUpdater.exe
18:06:19.0604 0x25ec FlagfoxUpdater - detected UnsignedFile.Multi.Generic ( 1 )
18:06:22.0073 0x25ec Detect skipped due to KSN trusted
18:06:22.0073 0x25ec FlagfoxUpdater - ok
18:06:22.0133 0x25ec [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
18:06:22.0197 0x25ec flpydisk - ok
18:06:22.0257 0x25ec [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:06:22.0305 0x25ec FltMgr - ok
18:06:22.0385 0x25ec [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
18:06:22.0519 0x25ec FontCache - ok
18:06:22.0589 0x25ec [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:06:22.0623 0x25ec FontCache3.0.0.0 - ok
18:06:22.0634 0x25ec [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:06:22.0676 0x25ec FsDepends - ok
18:06:22.0705 0x25ec [ 53DAB1791917A72738539AD25C4EED7F, 3DE667E8B894EE1A1A814AF2153901AFE2A320BDB3B2A51330D987636B1BC6BE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
18:06:22.0746 0x25ec fssfltr - ok
18:06:22.0849 0x25ec [ 45B52394F9624237F33A8A3D73C0B221, AC3E26F9D0E8A91164C54E87C9C8BFCF824A14C80D4CEF3255C6127A482F25FE ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
18:06:22.0928 0x25ec fsssvc - ok
18:06:22.0976 0x25ec [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:06:23.0017 0x25ec Fs_Rec - ok
18:06:23.0068 0x25ec [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:06:23.0109 0x25ec fvevol - ok
18:06:23.0130 0x25ec [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:06:23.0171 0x25ec gagp30kx - ok
18:06:23.0212 0x25ec [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:06:23.0246 0x25ec GEARAspiWDM - ok
18:06:23.0317 0x25ec [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
18:06:23.0419 0x25ec gpsvc - ok
18:06:23.0475 0x25ec [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:06:23.0502 0x25ec gupdate - ok
18:06:23.0513 0x25ec [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:06:23.0535 0x25ec gupdatem - ok
18:06:23.0561 0x25ec [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
18:06:23.0593 0x25ec gusvc - ok
18:06:23.0610 0x25ec [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:06:23.0705 0x25ec hcw85cir - ok
18:06:23.0765 0x25ec [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:06:23.0856 0x25ec HdAudAddService - ok
18:06:23.0875 0x25ec [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:06:23.0920 0x25ec HDAudBus - ok
18:06:23.0937 0x25ec [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
18:06:23.0971 0x25ec HidBatt - ok
18:06:23.0987 0x25ec [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:06:24.0034 0x25ec HidBth - ok
18:06:24.0052 0x25ec [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
18:06:24.0096 0x25ec HidIr - ok
18:06:24.0119 0x25ec [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
18:06:24.0168 0x25ec hidserv - ok
18:06:24.0208 0x25ec [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:06:24.0257 0x25ec HidUsb - ok
18:06:24.0293 0x25ec [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
18:06:24.0327 0x25ec HipShieldK - ok
18:06:24.0373 0x25ec [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:06:24.0468 0x25ec hkmsvc - ok
18:06:24.0515 0x25ec [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:06:24.0627 0x25ec HomeGroupListener - ok
18:06:24.0679 0x25ec [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:06:24.0719 0x25ec HomeGroupProvider - ok
18:06:24.0877 0x25ec [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] HomeNetSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
18:06:24.0945 0x25ec HomeNetSvc - ok
18:06:25.0002 0x25ec [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:06:25.0043 0x25ec HpSAMD - ok
18:06:25.0108 0x25ec [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:06:25.0206 0x25ec HTTP - ok
18:06:25.0251 0x25ec [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:06:25.0281 0x25ec hwpolicy - ok
18:06:25.0296 0x25ec [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:06:25.0329 0x25ec i8042prt - ok
18:06:25.0373 0x25ec [ 073A606333B6F7BBF20AA856DF7F0997, 513927CA430511A5B95F6CBE5FBD20F8C2202B609F88C4526C174A4FF7F761FC ] iaStor C:\Windows\system32\drivers\iaStor.sys
18:06:25.0426 0x25ec iaStor - ok
18:06:25.0465 0x25ec [ CC800D2D9FD467542BAC7C186C4774AD, 2C2B975DAE6643D3CC5B93B6B58266C0B7E752651FB73B512ECA44FADB8AB839 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
18:06:25.0485 0x25ec IAStorDataMgrSvc - ok
18:06:25.0516 0x25ec [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:06:25.0569 0x25ec iaStorV - ok
18:06:25.0651 0x25ec [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:06:25.0726 0x25ec idsvc - ok
18:06:25.0733 0x25ec IEEtwCollectorService - ok
18:06:25.0760 0x25ec [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:06:25.0781 0x25ec iirsp - ok
18:06:25.0869 0x25ec [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
18:06:25.0967 0x25ec IKEEXT - ok
18:06:25.0999 0x25ec [ 4B6363CD4610BB848531BB260B15DFCC, 13A8AA9571497086341AC00797EFF212FF76EE62F9CFF758D3C08B377EC7BF04 ] Impcd C:\Windows\system32\drivers\Impcd.sys
18:06:26.0070 0x25ec Impcd - ok
18:06:26.0167 0x25ec [ 2E3B99E8C23BE2BF32EBE1DB5261F275, F78C556A5152568301E8F8A2B02B154D802448D5402AB916AF8F59A95FDF479D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:06:26.0293 0x25ec IntcAzAudAddService - ok
18:06:26.0344 0x25ec [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
18:06:26.0399 0x25ec intelide - ok
18:06:26.0423 0x25ec [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:06:26.0472 0x25ec intelppm - ok
18:06:26.0504 0x25ec [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:06:26.0569 0x25ec IPBusEnum - ok
18:06:26.0619 0x25ec [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:06:26.0687 0x25ec IpFilterDriver - ok
18:06:26.0766 0x25ec [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:06:26.0874 0x25ec iphlpsvc - ok
18:06:26.0925 0x25ec [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:06:26.0985 0x25ec IPMIDRV - ok
18:06:27.0007 0x25ec [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:06:27.0073 0x25ec IPNAT - ok
18:06:27.0149 0x25ec [ 635F7587F7576AA14871B850EB95BFB8, 75CB8F4D511964BB9104E93EF31D2DDF1227DACE1EDB9DE25AE9719835B6C34B ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:06:27.0219 0x25ec iPod Service - ok
18:06:27.0239 0x25ec [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:06:27.0347 0x25ec IRENUM - ok
18:06:27.0409 0x25ec [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:06:27.0460 0x25ec isapnp - ok
18:06:27.0514 0x25ec [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:06:27.0560 0x25ec iScsiPrt - ok
18:06:27.0594 0x25ec [ 213822072085B5BBAD9AF30AB577D817, 2C373B804D840933EC3A5F3ABFC43E47C2636CDB2431AB51846C565077B7C468 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
18:06:27.0622 0x25ec IviRegMgr - ok
18:06:27.0640 0x25ec [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:06:27.0670 0x25ec kbdclass - ok
18:06:27.0712 0x25ec [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:06:27.0746 0x25ec kbdhid - ok
18:06:27.0764 0x25ec [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
18:06:27.0797 0x25ec KeyIso - ok
18:06:27.0842 0x25ec [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:06:27.0878 0x25ec KSecDD - ok
18:06:27.0899 0x25ec [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:06:27.0925 0x25ec KSecPkg - ok
18:06:27.0937 0x25ec [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:06:28.0001 0x25ec ksthunk - ok
18:06:28.0059 0x25ec [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
18:06:28.0141 0x25ec KtmRm - ok
18:06:28.0191 0x25ec [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:06:28.0259 0x25ec LanmanServer - ok
18:06:28.0334 0x25ec [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:06:28.0426 0x25ec LanmanWorkstation - ok
18:06:28.0442 0x25ec [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:06:28.0500 0x25ec lltdio - ok
18:06:28.0533 0x25ec [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:06:28.0606 0x25ec lltdsvc - ok
18:06:28.0627 0x25ec [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:06:28.0683 0x25ec lmhosts - ok
18:06:28.0717 0x25ec [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:06:28.0748 0x25ec LSI_FC - ok
18:06:28.0764 0x25ec [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:06:28.0797 0x25ec LSI_SAS - ok
18:06:28.0813 0x25ec [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:06:28.0844 0x25ec LSI_SAS2 - ok
18:06:28.0859 0x25ec [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:06:28.0884 0x25ec LSI_SCSI - ok
18:06:28.0910 0x25ec [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
18:06:28.0966 0x25ec luafv - ok
18:06:29.0052 0x25ec [ F928E5E72BBA15DD0CE9A26E0413D236, D63EFA1408084F524464729C2F3BE16550E07ACE2BF8A00699A8438079AD381B ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
18:06:29.0080 0x25ec McAfee SiteAdvisor Service - ok
18:06:29.0238 0x25ec [ 96E7AA538AB0EDECCAB3862BA4B66232, 8AF460093B4DC1FD81C4508A57B6A80A7FB2E1818A3405506B8DB5B521615FB6 ] McAPExe C:\Program Files\McAfee\MSC\McAPExe.exe
18:06:29.0264 0x25ec McAPExe - ok
18:06:29.0388 0x25ec [ 8A7F33C3B8D9FCAA69803E3DE05BE216, D8504A752D3F74A5BEF7B250AD00B481591DC854C9A019C6A87C606C165B27B6 ] McComponentHostServiceSony C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe
18:06:29.0441 0x25ec McComponentHostServiceSony - ok
18:06:29.0465 0x25ec [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McMPFSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
18:06:29.0499 0x25ec McMPFSvc - ok
18:06:29.0523 0x25ec [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McNaiAnn C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
18:06:29.0549 0x25ec McNaiAnn - ok
18:06:29.0670 0x25ec [ 7F8446D8AD9161B34DC7C209FB148A5A, 26B07EB138992586FC410849172A63ACC26D99ED59B568EFF9C93ED2EB129453 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
18:06:29.0730 0x25ec McODS - ok
18:06:29.0753 0x25ec [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] mcpltsvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
18:06:29.0787 0x25ec mcpltsvc - ok
18:06:29.0811 0x25ec [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McProxy C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
18:06:29.0837 0x25ec McProxy - ok
18:06:29.0887 0x25ec [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:06:29.0931 0x25ec Mcx2Svc - ok
18:06:29.0968 0x25ec [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
18:06:29.0998 0x25ec megasas - ok
18:06:30.0022 0x25ec [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
18:06:30.0062 0x25ec MegaSR - ok
18:06:30.0086 0x25ec [ D0574EF9490EBD32DFA14D3C16195DE2, 7F5623562E74BD09717103247CE9155F07092BC633B5647ED3C99A95283413B4 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
18:06:30.0117 0x25ec mfeapfk - ok
18:06:30.0167 0x25ec [ 7B6A4509A2444F5F0689B2579E245177, 95A3A3560E253B7459F1B7C9E4E21008C725BA1A2C5F4E5FBAD1AB383058E2F6 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
18:06:30.0209 0x25ec mfeavfk - ok
18:06:30.0282 0x25ec [ 28E4FB2E9918C2E680BE9FD8E130471C, DFD1738F2CC0743F2CD9754CAFFFFC4D38590AF8AD2E1159F8FEAC9E9922E4B8 ] mfecore C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
18:06:30.0348 0x25ec mfecore - ok
18:06:30.0437 0x25ec [ E7C6587AC8FB0BABEF6AB1733AFA8FEC, 1624B8D9C9431A2030B8C8CFAA90F56A9EE4039D2426A521C4102A68D2F8E3CD ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
18:06:30.0498 0x25ec mfefire - ok
18:06:30.0562 0x25ec [ 92AD9892D534CA58E020375C94E0307E, 3062625853C759852C5172040C69840315676A01A62EECFC53F55E6379DB190C ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
18:06:30.0641 0x25ec mfefirek - ok
18:06:30.0693 0x25ec [ B6622A5B197D021647AE20E0D4C229B9, 15D64928FDB207C183A69E7CFB90BFFBF25F1AB14059EDEFDF021F323025F4E8 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
18:06:30.0755 0x25ec mfehidk - ok
18:06:30.0846 0x25ec [ 6CD9133BC4B5DF25FB8BCBC382C8466F, F3C938D1EDD61EE1B227112CB027804E0AAD16CBCDD67EEE1D8EAABDFC996BA1 ] mfencbdc C:\Windows\system32\DRIVERS\mfencbdc.sys
18:06:30.0902 0x25ec mfencbdc - ok
18:06:30.0925 0x25ec [ 408DC249009CDB3C9B299716C861C64B, 3EFBFA8EE857CBF4C6A29E0D1DA38EB21B57D5BA1F6CC544503CA8253E9BFF12 ] mfencrk C:\Windows\system32\DRIVERS\mfencrk.sys
18:06:30.0949 0x25ec mfencrk - ok
18:06:31.0008 0x25ec [ 64BAFB4E5377056CDD71531097D69F6E, 28B434C1DB9AD930C5A32584C51FE1B3A4526952EBC953DAE775701E270C76C5 ] mfevtp C:\Windows\system32\mfevtps.exe
18:06:31.0069 0x25ec mfevtp - ok
18:06:31.0127 0x25ec [ A58F979117A424CDB33C21396887800F, E857E74BB08E49AEDC7EE21C9FDA36053113E04F8D29B9DBC3A2A3F0667915C6 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
18:06:31.0167 0x25ec mfewfpk - ok
18:06:31.0207 0x25ec [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
18:06:31.0271 0x25ec MMCSS - ok
18:06:31.0402 0x25ec [ 8CC001C65C31633171991FA72A551D43, F256EED72C712C2B5C1DB6DE31DA52609EC0E47EB869E7BC0B70B286593A96DB ] MOBKbackup C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
18:06:31.0452 0x25ec MOBKbackup - ok
18:06:31.0507 0x25ec [ 3800C23D0D90C59AAFCDEFDC82B5C4AF, D949CACB9EF881194B06A961071938F57F3AD57EBB5440B6E7F0B340757641BD ] MOBKFilter C:\Windows\system32\DRIVERS\MOBK.sys
18:06:31.0553 0x25ec MOBKFilter - ok
18:06:31.0583 0x25ec [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
18:06:31.0658 0x25ec Modem - ok
18:06:31.0680 0x25ec [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:06:31.0722 0x25ec monitor - ok
18:06:31.0769 0x25ec [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:06:31.0792 0x25ec mouclass - ok
18:06:31.0809 0x25ec [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:06:31.0851 0x25ec mouhid - ok
18:06:31.0907 0x25ec [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:06:31.0960 0x25ec mountmgr - ok
18:06:31.0982 0x25ec [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
18:06:32.0008 0x25ec mpio - ok
18:06:32.0037 0x25ec [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:06:32.0095 0x25ec mpsdrv - ok
18:06:32.0180 0x25ec [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:06:32.0285 0x25ec MpsSvc - ok
18:06:32.0336 0x25ec [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:06:32.0397 0x25ec MRxDAV - ok
18:06:32.0449 0x25ec [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:06:32.0505 0x25ec mrxsmb - ok
18:06:32.0572 0x25ec [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:06:32.0654 0x25ec mrxsmb10 - ok
18:06:32.0696 0x25ec [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:06:32.0761 0x25ec mrxsmb20 - ok
18:06:32.0812 0x25ec [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
18:06:32.0840 0x25ec msahci - ok
18:06:32.0889 0x25ec [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:06:32.0917 0x25ec msdsm - ok
18:06:32.0934 0x25ec [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
18:06:32.0971 0x25ec MSDTC - ok
18:06:33.0023 0x25ec [ 72949A24D37A20A54B3D4D3DADBB55E9, 580B59EF2DFA4F6EE27BA37904F0705CBCD74F9B07D2D795093C045F94AE6DB5 ] MSDV C:\Windows\system32\DRIVERS\msdv.sys
18:06:33.0059 0x25ec MSDV - ok
18:06:33.0079 0x25ec [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:06:33.0129 0x25ec Msfs - ok
18:06:33.0141 0x25ec [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:06:33.0196 0x25ec mshidkmdf - ok
18:06:33.0244 0x25ec [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:06:33.0281 0x25ec msisadrv - ok
18:06:33.0308 0x25ec [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:06:33.0377 0x25ec MSiSCSI - ok
18:06:33.0385 0x25ec msiserver - ok
18:06:33.0409 0x25ec [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] MSK80Service C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
18:06:33.0443 0x25ec MSK80Service - ok
18:06:33.0464 0x25ec [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:06:33.0523 0x25ec MSKSSRV - ok
18:06:33.0536 0x25ec [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:06:33.0596 0x25ec MSPCLOCK - ok
18:06:33.0613 0x25ec [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:06:33.0678 0x25ec MSPQM - ok
18:06:33.0743 0x25ec [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:06:33.0806 0x25ec MsRPC - ok
18:06:33.0823 0x25ec [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:06:33.0847 0x25ec mssmbios - ok
18:06:33.0865 0x25ec [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:06:33.0928 0x25ec MSTEE - ok
18:06:33.0942 0x25ec [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
18:06:33.0983 0x25ec MTConfig - ok
18:06:34.0003 0x25ec [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
18:06:34.0034 0x25ec Mup - ok
18:06:34.0102 0x25ec [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
18:06:34.0222 0x25ec napagent - ok
18:06:34.0253 0x25ec [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:06:34.0322 0x25ec NativeWifiP - ok
18:06:34.0390 0x25ec [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
18:06:34.0454 0x25ec NDIS - ok
18:06:34.0471 0x25ec [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:06:34.0530 0x25ec NdisCap - ok
18:06:34.0547 0x25ec [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:06:34.0595 0x25ec NdisTapi - ok
18:06:34.0618 0x25ec [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:06:34.0673 0x25ec Ndisuio - ok
18:06:34.0709 0x25ec [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:06:34.0770 0x25ec NdisWan - ok
18:06:34.0793 0x25ec [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:06:34.0855 0x25ec NDProxy - ok
18:06:34.0869 0x25ec [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:06:34.0925 0x25ec NetBIOS - ok
18:06:34.0976 0x25ec [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:06:35.0045 0x25ec NetBT - ok
18:06:35.0066 0x25ec [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
18:06:35.0099 0x25ec Netlogon - ok
18:06:35.0135 0x25ec [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
18:06:35.0213 0x25ec Netman - ok
18:06:35.0270 0x25ec [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:06:35.0347 0x25ec NetMsmqActivator - ok
18:06:35.0384 0x25ec [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:06:35.0413 0x25ec NetPipeActivator - ok
18:06:35.0436 0x25ec [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
18:06:35.0511 0x25ec netprofm - ok
18:06:35.0532 0x25ec [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:06:35.0564 0x25ec NetTcpActivator - ok
18:06:35.0581 0x25ec [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:06:35.0619 0x25ec NetTcpPortSharing - ok
18:06:35.0865 0x25ec [ 4D85A450EDEF10C38882182753A49AAE, FB6C2D91B2CF834315498BB31F931E2A49066A3158A588FD705F59628DF2F8FC ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
18:06:36.0221 0x25ec NETw5s64 - ok
18:06:36.0628 0x25ec [ 98CF53F7B23F77D082805D5DBBD99A4E, 84285D0192B945262F69FE902C76519741425BD7C674364D6E11F96D2BC38B10 ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw00.sys
18:06:37.0122 0x25ec NETwNs64 - ok
18:06:37.0163 0x25ec [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:06:37.0187 0x25ec nfrd960 - ok
18:06:37.0214 0x25ec [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:06:37.0264 0x25ec NlaSvc - ok
18:06:37.0283 0x25ec [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:06:37.0373 0x25ec Npfs - ok
18:06:37.0419 0x25ec [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
18:06:37.0509 0x25ec nsi - ok
18:06:37.0531 0x25ec [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:06:37.0598 0x25ec nsiproxy - ok
18:06:37.0723 0x25ec [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:06:37.0826 0x25ec Ntfs - ok
18:06:37.0847 0x25ec [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
18:06:37.0912 0x25ec Null - ok
18:06:37.0946 0x25ec [ 554964B900AE2954B8B589B6287034AC, C6C9EA3ADAFEBBF2AF944E4A0656BD795AD37706008CC0CA3F2150BD709476E7 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
18:06:37.0980 0x25ec NVHDA - ok
18:06:38.0379 0x25ec [ 9B93CC9C70EDE60A9C486E7719DB9E8D, 8E31BE72797D3308D8AF136E9F4C6199BCF4592F88E9FEB361752FF768225EC9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:06:38.0951 0x25ec nvlddmkm - ok
18:06:39.0033 0x25ec [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:06:39.0082 0x25ec nvraid - ok
18:06:39.0106 0x25ec [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:06:39.0142 0x25ec nvstor - ok
18:06:39.0205 0x25ec [ FB50E60564ED30DDC855F0CE435C8467, C9A56D74F58739B8A069336FF5456FC5F3CE89371B8CFE8144B8D06A9C79C6AB ] nvsvc C:\Windows\system32\nvvsvc.exe
18:06:39.0272 0x25ec nvsvc - ok
18:06:39.0389 0x25ec [ C63E582366EAD77978BFFD959A66DBB8, BBAC11300AFED29291A08EEC8A740DA67C8C003AF89D06F9E0671CCF0E7908A0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:06:39.0483 0x25ec nvUpdatusService - ok
18:06:39.0543 0x25ec [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:06:39.0583 0x25ec nv_agp - ok
18:06:39.0617 0x25ec [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:06:39.0641 0x25ec ohci1394 - ok
18:06:39.0679 0x25ec [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:06:39.0821 0x25ec p2pimsvc - ok
18:06:39.0864 0x25ec [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
18:06:39.0924 0x25ec p2psvc - ok
18:06:39.0970 0x25ec [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
18:06:40.0020 0x25ec Parport - ok
18:06:40.0088 0x25ec [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:06:40.0135 0x25ec partmgr - ok
18:06:40.0161 0x25ec [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
18:06:40.0215 0x25ec PcaSvc - ok
18:06:40.0267 0x25ec [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
18:06:40.0298 0x25ec pci - ok
18:06:40.0339 0x25ec [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
18:06:40.0369 0x25ec pciide - ok
18:06:40.0396 0x25ec [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:06:40.0432 0x25ec pcmcia - ok
18:06:40.0456 0x25ec [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
18:06:40.0482 0x25ec pcw - ok
18:06:40.0518 0x25ec [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:06:40.0614 0x25ec PEAUTH - ok
18:06:40.0711 0x25ec [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:06:40.0784 0x25ec PerfHost - ok
18:06:40.0902 0x25ec [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
18:06:41.0024 0x25ec pla - ok
18:06:41.0096 0x25ec [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:06:41.0202 0x25ec PlugPlay - ok
18:06:41.0279 0x25ec [ 627FA58ADC043704F9D14CA44340956F, 92306D5EE64812775E2A2E65F6666A5805CC4DD8BEB3E2FC64CCA087EF471D1F ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
18:06:41.0342 0x25ec PMBDeviceInfoProvider - ok
18:06:41.0358 0x25ec [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:06:41.0405 0x25ec PNRPAutoReg - ok
18:06:41.0429 0x25ec [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:06:41.0470 0x25ec PNRPsvc - ok
18:06:41.0545 0x25ec [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:06:41.0652 0x25ec PolicyAgent - ok
18:06:41.0688 0x25ec [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
18:06:41.0768 0x25ec Power - ok
18:06:41.0819 0x25ec [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:06:41.0892 0x25ec PptpMiniport - ok
18:06:41.0944 0x25ec [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
18:06:42.0016 0x25ec Processor - ok
18:06:42.0072 0x25ec [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
18:06:42.0129 0x25ec ProfSvc - ok
18:06:42.0145 0x25ec [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:06:42.0178 0x25ec ProtectedStorage - ok
18:06:42.0230 0x25ec [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:06:42.0297 0x25ec Psched - ok
18:06:42.0353 0x25ec [ A6A7AD767BF5141665F5C675F671B3E1, 11D43F732C3B82679E53516F83E675B60B0EFEDE3F4EE3C42AC752AD8D5155AF ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
18:06:42.0410 0x25ec PSI_SVC_2 - ok
18:06:42.0453 0x25ec [ 4712CC14E720ECCCC0AA16949D18AAF1, AF0223D118A25CA14EC1AF8A40A793D3CBCBE3576CCACBCD4F9A3D3F10407262 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
18:06:42.0478 0x25ec PxHlpa64 - ok
18:06:42.0548 0x25ec [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:06:42.0650 0x25ec ql2300 - ok
18:06:42.0680 0x25ec [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:06:42.0705 0x25ec ql40xx - ok
18:06:42.0743 0x25ec [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
18:06:42.0791 0x25ec QWAVE - ok
18:06:42.0814 0x25ec [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:06:42.0853 0x25ec QWAVEdrv - ok
18:06:42.0875 0x25ec [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:06:42.0934 0x25ec RasAcd - ok
18:06:42.0954 0x25ec [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:06:43.0020 0x25ec RasAgileVpn - ok
18:06:43.0044 0x25ec [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
18:06:43.0100 0x25ec RasAuto - ok
18:06:43.0154 0x25ec [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:06:43.0250 0x25ec Rasl2tp - ok
18:06:43.0313 0x25ec [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
18:06:43.0433 0x25ec RasMan - ok
18:06:43.0461 0x25ec [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:06:43.0523 0x25ec RasPppoe - ok
18:06:43.0548 0x25ec [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:06:43.0609 0x25ec RasSstp - ok
18:06:43.0669 0x25ec [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:06:43.0764 0x25ec rdbss - ok
18:06:43.0787 0x25ec [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
18:06:43.0823 0x25ec rdpbus - ok
18:06:43.0838 0x25ec [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:06:43.0899 0x25ec RDPCDD - ok
18:06:43.0923 0x25ec [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:06:43.0988 0x25ec RDPENCDD - ok
18:06:44.0010 0x25ec [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:06:44.0059 0x25ec RDPREFMP - ok
18:06:44.0135 0x25ec [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:06:44.0252 0x25ec RdpVideoMiniport - ok
18:06:44.0311 0x25ec [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:06:44.0394 0x25ec RDPWD - ok
18:06:44.0448 0x25ec [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:06:44.0490 0x25ec rdyboost - ok
18:06:44.0522 0x25ec [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6, A0E808EA9A58FC99D694A9EBF1F7248B79CAA44D9E6E30A07CDEDBC72A8F3610 ] regi C:\Windows\system32\drivers\regi.sys
18:06:44.0549 0x25ec regi - ok
18:06:44.0641 0x25ec [ 3B71B5B91E7DCA93585D5A86C897ADC4, F0A17C1282F7613B35932226598AF7B3F653FF74DB0107EBB63BC5F1DCFC757B ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
18:06:44.0705 0x25ec RegSrvc - ok
18:06:44.0743 0x25ec [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:06:44.0809 0x25ec RemoteAccess - ok
18:06:44.0847 0x25ec [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:06:44.0914 0x25ec RemoteRegistry - ok
18:06:44.0946 0x25ec [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
18:06:44.0986 0x25ec RFCOMM - ok
18:06:45.0013 0x25ec [ 6DED176A14770339F1415CFDBCC9E07F, 5949005C65964181EDCB40F6224AD8CE7DDCC9762C09957F2DC1E8CE9AEB12D2 ] rimspci C:\Windows\system32\drivers\rimssne64.sys
18:06:45.0052 0x25ec rimspci - ok
18:06:45.0073 0x25ec [ DDF5F666C2A5B3729E8BEA01FB999CC0, 7143E35A8F9BA2A892FEAB6EDBC217DB6B20770A374C01F714105E67E10A7512 ] risdsnpe C:\Windows\system32\drivers\risdsne64.sys
18:06:45.0132 0x25ec risdsnpe - ok
18:06:45.0205 0x25ec [ BA6CE930E1453677F7565AE45181AD76, 92DEB7BF8E9ED32B7E0FE20A05F8C0ECDE7B0EC6F25ABDAA58D27460C96003AD ] Roxio UPnP Renderer 10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
18:06:45.0255 0x25ec Roxio UPnP Renderer 10 - ok
18:06:45.0290 0x25ec [ 3A3D707A35EA30A6CF88B9E555E3D815, 4763394E67F179D7048A460CB9B91E74F33D84C8DBDD4E28401ED473C7347410 ] Roxio Upnp Server 10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
18:06:45.0332 0x25ec Roxio Upnp Server 10 - ok
18:06:45.0363 0x25ec [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:06:45.0423 0x25ec RpcEptMapper - ok
18:06:45.0446 0x25ec [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
18:06:45.0485 0x25ec RpcLocator - ok
18:06:45.0541 0x25ec [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
18:06:45.0609 0x25ec RpcSs - ok
18:06:45.0641 0x25ec [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:06:45.0707 0x25ec rspndr - ok
18:06:45.0758 0x25ec [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
18:06:45.0792 0x25ec SamSs - ok
18:06:45.0846 0x25ec [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:06:45.0897 0x25ec sbp2port - ok
18:06:45.0935 0x25ec [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:06:46.0002 0x25ec SCardSvr - ok
18:06:46.0031 0x25ec [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:06:46.0106 0x25ec scfilter - ok
18:06:46.0160 0x25ec [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
18:06:46.0277 0x25ec Schedule - ok
18:06:46.0335 0x25ec [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:06:46.0491 0x25ec SCPolicySvc - ok
18:06:46.0506 0x25ec [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\drivers\sdbus.sys
18:06:46.0549 0x25ec sdbus - ok
18:06:46.0608 0x25ec [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:06:46.0726 0x25ec SDRSVC - ok
18:06:46.0764 0x25ec [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:06:46.0839 0x25ec secdrv - ok
18:06:46.0892 0x25ec [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
18:06:46.0959 0x25ec seclogon - ok
18:06:47.0045 0x25ec [ 1ED7A8574A28357097A5CB4063C96B00, 4E248CA66B7DE930AEC501A85F507AB813FC3CEBCBA347DFF3B05CE6CB8E496B ] semav6thermal64ro C:\Windows\system32\drivers\semav6thermal64ro.sys
18:06:47.0073 0x25ec semav6thermal64ro - ok
18:06:47.0099 0x25ec [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
18:06:47.0163 0x25ec SENS - ok
18:06:47.0183 0x25ec [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:06:47.0261 0x25ec SensrSvc - ok
18:06:47.0281 0x25ec [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
18:06:47.0326 0x25ec Serenum - ok
18:06:47.0342 0x25ec [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
18:06:47.0383 0x25ec Serial - ok
18:06:47.0429 0x25ec [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:06:47.0454 0x25ec sermouse - ok
18:06:47.0521 0x25ec [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
18:06:47.0603 0x25ec SessionEnv - ok
18:06:47.0637 0x25ec [ 286D3889E6AB5589646FF8A63CB928AE, 98D9D34521328F4F0B0B7C2CAB97BA0EC998B9F3F996B5ED08E17292F1CD9452 ] SFEP C:\Windows\system32\drivers\SFEP.sys
18:06:47.0674 0x25ec SFEP - ok
18:06:47.0718 0x25ec [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:06:47.0790 0x25ec sffdisk - ok
18:06:47.0813 0x25ec [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:06:47.0859 0x25ec sffp_mmc - ok
18:06:47.0881 0x25ec [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:06:47.0916 0x25ec sffp_sd - ok
18:06:47.0945 0x25ec [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:06:47.0983 0x25ec sfloppy - ok
18:06:48.0033 0x25ec [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:06:48.0105 0x25ec SharedAccess - ok
18:06:48.0175 0x25ec [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:06:48.0255 0x25ec ShellHWDetection - ok
18:06:48.0268 0x25ec [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:06:48.0290 0x25ec SiSRaid2 - ok
18:06:48.0311 0x25ec [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:06:48.0343 0x25ec SiSRaid4 - ok
18:06:48.0356 0x25ec [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:06:48.0455 0x25ec Smb - ok
18:06:48.0498 0x25ec [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:06:48.0544 0x25ec SNMPTRAP - ok
18:06:48.0613 0x25ec [ C3E69DB0A4E59564230E053232F39AC7, D7E4AC42C0731F69869E96F3AE9021ABD968E17C92283A54F265E73E6BD60ED5 ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
18:06:48.0640 0x25ec SOHCImp - ok
18:06:48.0679 0x25ec [ C1CD71C672EA281A424FBCF24AC99553, 3C25D36EA36C5ACF7AD4BE47935DD055DCA010ACE4B1A7089493E5F282CDFA7B ] SOHDms C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
18:06:48.0740 0x25ec SOHDms - ok
18:06:48.0758 0x25ec [ F47D75CEE1844EEF4A9EA6EE768828FB, 242550EB5879476DD2CFC0E38FAF3C6D0263FEA7504BD73ED3B004E274D7CDF6 ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
18:06:48.0778 0x25ec SOHDs - ok
18:06:48.0826 0x25ec [ E2E40C0D24456B6EB440BE01AF829829, 862A15D877DA95F341F77428D88DDEA7EC272C75546466DABDF59370ADD1A689 ] SpfService C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe
18:06:48.0873 0x25ec SpfService - ok
18:06:48.0908 0x25ec [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
18:06:48.0930 0x25ec spldr - ok
18:06:49.0000 0x25ec [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
18:06:49.0085 0x25ec Spooler - ok
18:06:49.0457 0x25ec [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
18:06:49.0703 0x25ec sppsvc - ok
18:06:49.0748 0x25ec [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:06:49.0816 0x25ec sppuinotify - ok
18:06:49.0882 0x25ec [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:06:49.0949 0x25ec srv - ok
18:06:49.0981 0x25ec [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:06:50.0036 0x25ec srv2 - ok
18:06:50.0062 0x25ec [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:06:50.0098 0x25ec srvnet - ok
18:06:50.0122 0x25ec [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:06:50.0188 0x25ec SSDPSRV - ok
18:06:50.0214 0x25ec [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:06:50.0276 0x25ec SstpSvc - ok
18:06:50.0318 0x25ec [ 7FCE08C739136C9C64107A8814EF854C, 820E494A401D69E3DA7A8624B2093DCF98198E6D8CCCE345BDF76952EE4ADB07 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:06:50.0367 0x25ec Stereo Service - ok
18:06:50.0399 0x25ec [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:06:50.0428 0x25ec stexstor - ok
18:06:50.0481 0x25ec [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
18:06:50.0543 0x25ec StillCam - ok
18:06:50.0614 0x25ec [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
18:06:50.0702 0x25ec stisvc - ok
18:06:50.0747 0x25ec [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
18:06:50.0776 0x25ec swenum - ok
18:06:50.0811 0x25ec [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
18:06:50.0905 0x25ec swprv - ok
18:06:51.0107 0x25ec [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
18:06:51.0263 0x25ec SysMain - ok
18:06:51.0326 0x25ec [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:06:51.0407 0x25ec TabletInputService - ok
18:06:51.0481 0x25ec [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
18:06:51.0576 0x25ec TapiSrv - ok
18:06:51.0607 0x25ec [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
18:06:51.0669 0x25ec TBS - ok
18:06:51.0783 0x25ec [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:06:51.0877 0x25ec Tcpip - ok
18:06:51.0957 0x25ec [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:06:52.0022 0x25ec TCPIP6 - ok
18:06:52.0093 0x25ec [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:06:52.0164 0x25ec tcpipreg - ok
18:06:52.0220 0x25ec [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:06:52.0319 0x25ec TDPIPE - ok
18:06:52.0382 0x25ec [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:06:52.0436 0x25ec TDTCP - ok
18:06:52.0515 0x25ec [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:06:52.0617 0x25ec tdx - ok
18:06:52.0785 0x25ec [ 8A9828975A857E477EFEF5A61BA45AC0, 90020839E900EC80D7439F3F925E39BDFD389C77C1B99B70D890552DA6E985BE ] TeamViewer6 C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
18:06:52.0892 0x25ec TeamViewer6 - ok
18:06:52.0943 0x25ec [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
18:06:52.0973 0x25ec TermDD - ok
18:06:53.0052 0x25ec [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService C:\Windows\System32\termsrv.dll
18:06:53.0127 0x25ec TermService - ok
18:06:53.0159 0x25ec [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
18:06:53.0209 0x25ec Themes - ok
18:06:53.0245 0x25ec [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
18:06:53.0296 0x25ec THREADORDER - ok
18:06:53.0315 0x25ec [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
18:06:53.0384 0x25ec TrkWks - ok
18:06:53.0465 0x25ec [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:06:53.0580 0x25ec TrustedInstaller - ok
18:06:53.0634 0x25ec [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:06:53.0668 0x25ec tssecsrv - ok
18:06:53.0716 0x25ec [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:06:53.0795 0x25ec TsUsbFlt - ok
18:06:53.0845 0x25ec [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:06:53.0915 0x25ec tunnel - ok
18:06:53.0944 0x25ec [ 1A006963644C7FDE5BE60036F3A43E68, BD596CD2D1AAE3A145DC9FD73FD53CD25242AF4CFCD2783D8FCB3B12EBCC7153 ] TVICHW32 C:\Windows\system32\DRIVERS\TVICHW32.SYS
18:06:53.0974 0x25ec TVICHW32 - ok
18:06:54.0008 0x25ec [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:06:54.0036 0x25ec uagp35 - ok
18:06:54.0082 0x25ec [ 63F6D08C54D5B3C1B12A6172032055C7, 87D872731D2C85E1A0ED3128CB7AB91AF00D830B0E4307054ABFD1D3900C990D ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
18:06:54.0110 0x25ec uCamMonitor - ok
18:06:54.0140 0x25ec [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:06:54.0235 0x25ec udfs - ok
18:06:54.0279 0x25ec [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:06:54.0305 0x25ec UI0Detect - ok
18:06:54.0355 0x25ec [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:06:54.0378 0x25ec uliagpkx - ok
18:06:54.0432 0x25ec [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:06:54.0489 0x25ec umbus - ok
18:06:54.0515 0x25ec [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
18:06:54.0560 0x25ec UmPass - ok
18:06:54.0596 0x25ec [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
18:06:54.0689 0x25ec upnphost - ok
18:06:54.0745 0x25ec [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
18:06:54.0770 0x25ec USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
18:06:57.0213 0x25ec Detect skipped due to KSN trusted
18:06:57.0213 0x25ec USBAAPL64 - ok
18:06:57.0270 0x25ec [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:06:57.0379 0x25ec usbccgp - ok
18:06:57.0438 0x25ec [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:06:57.0487 0x25ec usbcir - ok
18:06:57.0536 0x25ec [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
18:06:57.0564 0x25ec usbehci - ok
18:06:57.0624 0x25ec [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:06:57.0686 0x25ec usbhub - ok
18:06:57.0734 0x25ec [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:06:57.0768 0x25ec usbohci - ok
18:06:57.0801 0x25ec [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:06:57.0836 0x25ec usbprint - ok
18:06:57.0888 0x25ec [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:06:57.0966 0x25ec USBSTOR - ok
18:06:58.0020 0x25ec [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:06:58.0065 0x25ec usbuhci - ok
18:06:58.0113 0x25ec [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
18:06:58.0204 0x25ec usbvideo - ok
18:06:58.0382 0x25ec [ 34349E7B488FA61B639117F6BF1EBF99, A7A7E60511F7D6370473D41867F5323695308CC27D3EEB0286687D3A9E0084E9 ] USER_ESRV_SVC C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
18:06:58.0439 0x25ec USER_ESRV_SVC - ok
18:06:58.0467 0x25ec [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
18:06:58.0537 0x25ec UxSms - ok
18:06:58.0582 0x25ec [ 4E7135D6D0127067E4CFEE12259F895D, 2542257E3912591AC4902FF08E43C46CC91BA97D67EED9375CC5DB5DEE71797F ] VAIO Entertainment TV Device Arbitration Service C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
18:06:58.0614 0x25ec VAIO Entertainment TV Device Arbitration Service - detected UnsignedFile.Multi.Generic ( 1 )
18:07:01.0081 0x25ec Detect skipped due to KSN trusted
18:07:01.0081 0x25ec VAIO Entertainment TV Device Arbitration Service - ok
18:07:01.0246 0x25ec [ 218F78B39832A2A0761CE2422828A57C, 008056848A7C2F5205A5B4B3719A68C75348058F1022A4259E3FC155D9FFD49A ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
18:07:01.0296 0x25ec VAIO Event Service - ok
18:07:01.0387 0x25ec [ 1CF1A4DD7A58C966C9014B83C7229CF3, 950799BF8DA7B6125FB6D373F1EB64C9E0E2B80C7C849F1776C4B4B9820988C0 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
18:07:01.0444 0x25ec VAIO Power Management - ok
18:07:01.0468 0x25ec [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
18:07:01.0503 0x25ec VaultSvc - ok
18:07:01.0561 0x25ec [ 917FB366B6CF2834CDBF9256D18A8FF0, 87CAF895B73FE2E3A7CCA0302DAC5056233228079A7A8EE20CFE246BBB14B89D ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
18:07:01.0621 0x25ec VCFw - ok
18:07:01.0680 0x25ec [ 10E212BFB7EAB152A64C1AAEC2F7F4E0, 2ECAF721B94C2C89FF32547547368DDC747D2F3CE335F0DC95B4E296F263BD82 ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
18:07:01.0724 0x25ec VcmIAlzMgr - ok
18:07:01.0756 0x25ec [ 7A88CFD3FE99F2C9B95A6E2A08B96E14, E9CDC538293603A2AE206867E939BEEE6DD8ED5687B83BA7173D25D2A0192B74 ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
18:07:01.0804 0x25ec VcmINSMgr - ok
18:07:01.0841 0x25ec [ 8EFAACCC7BFA1E9031EFDFB01A1B0D69, 43415C27E10F39A4AA32102EE700D08EC0700AD854FBF31FDF8B93F4C3CE1D72 ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
18:07:01.0885 0x25ec VcmXmlIfHelper - ok
18:07:01.0932 0x25ec [ 7CBA5728C50FCDFBB87FF9C2DCE881B0, CE12024F548B9380F90C559CB3448FD0CD4393061E9B0EDDAE8F13FBB100762D ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe
18:07:01.0986 0x25ec VCService - ok
18:07:02.0003 0x25ec [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:07:02.0033 0x25ec vdrvroot - ok
18:07:02.0103 0x25ec [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
18:07:02.0218 0x25ec vds - ok
18:07:02.0245 0x25ec [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:07:02.0280 0x25ec vga - ok
18:07:02.0298 0x25ec [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:07:02.0360 0x25ec VgaSave - ok
18:07:02.0420 0x25ec [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:07:02.0480 0x25ec vhdmp - ok
18:07:02.0528 0x25ec [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
18:07:02.0570 0x25ec viaide - ok
18:07:02.0590 0x25ec [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:07:02.0614 0x25ec volmgr - ok
18:07:02.0675 0x25ec [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:07:02.0725 0x25ec volmgrx - ok
18:07:02.0755 0x25ec [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:07:02.0792 0x25ec volsnap - ok
18:07:02.0817 0x25ec [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:07:02.0852 0x25ec vsmraid - ok
18:07:02.0912 0x25ec [ 047F22BDFDAE6DF6F1E47E747A1237A2, D6B6996B0E3BB95A71FB425BD47294A175D29F258BAA7CDD167ABB477B56D5DB ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
18:07:02.0972 0x25ec VSNService - detected UnsignedFile.Multi.Generic ( 1 )
18:07:05.0419 0x25ec Detect skipped due to KSN trusted
18:07:05.0419 0x25ec VSNService - ok
18:07:05.0571 0x25ec [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
18:07:05.0720 0x25ec VSS - ok
18:07:05.0873 0x25ec [ C1FAE2E81955DCCD79034A23EC4F3F37, 61B6477C6068B5542D3EE9C6336FBD7589F1CFFD3E850473A539619033533286 ] VUAgent C:\Program Files\Sony\VAIO Update\vuagent.exe
18:07:05.0957 0x25ec VUAgent - ok
18:07:05.0976 0x25ec [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:07:06.0014 0x25ec vwifibus - ok
18:07:06.0040 0x25ec [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:07:06.0069 0x25ec vwififlt - ok
18:07:06.0112 0x25ec [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
18:07:06.0190 0x25ec W32Time - ok
18:07:06.0224 0x25ec [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:07:06.0248 0x25ec WacomPen - ok
18:07:06.0298 0x25ec [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:07:06.0365 0x25ec WANARP - ok
18:07:06.0379 0x25ec [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:07:06.0435 0x25ec Wanarpv6 - ok
18:07:06.0534 0x25ec [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:07:06.0619 0x25ec WatAdminSvc - ok
18:07:06.0732 0x25ec [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
18:07:06.0866 0x25ec wbengine - ok
18:07:06.0896 0x25ec [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:07:06.0958 0x25ec WbioSrvc - ok
18:07:07.0014 0x25ec [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:07:07.0090 0x25ec wcncsvc - ok
18:07:07.0116 0x25ec [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:07:07.0167 0x25ec WcsPlugInService - ok
18:07:07.0201 0x25ec [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
18:07:07.0233 0x25ec Wd - ok
18:07:07.0304 0x25ec [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:07:07.0369 0x25ec Wdf01000 - ok
18:07:07.0393 0x25ec [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:07:07.0507 0x25ec WdiServiceHost - ok
18:07:07.0524 0x25ec [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:07:07.0559 0x25ec WdiSystemHost - ok
18:07:07.0614 0x25ec [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
18:07:07.0660 0x25ec WebClient - ok
18:07:07.0690 0x25ec [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:07:07.0762 0x25ec Wecsvc - ok
18:07:07.0786 0x25ec [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:07:07.0839 0x25ec wercplsupport - ok
18:07:07.0859 0x25ec [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
18:07:07.0929 0x25ec WerSvc - ok
18:07:07.0951 0x25ec [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:07:08.0010 0x25ec WfpLwf - ok
18:07:08.0033 0x25ec [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:07:08.0061 0x25ec WIMMount - ok
18:07:08.0093 0x25ec WinDefend - ok
18:07:08.0119 0x25ec WinHttpAutoProxySvc - ok
18:07:08.0188 0x25ec [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:07:08.0266 0x25ec Winmgmt - ok
18:07:08.0375 0x25ec [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
18:07:08.0533 0x25ec WinRM - ok
18:07:08.0608 0x25ec [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:07:08.0656 0x25ec WinUsb - ok
18:07:08.0704 0x25ec [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:07:08.0793 0x25ec Wlansvc - ok
18:07:08.0846 0x25ec [ 680A7846370000D20D7E74917D5B7936, 55B77B358039672845D361CA4205F3482D1F30A4654B610FD785A1337EFDC316 ] WmBEnum C:\Windows\system32\drivers\WmBEnum.sys
18:07:08.0866 0x25ec WmBEnum - ok
18:07:08.0920 0x25ec [ 14C35BA8189C6F65D839163AA285E954, 8981AA488320C75E26E1ABDF884B721A4065F5D28F54782598B03F21B8CDC020 ] WmFilter C:\Windows\system32\drivers\WmFilter.sys
18:07:08.0965 0x25ec WmFilter - ok
18:07:08.0992 0x25ec [ AC4331AF118A720F13C9C5CABBFE27BD, 2C5F453996B00078F3E8E731F6B3DD4529831BDA2146EAFC66727C9460E85112 ] WmHidLo C:\Windows\system32\drivers\WmHidLo.sys
18:07:09.0019 0x25ec WmHidLo - ok
18:07:09.0041 0x25ec [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:07:09.0074 0x25ec WmiAcpi - ok
18:07:09.0122 0x25ec [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:07:09.0164 0x25ec wmiApSrv - ok
18:07:09.0200 0x25ec WMPNetworkSvc - ok
18:07:09.0221 0x25ec [ 8488DD91A3EE54A8E29F02AD7BB8201E, D428ED991D9E4A8765C240B21884A262854278698D60862117AC5949713231F9 ] WmVirHid C:\Windows\system32\drivers\WmVirHid.sys
18:07:09.0277 0x25ec WmVirHid - ok
18:07:09.0312 0x25ec [ 14802B3A30AA849C97CB968CCC813BF3, 330AD828ABD040ECDBF58F7162978CD61BFC093CAD404FD2BCAC74E3F2EC542A ] WmXlCore C:\Windows\system32\drivers\WmXlCore.sys
18:07:09.0335 0x25ec WmXlCore - ok
18:07:09.0365 0x25ec [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:07:09.0434 0x25ec WPCSvc - ok
18:07:09.0496 0x25ec [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:07:09.0561 0x25ec WPDBusEnum - ok
18:07:09.0585 0x25ec [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:07:09.0647 0x25ec ws2ifsl - ok
18:07:09.0674 0x25ec [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
18:07:09.0720 0x25ec wscsvc - ok
18:07:09.0780 0x25ec [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
18:07:09.0823 0x25ec WSDPrintDevice - ok
18:07:09.0836 0x25ec WSearch - ok
18:07:09.0987 0x25ec [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
18:07:10.0198 0x25ec wuauserv - ok
18:07:10.0238 0x25ec [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:07:10.0322 0x25ec WudfPf - ok
18:07:10.0378 0x25ec [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:07:10.0437 0x25ec WUDFRd - ok
18:07:10.0492 0x25ec [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:07:10.0556 0x25ec wudfsvc - ok
18:07:10.0618 0x25ec [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
18:07:10.0699 0x25ec WwanSvc - ok
18:07:10.0763 0x25ec [ 6AFFD75C6807B3DD3AB018E27B88EF95, 42D9980F87CE5688227E42E9809D4F239C9377737AC5A6FB2CC88C12F79781DC ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
18:07:10.0869 0x25ec yukonw7 - ok
18:07:10.0909 0x25ec ================ Scan global ===============================
18:07:10.0986 0x25ec [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
18:07:11.0038 0x25ec [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:07:11.0065 0x25ec [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:07:11.0090 0x25ec [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:07:11.0125 0x25ec [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
18:07:11.0150 0x25ec [ Global ] - ok
18:07:11.0151 0x25ec ================ Scan MBR ==================================
18:07:11.0163 0x25ec [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:07:11.0537 0x25ec \Device\Harddisk0\DR0 - ok
18:07:11.0543 0x25ec [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
18:07:11.0609 0x25ec \Device\Harddisk1\DR1 - ok
18:07:11.0610 0x25ec ================ Scan VBR ==================================
18:07:11.0615 0x25ec [ 15C93769430BE009ED9E7A7611FF0000 ] \Device\Harddisk0\DR0\Partition1
18:07:11.0618 0x25ec \Device\Harddisk0\DR0\Partition1 - ok
18:07:11.0650 0x25ec [ 8426C4EFA9DB8FE05C475AAF4144265D ] \Device\Harddisk0\DR0\Partition2
18:07:11.0653 0x25ec \Device\Harddisk0\DR0\Partition2 - ok
18:07:11.0658 0x25ec [ C5E38AF789AA7D3196A1D545AFCEB7D2 ] \Device\Harddisk1\DR1\Partition1
18:07:11.0660 0x25ec \Device\Harddisk1\DR1\Partition1 - ok
18:07:11.0661 0x25ec ================ Scan generic autorun ======================
18:07:11.0661 0x25ec Apoint - ok
18:07:11.0752 0x25ec [ 0104F4CA73154C23FFB449501F6D2D53, 0610AC01C06CC15D67F11C0EE00097A4D0A56B9EED16489FD3306EC2E1E6F301 ] C:\Program Files\Logitech\Gaming Software\LWEMon.exe
18:07:11.0809 0x25ec Start WingMan Profiler - ok
18:07:11.0844 0x25ec [ EF4BF6AB09A06867104DAC48DF35E779, 8B459DB06DF1CAC2B35B041D3DD5C0C15B6A942CC38CE31FD2D0883EC2C0AA22 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
18:07:11.0881 0x25ec IAStorIcon - ok
18:07:11.0917 0x25ec [ 90D7972A9F2463E5AFBF6637A3EF61D0, B231471D563540DC8BFD0AF6D4E73E32969556511B9AC3ACDC733FA5AA0A9ED0 ] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
18:07:11.0960 0x25ec ISBMgr.exe - ok
18:07:11.0998 0x25ec [ 323402CA932682F8E698BE9695BCAE15, 567FA8CB2536322B4A1A36AA4017860650EFBA583340C2AB20EED436583F8754 ] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe
18:07:12.0042 0x25ec NortonOnlineBackupReminder - ok
18:07:12.0105 0x25ec [ 88C7319B0D171537A59520FE4DD8C357, EDE64778648E8DA5AA59B69F28C24F2B529D41859C38EE2FB6F5C4C857894E89 ] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
18:07:12.0222 0x25ec PMBVolumeWatcher - ok
18:07:12.0304 0x25ec [ 4DE3EF07E0854547309C6B40235A9D44, F73D8E6D98583865D1C8DB728058D83C72A3908E21E04EF313FCB829C040A1EC ] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe
18:07:12.0344 0x25ec ControlCenter3 - detected UnsignedFile.Multi.Generic ( 1 )
18:07:14.0809 0x25ec Detect skipped due to KSN trusted
18:07:14.0809 0x25ec ControlCenter3 - ok
18:07:14.0913 0x25ec [ 640609646D2E6F805E89238F0ADD3A1A, 6E919DD8C93B4F1B7AA00404DDF11FDAA7C050C49028480C8E28F2DF99E99FED ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
18:07:15.0046 0x25ec BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )
18:07:17.0491 0x25ec Detect skipped due to KSN trusted
18:07:17.0491 0x25ec BrStsMon00 - ok
18:07:17.0549 0x25ec [ 545676F48851A5C65A38CAE5B5518C95, F7CD893B8198AA22347CB96A61C258217FA0A1B1CC1733784B5FD84A7B208264 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
18:07:17.0581 0x25ec APSDaemon - ok
18:07:17.0654 0x25ec [ 04679E0DC30077EC1164BE82F2A2ADC9, E0193F0AE484DED0DD7F81407F0D98AC071F34358B9EA554DE3ADFC3BA1CBD60 ] C:\Program Files\McAfee.com\Agent\mcagent.exe
18:07:17.0721 0x25ec mcui_exe - ok
18:07:17.0750 0x25ec [ 04679E0DC30077EC1164BE82F2A2ADC9, E0193F0AE484DED0DD7F81407F0D98AC071F34358B9EA554DE3ADFC3BA1CBD60 ] C:\Program Files\McAfee.com\Agent\mcagent.exe
18:07:17.0781 0x25ec mcpltui_exe - ok
18:07:17.0868 0x25ec [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
18:07:17.0942 0x25ec Adobe ARM - ok
18:07:18.0034 0x25ec [ 08E7173D1B74095335052459200CB1EA, 5B6EB8A65B5F451BF6115EB7CD1355E5870E6D764F22D767D13216BF17C5668F ] C:\Program Files (x86)\QuickTime\QTTask.exe
18:07:18.0088 0x25ec QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
18:07:20.0579 0x25ec Detect skipped due to KSN trusted
18:07:20.0580 0x25ec QuickTime Task - ok
18:07:20.0659 0x25ec [ 308F2EE28005510DE616409148CF077B, A2126CB185B0053086BDD6F0A16A503F6CA629AC677E4B7AE6D43C770061D087 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
18:07:20.0694 0x25ec SunJavaUpdateSched - ok
18:07:20.0764 0x25ec [ D88B2D487439305A2EC308A6796C3044, 79DF0A41ECB08D5BEB3393B2BA15E6C88AD626803E1734EFBA0DBE4ECF7274D7 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
18:07:20.0808 0x25ec iTunesHelper - ok
18:07:20.0921 0x25ec [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
18:07:21.0056 0x25ec Sidebar - ok
18:07:21.0091 0x25ec [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
18:07:21.0112 0x25ec swg - ok
18:07:21.0225 0x25ec [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:07:21.0321 0x25ec Sidebar - ok
18:07:21.0351 0x25ec [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:07:21.0393 0x25ec mctadmin - ok
18:07:21.0396 0x25ec Waiting for KSN requests completion. In queue: 10
18:07:22.0396 0x25ec Waiting for KSN requests completion. In queue: 10
18:07:23.0396 0x25ec Waiting for KSN requests completion. In queue: 6
18:07:24.0611 0x25ec AV detected via SS2: McAfee Anti-Virus und Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x51000 ( enabled : updated )
18:07:24.0615 0x25ec FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x51010 ( enabled )
18:07:27.0083 0x25ec ============================================================
18:07:27.0083 0x25ec Scan finished
18:07:27.0083 0x25ec ============================================================
18:07:27.0102 0x2740 Detected object count: 0
18:07:27.0102 0x2740 Actual detected object count: 0
18:07:42.0523 0x1930 Deinitialize success
|
|
22.10.2014, 12:16
| #4 |
| /// the machine /// TB-Ausbilder | Windows 7, von meinem Yahoo Account werden scheinbar Spam-Mails verschickt Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
22.10.2014, 12:33
| #5 |
| | Windows 7, von meinem Yahoo Account werden scheinbar Spam-Mails verschickt Hi schrauber, danke für die Hinweise. Werde alles heute Abend durchführen. Kurze Verständnisfragen zu deiner Anweisung "Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden." Ich vermute Du meinst mein McAfee Internetsecurity. Wann genau ist es erforderlich, das zu beenden? Erst vor dem Start von Junkware Removal Tool oder schon vor dem Start von MBAM bzw. AdwCleaner? Brauchen die Tools beim Scannen ne Internetverbindung oder kann ich die trennen? Bin ungern mit deaktivierter Firewall / AV-Schutz online. Gruß Chris |
|
22.10.2014, 19:17
| #6 |
| /// the machine /// TB-Ausbilder | Windows 7, von meinem Yahoo Account werden scheinbar Spam-Mails verschickt Firewall kann an bleiben. Du surfst ja nit in der Zeit, also passiert da nix. Vor benutzen unserer Tools AV aus, und online bleiben.
__________________ --> Windows 7, von meinem Yahoo Account werden scheinbar Spam-Mails verschickt |
|
22.10.2014, 20:45
| #7 |
| | Windows 7, von meinem Yahoo Account werden scheinbar Spam-Mails verschickt Hi schrauber, alle Scans sind durchgeführt. Hier die Logfiles: MBAM: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 22.10.2014 Suchlauf-Zeit: 20:44:44 Logdatei: mbam.txt Administrator: Ja Version: 2.00.3.1025 Malware Datenbank: v2014.10.22.08 Rootkit Datenbank: v2014.10.21.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Chris Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 407720 Verstrichene Zeit: 14 Min, 16 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 1 PUP.Optional.Softonic.A, HKU\S-1-5-21-3461466893-888975716-1916642457-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\softonicToolbar, In Quarantäne, [7848e235285454e248e9b791fc07f010], Registrierungswerte: 0 (Keine schädliche Elemente erkannt) Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 8 PUP.Optional.OpenCandy, C:\Users\Chris\AppData\Roaming\OpenCandy, In Quarantäne, [97292ee97efe65d18c4303ec679b57a9], PUP.Optional.OpenCandy, C:\Users\Chris\AppData\Roaming\OpenCandy\D5E769DD8C24442D96EC40DF12959BC8, In Quarantäne, [97292ee97efe65d18c4303ec679b57a9], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\components, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\flgs, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SystemSpeedup, C:\Users\Chris\AppData\Roaming\systweak\ssd, In Quarantäne, [c6fa72a5ed8fbb7b8ae0cd3b35ce847c], Dateien: 94 PUP.Optional.OpenCandy.A, C:\Users\Chris\AppData\Roaming\OpenCandy\D5E769DD8C24442D96EC40DF12959BC8\Setupsft_chr_p1v7.exe, In Quarantäne, [b0103ed9ccb05dd9a46153a806fe53ad], PUP.Optional.Solimba, C:\Users\Chris\Downloads\Ccleaner.exe, In Quarantäne, [10b061b60f6dc07641b51f18e61aea16], PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\searchplugins\softonic.xml, In Quarantäne, [5c6473a47ffd6acc260764e4758e857b], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\chrome.manifest, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\install.rdf, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\components\FFDisp.dll, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\dpk.htm, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\hlprs.js, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\loader.xul, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\mtstart.js, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\serp.js, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\softonic.css, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\softonic.xul, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\tmplt.js, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\arwDwn.gif, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\closeo.png, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\help_16.gif, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\home.gif, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\icon_seperator.png, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\logo.PNG, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\privecy_16_hot.gif, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\sign.jpg, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\specialoffer.gif, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\tellafriend.gif, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\uninstall.gif, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\flgs\ae.png, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\flgs\bg.png, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\flgs\ch.png, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\flgs\cn.png, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\flgs\cz.png, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\flgs\de.png, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\flgs\eg.png, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\flgs\en.png, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\flgs\es.png, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\flgs\fr.png, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\flgs\gr.png, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\flgs\he.png, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\flgs\il.png, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\flgs\it.png, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\flgs\ja.png, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\flgs\jp.png, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\flgs\nl.png, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\flgs\no.png, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\flgs\pl.png, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\flgs\pt.png, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\flgs\ro.png, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\flgs\ru.png, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\flgs\sa.png, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\flgs\se.png, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\flgs\sv.png, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\flgs\tr.png, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\flgs\ua.png, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SoftTonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com\content\imgs\flgs\us.png, In Quarantäne, [7b451304384462d445e62acd6b97be42], PUP.Optional.SystemSpeedup, C:\Users\Chris\AppData\Roaming\systweak\ssd\SSDPTstub.exe, In Quarantäne, [c6fa72a5ed8fbb7b8ae0cd3b35ce847c], PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.admin", false);), Ersetzt,[ad13e4336f0d85b19f51b9a4d72e5aa6] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (ferences /* Do not edit this file. * ), Ersetzt,[b10f76a1d2aaf640529e60fddf26aa56] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (references /* Do not edit this file. * * If you make changes to this file ), Ersetzt,[dde3bc5bafcde74f955b0b5255b0e51b] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (e. * * If you make changes to this file while t), Ersetzt,[2f9137e0d1ab44f20de3a8b59c6929d7] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (ces /* Do not edit this file. * * If y), Ersetzt,[f0d00d0a2557d85ec52b75e850b517e9] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (eferences /* Do not edit this file. * * ), Ersetzt,[dee2eb2caece73c3856bdb8206ff06fa] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (erences /* Do not edit this file. * * If ), Ersetzt,[823ecc4b27558caae40c0a5334d1b947] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (rences /* Do not edit this file. * * If), Ersetzt,[635dcb4cd6a67eb8cc240c5161a4cc34] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (ferences /* Do not edit this file. * * If you make changes to this file while the application is running, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config */ user_pref("accessibility.blockautorefresh", true); user_pref("accessibility.typeaheadfind", true); user_pref("accessibility.typeaheadfind.flashBar", 0); user_pref("app.update.auto", false); user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1404332924); user_pref("app.update.lastUpdateTime.background-update-timer", 1404331993); user), Ersetzt,[823e30e70676b086bf3125389f6613ed] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (e.background-update-timer", 1404331993); user_pref("app.upd), Ersetzt,[952b1afdcbb139fd11dfcc914abbbc44] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: ( Do not edit this file. * * If you make chan), Ersetzt,[99274fc8057771c590603a2390757c84] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (rences /* Do not edit this file. * * If you m), Ersetzt,[aa16cb4c5a22d06632be15484abbe818] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (es /* Do not edit this file. * * If you make changes to this file whi), Ersetzt,[18a8f522d7a5c6705b951746e520d62a] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (s file. * * If you make changes to this ), Ersetzt,[5a66ba5d8eee4de9b9372f2e52b334cc] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (references /* Do not edit this file. * * If you make changes to this file while the application is running, * the changes will be ove), Ersetzt,[378920f7cbb147efc62a34299d6851af] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (tion is running, * the changes will be overwritten when the application exits. * * To mak), Ersetzt,[2c94b0672a52d264d41c223b9d68728e] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (you make changes to this file while the application is running, * the ), Ersetzt,[8f3156c1ef8dac8a925e184559ace51b] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: ( this file. * * If you make changes to this fil), Ersetzt,[5c6448cff28ae15558989cc14cb930d0] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (ces /* Do not edit this file. * * If you make c), Ersetzt,[e9d7b067423a9e98d51bff5e7e87da26] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: ( /* Do not edit this file. * * If you make changes to this file while the application), Ersetzt,[ebd536e1097300368769d68747beaa56] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (If you make changes to this file while the application is running), Ersetzt,[665a54c385f739fd14dc8fce3ec70df3] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (ot edit this file. * * If you make changes), Ersetzt,[813f12052d4f3cfaf1ff550854b102fe] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (ferences /* Do not edit this file. * * If you make changes to this file while the application is running, * the changes will be overwrit), Ersetzt,[3f8123f407753df92dc3d984a065af51] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (n is running, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config */ user_pref("accessibi), Ersetzt,[fac6cb4cbbc14fe7d020c59858adb24e] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (itten when the application exits. * * To make a), Ersetzt,[f9c74acd57254ee8bd334c118580b749] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (ces /* Do not edit this file. * * If you make ), Ersetzt,[c6faa86f4e2e58debe327fde5baafd03] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (s /* Do not edit this file. * * If you m), Ersetzt,[a719be598bf1e74fac4463faae575ea2] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (erences /* Do not edit this file. * *), Ersetzt,[1da340d7cab2300639b78fcee3229c64] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (references /* Do not edit this file. * * I), Ersetzt,[239df5224e2e3ef8658b0e4fa75eef11] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (ences /* Do not edit this file. * * If you make changes to this f), Ersetzt,[338d8d8a1666d660c42cc19ca461c63a] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: ( this file. * * If you make changes to this file while the application is running, * the changes will be overwritten when), Ersetzt,[3f816fa8ea9263d3ea061449b055d62a] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (ile the application is running, * the changes will be overwritten when the application exits. * * To make a manual change to prefere), Ersetzt,[16aa4acdbfbd290d98584d103dc8c23e] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (lication is running, * the changes will be overwritten ), Ersetzt,[f8c8a86f74086bcb17d95ffe45c0e917] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: ( /* Do not edit this file. * * If you make changes to this file while the application is running, * the changes will be overwritten when the a), Ersetzt,[dae6fd1abebeac8a00f0c598e71e40c0] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (s running, * the changes will be overwritten when), Ersetzt,[4878928583f971c55997baa345c01ee2] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (ces /* Do not edit this file. * * If you make changes ), Ersetzt,[358b64b3e09cb87e42ae6cf151b4f907] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (Do not edit this file. * * If you make changes t), Ersetzt,[bf0175a20577c175be32075625e0f20e] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=13&cc=&mi=121978d7000000000000002314b77990");), Ersetzt,[1ca464b31b6164d2e61481dcc14436ca] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (er_pref("app.update.lastUpdateTime.background-update-timer", 1404331993); user_pref("app.update.lastUpdateTime.blocklist-background-update-timer), Ersetzt,[d9e7cb4c7b01c37359a1adb0aa5b08f8] PUP.Optional.Softonic.A, C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\prefs.js, Gut: (), Schlecht: (dateTime.places-maintenance-timer", 1343692771); user_pref("app.update.lastUpdateTime.search-engine-update-timer", 1404331873); user_pref("app.upd), Ersetzt,[e6dada3d1b6140f6a1594d107491916f] Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v4.001 - Bericht erstellt am 22/10/2014 um 21:18:20
# DB v2014-10-21.1
# Aktualisiert 20/10/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Chris - CHRIS-VAIO
# Gestartet von : C:\Users\Chris\Desktop\AdwCleaner_4.001.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Users\Chris\AppData\LocalLow\FlagFox
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\Users\Chris\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\Chris\AppData\LocalLow\Softonic
Ordner Gelöscht : C:\Users\Chris\AppData\Roaming\Systweak
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\searchplugins\11-suche.xml
Datei Gelöscht : C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\user.js
Datei Gelöscht : C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{50F7F0BE-31BA-4145-BD8B-6B0DECFED804}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{06E58E5E-F8CB-4049-991E-A41C03BD419E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{43D9E6F0-1776-4897-AE14-ECEDECBAFEC0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B29-F830-49DE-A31B-5BB9D7F6B407}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{DCC70A83-E184-40A3-906B-779AF5E941C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C424171E-592A-415A-9EB1-DFD6D95D3530}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{06E58E5E-F8CB-4049-991E-A41C03BD419E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{43D9E6F0-1776-4897-AE14-ECEDECBAFEC0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B29-F830-49DE-A31B-5BB9D7F6B407}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{DCC70A83-E184-40A3-906B-779AF5E941C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Mozilla Firefox v
-\\ Google Chrome v37.0.2062.124
*************************
AdwCleaner[R0].txt - [8198 octets] - [22/10/2014 21:14:41]
AdwCleaner[S0].txt - [7864 octets] - [22/10/2014 21:18:20]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7924 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.21.2014:1)
OS: Windows 7 Home Premium x64
Ran by Chris on 22.10.2014 at 21:26:19,53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{F1CDE91D-3B6C-44B4-BAF8-9719505573B7}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] C:\ProgramData\CodedColor Common
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.10.2014 at 21:31:36,28
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-10-2014 Ran by Chris (administrator) on CHRIS-VAIO on 22-10-2014 21:38:30 Running from C:\Users\Chris\Desktop Loaded Profiles: Chris & UpdatusUser (Available profiles: Chris & UpdatusUser) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe (Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe (Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe (ALPS) C:\Program Files\Apoint\Apvfb.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe (Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe (InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe () C:\Program Files\Sony\VAIO Care\listener.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-03-17] (Alps Electric Co., Ltd.) HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-11-21] (Intel Corporation) HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [316784 2010-01-15] (Sony Corporation) HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [538472 2009-06-17] (Symantec Corporation) HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [597792 2010-01-21] (Sony Corporation) HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-02-09] (Brother Industries, Ltd.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.) HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.) HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.) HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKLM\...\Policies\Explorer: [NoFolderOptions] 0 HKU\S-1-5-21-3461466893-888975716-1916642457-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-06-17] (Google Inc.) HKU\S-1-5-21-3461466893-888975716-1916642457-1001\...\MountPoints2: {faa2d1b3-e211-11e2-803a-f07bcbdfce16} - D:\Setup.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () ShellIconOverlayIdentifiers: [MOBK] -> {3c3f3c1a-9153-7c05-f938-622e7003894d} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.) ShellIconOverlayIdentifiers: [MOBK2] -> {e6ea1d7d-144e-b977-98c4-84c53c1a69d0} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.) ShellIconOverlayIdentifiers: [MOBK3] -> {b4caf489-1eec-c617-49ad-8d7088598c06} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.) BootExecute: autocheck autochk * ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVED&bmod=EU01 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKCU - {0166E18D-59B5-46E5-BC35-98170E9AFF8B} URL = hxxp://de.shopping.com/?linkin_id=8056363 SearchScopes: HKCU - {0173D216-15FE-4C55-8059-3FD5417D5B7C} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie SearchScopes: HKCU - {25AC93C8-8AFB-41C2-AE29-951815BFEAA9} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms} SearchScopes: HKCU - {37838F35-F33B-43FF-966B-6C2F81F29222} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms} SearchScopes: HKCU - {40FCEB9A-88A3-429D-8D6F-9561273B211F} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = https://www.google.com/search?q={searchTerms}&rlz=1I7SVED_deDE398 SearchScopes: HKCU - {BC2A6D13-9B47-4F6E-A7F1-216142CAD8B2} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms} SearchScopes: HKCU - {E7DD11D1-255F-4AE5-9338-4EAABADBCC7C} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-0/4?satitle={searchTerms} SearchScopes: HKCU - {FD42AB9D-6DC3-4D09-B759-0BC1BCAED841} URL = https://de.search.yahoo.com/search?fr=mcafee&type=A011DE649&p={SearchTerms} BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus) BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\Sony\MSS\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Flagfox -> {A02B5E09-122E-4A2D-B996-D997485B8C9E} -> C:\Users\Chris\AppData\LocalLow\Flagfox\IE\Flagfox.dll No File BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus) Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH) Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll () FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll (McAfee, Inc.) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL () FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Chris\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\searchplugins\englische-ergebnisse.xml FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\searchplugins\gmx-suche.xml FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\searchplugins\lastminute.xml FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\searchplugins\webde-suche.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\Extensions\2020Player_IKEA@2020Technologies.com [2012-04-15] FF Extension: Flagfox - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\Extensions\info@flagfox.net [2012-03-15] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-11-13] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-11-13] FF Extension: No Name - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com [Not Found] FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found] Chrome: ======= CHR HomePage: Default -> hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=48&cc=&mi=121978d7000000000000002314b77990 CHR StartupUrls: Default -> "https://www.facebook.com/?ref=logo" CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter} CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05] CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-18] CHR Extension: (Google-Suche) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-18] CHR Extension: (SiteAdvisor) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2011-02-08] CHR Extension: (Google Wallet) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30] CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbjlpbcjbhgeeloohnpbcfblhnkhffm [2012-03-14] CHR Extension: (Google Mail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-18] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-10-16] CHR HKLM-x32\...\Chrome\Extension: [ildldcbkkbkhnjghnbidklpepakbepnd] - C:\Users\Chris\AppData\LocalLow\Flagfox\CHROME\Flagfox.crx [2014-10-16] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed] R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation) R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation) R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.) S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.) R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.) R2 MOBKbackup; C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [231224 2010-04-13] (McAfee, Inc.) R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2009-11-25] (Sonic Solutions) S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2009-11-25] (Sonic Solutions) R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-01] (Intel Corporation) R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.) S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation) S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [69632 2010-04-08] (Sony Corporation) [File not signed] S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [852336 2010-03-18] (Sony Corporation) R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [845312 2010-08-11] (Sony Corporation) [File not signed] R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation) S2 FlagfoxUpdater; "C:\Users\Chris\AppData\LocalLow\Flagfox\IE\FlagfoxUpdater.exe" -service [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation) S3 AF9035BDA; C:\Windows\System32\DRIVERS\AF15BDA.sys [514144 2009-10-02] (ITETech ) R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-22] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation) R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.) R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.) S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.) R1 MOBKFilter; C:\Windows\System32\DRIVERS\MOBK.sys [66040 2010-04-13] (Mozy, Inc.) R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-04-18] () S3 TVICHW32; C:\Windows\system32\DRIVERS\TVICHW32.SYS [21200 2010-09-21] (EnTech Taiwan) S3 TVICHW32; C:\Windows\SysWOW64\DRIVERS\TVICHW32.SYS [29536 2010-09-21] (EnTech Taiwan) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-22 21:38 - 2014-10-22 21:38 - 00000000 ____D () C:\Users\Chris\Desktop\FRST-OlderVersion 2014-10-22 21:31 - 2014-10-22 21:31 - 00001429 _____ () C:\Users\Chris\Desktop\JRT.txt 2014-10-22 21:26 - 2014-10-22 21:26 - 00000000 ____D () C:\Windows\ERUNT 2014-10-22 21:24 - 2014-10-22 21:24 - 01706144 _____ (Thisisu) C:\Users\Chris\Downloads\JRT.exe 2014-10-22 21:24 - 2014-10-22 21:24 - 01706144 _____ (Thisisu) C:\Users\Chris\Desktop\JRT.exe 2014-10-22 21:24 - 2014-10-22 21:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2014-10-22 21:21 - 2014-10-22 21:21 - 00008092 _____ () C:\Users\Chris\Desktop\AdwCleaner.txt 2014-10-22 21:14 - 2014-10-22 21:18 - 00000000 ____D () C:\AdwCleaner 2014-10-22 21:13 - 2014-10-22 21:12 - 01962496 _____ () C:\Users\Chris\Desktop\AdwCleaner_4.001.exe 2014-10-22 21:12 - 2014-10-22 21:12 - 01962496 _____ () C:\Users\Chris\Downloads\AdwCleaner_4.001.exe 2014-10-22 21:10 - 2014-10-22 21:10 - 00024408 _____ () C:\Users\Chris\Desktop\mbam.txt 2014-10-22 20:43 - 2014-10-22 21:22 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-10-22 20:42 - 2014-10-22 20:42 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-10-22 20:42 - 2014-10-22 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-10-22 20:42 - 2014-10-22 20:42 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-10-22 20:42 - 2014-10-22 20:42 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-10-22 20:42 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-10-22 20:42 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-10-22 20:42 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-10-22 20:39 - 2014-10-22 20:39 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Chris\Downloads\mbam-setup-2.0.3.1025.exe 2014-10-21 17:59 - 2014-10-21 17:57 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Chris\Desktop\tdsskiller.exe 2014-10-21 17:57 - 2014-10-21 17:57 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Chris\Downloads\tdsskiller.exe 2014-10-21 16:40 - 2014-10-21 16:41 - 00050327 _____ () C:\Users\Chris\Desktop\Addition.txt 2014-10-21 16:38 - 2014-10-22 21:38 - 00028069 _____ () C:\Users\Chris\Desktop\FRST.txt 2014-10-21 16:38 - 2014-10-22 21:38 - 00000000 ____D () C:\FRST 2014-10-21 16:37 - 2014-10-22 21:38 - 02112000 _____ (Farbar) C:\Users\Chris\Desktop\FRST64.exe 2014-10-21 16:35 - 2014-10-21 16:35 - 00000472 _____ () C:\Users\Chris\Desktop\defogger_disable.log 2014-10-21 16:35 - 2014-10-21 16:35 - 00000000 _____ () C:\Users\Chris\defogger_reenable 2014-10-21 16:34 - 2014-10-21 16:34 - 00050477 _____ () C:\Users\Chris\Downloads\Defogger.exe 2014-10-21 16:34 - 2014-10-21 16:34 - 00050477 _____ () C:\Users\Chris\Desktop\Defogger.exe 2014-10-21 14:53 - 2014-10-21 18:02 - 00024731 _____ () C:\Users\Chris\Documents\Lasagne Rezept.odt 2014-10-16 19:37 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-10-16 19:37 - 2014-08-29 04:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2014-10-16 19:37 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL 2014-10-16 19:37 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL 2014-10-16 19:37 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL 2014-10-16 19:37 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL 2014-10-16 19:37 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL 2014-10-16 19:37 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL 2014-10-16 19:37 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL 2014-10-16 19:37 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL 2014-10-16 19:37 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL 2014-10-16 19:37 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL 2014-10-16 19:37 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls 2014-10-16 19:37 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls 2014-10-16 19:37 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2014-10-16 19:37 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll 2014-10-16 19:37 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll 2014-10-16 19:37 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2014-10-16 19:37 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll 2014-10-16 19:37 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2014-10-16 19:36 - 2014-10-10 04:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-10-16 19:36 - 2014-10-10 04:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-10-16 19:36 - 2014-10-10 04:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-10-16 19:36 - 2014-10-07 04:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-10-16 19:36 - 2014-10-07 04:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-10-16 19:36 - 2014-09-26 00:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-10-16 19:36 - 2014-09-26 00:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-10-16 19:36 - 2014-09-26 00:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-10-16 19:36 - 2014-09-26 00:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-10-16 19:36 - 2014-09-26 00:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-10-16 19:36 - 2014-09-26 00:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-10-16 19:36 - 2014-09-26 00:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-10-16 19:36 - 2014-09-19 04:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-10-16 19:36 - 2014-09-19 03:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-10-16 19:36 - 2014-09-19 03:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-10-16 19:36 - 2014-09-19 03:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-10-16 19:36 - 2014-09-19 03:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-10-16 19:36 - 2014-09-19 03:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-10-16 19:36 - 2014-09-19 03:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-10-16 19:36 - 2014-09-19 03:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-10-16 19:36 - 2014-09-19 03:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-10-16 19:36 - 2014-09-19 03:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-10-16 19:36 - 2014-09-19 03:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-10-16 19:36 - 2014-09-19 03:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-10-16 19:36 - 2014-09-19 03:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-10-16 19:36 - 2014-09-19 03:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-10-16 19:36 - 2014-09-19 03:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-10-16 19:36 - 2014-09-19 03:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-10-16 19:36 - 2014-09-19 03:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-10-16 19:36 - 2014-09-19 03:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-10-16 19:36 - 2014-09-19 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-10-16 19:36 - 2014-09-19 03:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-10-16 19:36 - 2014-09-19 03:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-10-16 19:36 - 2014-09-19 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-10-16 19:36 - 2014-09-19 03:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-10-16 19:36 - 2014-09-19 03:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-10-16 19:36 - 2014-09-19 03:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-10-16 19:36 - 2014-09-19 03:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-10-16 19:36 - 2014-09-19 02:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-10-16 19:36 - 2014-09-19 02:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-10-16 19:36 - 2014-09-19 02:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-10-16 19:36 - 2014-09-19 02:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-10-16 19:36 - 2014-09-19 02:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-10-16 19:36 - 2014-09-19 02:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-10-16 19:36 - 2014-09-19 02:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-10-16 19:36 - 2014-09-19 02:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-10-16 19:36 - 2014-09-19 02:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-10-16 19:36 - 2014-09-19 02:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-10-16 19:36 - 2014-09-19 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-10-16 19:36 - 2014-09-19 02:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-10-16 19:36 - 2014-09-19 02:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-10-16 19:36 - 2014-09-19 02:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-10-16 19:36 - 2014-09-19 02:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-10-16 19:36 - 2014-09-19 02:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-10-16 19:36 - 2014-09-19 02:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-10-16 19:36 - 2014-09-19 01:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-10-16 19:36 - 2014-09-19 01:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-10-16 19:36 - 2014-09-19 01:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-10-16 19:36 - 2014-09-19 01:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-10-16 19:33 - 2014-09-18 04:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-10-16 19:33 - 2014-09-18 03:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-10-16 19:32 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-10-16 19:32 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2014-10-16 19:32 - 2014-09-05 04:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-10-16 19:32 - 2014-09-05 03:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-10-16 19:32 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2014-10-16 19:32 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll 2014-10-16 19:32 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-10-16 19:32 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-10-16 19:32 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll 2014-10-16 19:32 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2014-10-16 19:32 - 2014-07-17 04:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-10-16 19:32 - 2014-07-17 04:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-10-16 19:32 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll 2014-10-16 19:32 - 2014-07-17 03:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-10-16 19:32 - 2014-07-17 03:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-10-16 19:32 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2014-10-16 19:32 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2014-10-15 11:03 - 2014-10-15 11:03 - 00000418 _____ () C:\Users\Chris\Downloads\GDA-ORGAcheck 15-10-2014 (1).gda 2014-10-15 11:02 - 2014-10-15 11:02 - 00000418 _____ () C:\Users\Chris\Downloads\GDA-ORGAcheck 15-10-2014.gda 2014-10-01 14:48 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2014-10-01 14:48 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2014-09-30 08:10 - 2014-09-30 08:10 - 00001141 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk 2014-09-29 08:02 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-09-29 08:02 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-09-22 21:44 - 2014-09-22 21:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-09-22 21:43 - 2014-09-22 21:44 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-09-22 21:43 - 2014-09-22 21:44 - 00000000 ____D () C:\Program Files\iTunes 2014-09-22 21:43 - 2014-09-22 21:44 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-09-22 21:43 - 2014-09-22 21:43 - 00000000 ____D () C:\Program Files\iPod 2014-09-22 09:51 - 2014-09-22 09:52 - 00000000 ____D () C:\Users\Chris\Documents\2014-09-22 Datensicherung Fotos iPhone ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-22 21:37 - 2010-06-17 07:32 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-10-22 21:37 - 2010-06-17 07:32 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-10-22 21:28 - 2009-07-14 06:45 - 00018928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-10-22 21:28 - 2009-07-14 06:45 - 00018928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-10-22 21:27 - 2013-02-28 20:27 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-10-22 21:25 - 2010-06-17 07:24 - 01166926 _____ () C:\Windows\WindowsUpdate.log 2014-10-22 21:19 - 2014-03-02 18:08 - 00045764 _____ () C:\Windows\PFRO.log 2014-10-22 21:19 - 2014-03-02 18:08 - 00011671 _____ () C:\Windows\setupact.log 2014-10-22 21:19 - 2010-03-26 00:17 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-10-22 21:19 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-10-22 21:10 - 2013-07-21 03:05 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3461466893-888975716-1916642457-1001UA.job 2014-10-22 18:51 - 2010-09-20 21:06 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2939C52E-8CED-4836-BCA9-A203DC71A142} 2014-10-21 21:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-10-21 16:35 - 2010-09-20 20:57 - 00000000 ____D () C:\Users\Chris 2014-10-17 20:48 - 2009-07-14 06:45 - 00315136 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-10-17 20:45 - 2014-05-06 22:46 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-10-16 21:43 - 2013-08-15 22:54 - 00000000 ____D () C:\Windows\system32\MRT 2014-10-16 21:37 - 2010-09-20 21:48 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-10-08 16:31 - 2010-06-17 17:19 - 00699682 _____ () C:\Windows\system32\perfh007.dat 2014-10-08 16:31 - 2010-06-17 17:19 - 00149790 _____ () C:\Windows\system32\perfc007.dat 2014-10-08 16:31 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-10-07 20:57 - 2011-10-06 23:48 - 00000000 ____D () C:\Users\Chris\Documents\Bewerbung 2014-10-01 14:39 - 2010-09-20 21:21 - 00000000 ____D () C:\Update 2014-09-30 08:17 - 2010-06-17 07:34 - 00000000 ____D () C:\Program Files\Sony 2014-09-30 08:11 - 2011-04-13 23:58 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation 2014-09-30 08:11 - 2010-03-26 01:44 - 00000000 ____D () C:\ProgramData\Sony Corporation 2014-09-30 08:10 - 2010-03-26 00:14 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-09-30 08:01 - 2014-01-29 15:50 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-09-30 07:57 - 2013-02-28 20:27 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-09-29 08:27 - 2013-01-04 12:20 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-09-29 08:27 - 2011-12-20 09:40 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-09-22 14:26 - 2011-11-07 20:57 - 00000000 ____D () C:\Program Files\Common Files\McAfee Some content of TEMP: ==================== C:\Users\Chris\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe C:\Users\Chris\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe C:\Users\Chris\AppData\Local\Temp\Quarantine.exe C:\Users\Chris\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-16 21:11 ==================== End Of Log ============================ |
|
23.10.2014, 19:32
| #8 |
| /// the machine /// TB-Ausbilder | Windows 7, von meinem Yahoo Account werden scheinbar Spam-Mails verschicktESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
25.10.2014, 09:02
| #9 |
| | Windows 7, von meinem Yahoo Account werden scheinbar Spam-Mails verschickt Hi schrauber, hier die neuen Logs: ESET: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=fd62029ee7b30e41867dea59431fac95
# engine=20756
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-10-24 11:08:28
# local_time=2014-10-24 01:08:28 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='McAfee Anti-Virus and Anti-Spyware'
# compatibility_mode=5124 16777214 100 100 2760097 100563924 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 29881341 165778758 0 0
# scanned=284797
# found=7
# cleaned=0
# scan_time=20418
sh=0FD7F3F732BFBD0956BB319E25F361E2AE6D8F12 ft=1 fh=a33b31cb5f52c3c7 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=28B8FBFB1E9B8AF042DF59553EF38EC3062BD10D ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Chris\AppData\Roaming\AusLogics\Rescue\Sony Maintenance\140131143426801.rsc"
sh=976B9D326B319E764945EE4684AC95B6693E3ED2 ft=1 fh=f607d9e8386e3a49 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Chris\Downloads\mp4-to-mp3-converter-3-0-5.exe"
sh=9F607B0D05103DF3D08A50A26753BBE7106835B1 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Montiera.I evtl. unerwünschte Anwendung" ac=I fn="G:\CHRIS-VAIO\Backup Set 2014-07-13 150609\Backup Files 2014-07-13 150609\Backup files 36.zip"
sh=7C10614FB6C97CCFCD58CC0ADA00F2851A982EE7 ft=0 fh=0000000000000000 vn="Variante von Win32/FirseriaInstaller.F evtl. unerwünschte Anwendung" ac=I fn="G:\CHRIS-VAIO\Backup Set 2014-07-13 150609\Backup Files 2014-07-13 150609\Backup files 57.zip"
sh=05D806FDF5122B862C075BBDF0796F59CBBE9725 ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="G:\CHRIS-VAIO\Backup Set 2014-07-13 150609\Backup Files 2014-07-13 150609\Backup files 58.zip"
sh=96290590B5B478D3EA4522E8CC915F69C4EA9A76 ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="G:\CHRIS-VAIO\Backup Set 2014-07-13 150609\Backup Files 2014-07-13 150609\Backup files 104.zip"
Code:
ATTFilter Results of screen317's Security Check version 0.99.89 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` McAfee Anti-Virus und Anti-Spyware WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` McAfee SiteAdvisor Java 7 Update 67 Adobe Flash Player 15.0.0.152 Adobe Reader XI Google Chrome 37.0.2062.120 Google Chrome 37.0.2062.124 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Malwarebytes Anti-Malware mbamscheduler.exe McAfee Online Backup MOBKbackup.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-10-2014 Ran by Chris (administrator) on CHRIS-VAIO on 25-10-2014 09:46:17 Running from C:\Users\Chris\Desktop Loaded Profiles: Chris & UpdatusUser (Available profiles: Chris & UpdatusUser) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe (Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe (ALPS) C:\Program Files\Apoint\Apvfb.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe (Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe (Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Microsoft Corporation) C:\Windows\ehome\mcupdate.exe () C:\Program Files\Sony\VAIO Care\listener.exe (Microsoft Corporation) C:\Windows\ehome\ehsched.exe (Microsoft Corporation) C:\Windows\ehome\ehtray.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-03-17] (Alps Electric Co., Ltd.) HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-11-21] (Intel Corporation) HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [316784 2010-01-15] (Sony Corporation) HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [538472 2009-06-17] (Symantec Corporation) HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [597792 2010-01-21] (Sony Corporation) HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-02-09] (Brother Industries, Ltd.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.) HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.) HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.) HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKLM\...\Policies\Explorer: [NoFolderOptions] 0 HKU\S-1-5-21-3461466893-888975716-1916642457-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-06-17] (Google Inc.) HKU\S-1-5-21-3461466893-888975716-1916642457-1001\...\MountPoints2: {faa2d1b3-e211-11e2-803a-f07bcbdfce16} - D:\Setup.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () ShellIconOverlayIdentifiers: [MOBK] -> {3c3f3c1a-9153-7c05-f938-622e7003894d} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.) ShellIconOverlayIdentifiers: [MOBK2] -> {e6ea1d7d-144e-b977-98c4-84c53c1a69d0} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.) ShellIconOverlayIdentifiers: [MOBK3] -> {b4caf489-1eec-c617-49ad-8d7088598c06} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll (McAfee, Inc.) BootExecute: autocheck autochk * ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVED&bmod=EU01 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKCU - {0166E18D-59B5-46E5-BC35-98170E9AFF8B} URL = hxxp://de.shopping.com/?linkin_id=8056363 SearchScopes: HKCU - {0173D216-15FE-4C55-8059-3FD5417D5B7C} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie SearchScopes: HKCU - {25AC93C8-8AFB-41C2-AE29-951815BFEAA9} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms} SearchScopes: HKCU - {37838F35-F33B-43FF-966B-6C2F81F29222} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms} SearchScopes: HKCU - {40FCEB9A-88A3-429D-8D6F-9561273B211F} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = https://www.google.com/search?q={searchTerms}&rlz=1I7SVED_deDE398 SearchScopes: HKCU - {BC2A6D13-9B47-4F6E-A7F1-216142CAD8B2} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms} SearchScopes: HKCU - {E7DD11D1-255F-4AE5-9338-4EAABADBCC7C} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-0/4?satitle={searchTerms} SearchScopes: HKCU - {FD42AB9D-6DC3-4D09-B759-0BC1BCAED841} URL = https://de.search.yahoo.com/search?fr=mcafee&type=A011DE649&p={SearchTerms} BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus) BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\Sony\MSS\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Flagfox -> {A02B5E09-122E-4A2D-B996-D997485B8C9E} -> C:\Users\Chris\AppData\LocalLow\Flagfox\IE\Flagfox.dll No File BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus) Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH) Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll () FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll (McAfee, Inc.) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL () FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Chris\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\searchplugins\englische-ergebnisse.xml FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\searchplugins\gmx-suche.xml FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\searchplugins\lastminute.xml FF SearchPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\searchplugins\webde-suche.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\Extensions\2020Player_IKEA@2020Technologies.com [2012-04-15] FF Extension: Flagfox - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\Extensions\info@flagfox.net [2012-03-15] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-11-13] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-11-13] FF Extension: No Name - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\xy1naqif.default\extensions\ffxtlbra@softonic.com [Not Found] FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found] Chrome: ======= CHR HomePage: Default -> hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=48&cc=&mi=121978d7000000000000002314b77990 CHR StartupUrls: Default -> "https://www.facebook.com/?ref=logo" CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter} CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05] CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-18] CHR Extension: (Google-Suche) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-18] CHR Extension: (SiteAdvisor) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2011-02-08] CHR Extension: (Google Wallet) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30] CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbjlpbcjbhgeeloohnpbcfblhnkhffm [2012-03-14] CHR Extension: (Google Mail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-18] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-10-16] CHR HKLM-x32\...\Chrome\Extension: [ildldcbkkbkhnjghnbidklpepakbepnd] - C:\Users\Chris\AppData\LocalLow\Flagfox\CHROME\Flagfox.crx [2014-10-16] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed] R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation) R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation) R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.) S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.) R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.) R2 MOBKbackup; C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [231224 2010-04-13] (McAfee, Inc.) R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2009-11-25] (Sonic Solutions) S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2009-11-25] (Sonic Solutions) R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-01] (Intel Corporation) R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.) S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation) S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [69632 2010-04-08] (Sony Corporation) [File not signed] S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [852336 2010-03-18] (Sony Corporation) R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [845312 2010-08-11] (Sony Corporation) [File not signed] R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation) S2 FlagfoxUpdater; "C:\Users\Chris\AppData\LocalLow\Flagfox\IE\FlagfoxUpdater.exe" -service [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation) S3 AF9035BDA; C:\Windows\System32\DRIVERS\AF15BDA.sys [514144 2009-10-02] (ITETech ) R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-25] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation) R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.) R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.) S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.) R1 MOBKFilter; C:\Windows\System32\DRIVERS\MOBK.sys [66040 2010-04-13] (Mozy, Inc.) R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-04-18] () S3 TVICHW32; C:\Windows\system32\DRIVERS\TVICHW32.SYS [21200 2010-09-21] (EnTech Taiwan) S3 TVICHW32; C:\Windows\SysWOW64\DRIVERS\TVICHW32.SYS [29536 2010-09-21] (EnTech Taiwan) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-25 09:45 - 2014-10-25 09:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2014-10-25 09:43 - 2014-10-25 09:43 - 00000020 ___SH () C:\Users\TEMP\ntuser.ini 2014-10-25 09:43 - 2014-10-25 09:43 - 00000000 _SHDL () C:\Users\TEMP\Vorlagen 2014-10-25 09:43 - 2014-10-25 09:43 - 00000000 _SHDL () C:\Users\TEMP\Startmenü 2014-10-25 09:43 - 2014-10-25 09:43 - 00000000 _SHDL () C:\Users\TEMP\Netzwerkumgebung 2014-10-25 09:43 - 2014-10-25 09:43 - 00000000 _SHDL () C:\Users\TEMP\Lokale Einstellungen 2014-10-25 09:43 - 2014-10-25 09:43 - 00000000 _SHDL () C:\Users\TEMP\Eigene Dateien 2014-10-25 09:43 - 2014-10-25 09:43 - 00000000 _SHDL () C:\Users\TEMP\Druckumgebung 2014-10-25 09:43 - 2014-10-25 09:43 - 00000000 _SHDL () C:\Users\TEMP\Documents\Eigene Musik 2014-10-25 09:43 - 2014-10-25 09:43 - 00000000 _SHDL () C:\Users\TEMP\Documents\Eigene Bilder 2014-10-25 09:43 - 2014-10-25 09:43 - 00000000 _SHDL () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-10-25 09:43 - 2014-10-25 09:43 - 00000000 _SHDL () C:\Users\TEMP\AppData\Local\Verlauf 2014-10-25 09:43 - 2014-10-25 09:43 - 00000000 _SHDL () C:\Users\TEMP\AppData\Local\Anwendungsdaten 2014-10-25 09:43 - 2014-10-25 09:43 - 00000000 _SHDL () C:\Users\TEMP\Anwendungsdaten 2014-10-25 09:43 - 2014-10-25 09:43 - 00000000 ____D () C:\Users\TEMP 2014-10-25 09:43 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-10-25 09:43 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-10-24 22:49 - 2014-10-24 22:49 - 00000983 _____ () C:\Users\Chris\Desktop\checkup.txt 2014-10-24 20:26 - 2014-10-24 20:27 - 00854448 _____ () C:\Users\Chris\Desktop\SecurityCheck.exe 2014-10-24 07:24 - 2014-10-24 07:24 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-10-24 07:18 - 2014-10-24 07:18 - 02347384 _____ (ESET) C:\Users\Chris\Desktop\esetsmartinstaller_deu.exe 2014-10-22 21:38 - 2014-10-22 21:38 - 00000000 ____D () C:\Users\Chris\Desktop\FRST-OlderVersion 2014-10-22 21:31 - 2014-10-22 21:31 - 00001429 _____ () C:\Users\Chris\Desktop\JRT.txt 2014-10-22 21:26 - 2014-10-22 21:26 - 00000000 ____D () C:\Windows\ERUNT 2014-10-22 21:24 - 2014-10-22 21:24 - 01706144 _____ (Thisisu) C:\Users\Chris\Downloads\JRT.exe 2014-10-22 21:24 - 2014-10-22 21:24 - 01706144 _____ (Thisisu) C:\Users\Chris\Desktop\JRT.exe 2014-10-22 21:21 - 2014-10-22 21:21 - 00008092 _____ () C:\Users\Chris\Desktop\AdwCleaner.txt 2014-10-22 21:14 - 2014-10-22 21:18 - 00000000 ____D () C:\AdwCleaner 2014-10-22 21:13 - 2014-10-22 21:12 - 01962496 _____ () C:\Users\Chris\Desktop\AdwCleaner_4.001.exe 2014-10-22 21:12 - 2014-10-22 21:12 - 01962496 _____ () C:\Users\Chris\Downloads\AdwCleaner_4.001.exe 2014-10-22 21:10 - 2014-10-22 21:10 - 00024408 _____ () C:\Users\Chris\Desktop\mbam.txt 2014-10-22 20:43 - 2014-10-25 09:41 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-10-22 20:42 - 2014-10-22 20:42 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-10-22 20:42 - 2014-10-22 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-10-22 20:42 - 2014-10-22 20:42 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-10-22 20:42 - 2014-10-22 20:42 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-10-22 20:42 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-10-22 20:42 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-10-22 20:42 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-10-22 20:39 - 2014-10-22 20:39 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Chris\Downloads\mbam-setup-2.0.3.1025.exe 2014-10-21 17:59 - 2014-10-21 17:57 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Chris\Desktop\tdsskiller.exe 2014-10-21 17:57 - 2014-10-21 17:57 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Chris\Downloads\tdsskiller.exe 2014-10-21 16:40 - 2014-10-21 16:41 - 00050327 _____ () C:\Users\Chris\Desktop\Addition.txt 2014-10-21 16:38 - 2014-10-25 09:46 - 00028804 _____ () C:\Users\Chris\Desktop\FRST.txt 2014-10-21 16:38 - 2014-10-25 09:46 - 00000000 ____D () C:\FRST 2014-10-21 16:37 - 2014-10-22 21:38 - 02112000 _____ (Farbar) C:\Users\Chris\Desktop\FRST64.exe 2014-10-21 16:35 - 2014-10-21 16:35 - 00000472 _____ () C:\Users\Chris\Desktop\defogger_disable.log 2014-10-21 16:35 - 2014-10-21 16:35 - 00000000 _____ () C:\Users\Chris\defogger_reenable 2014-10-21 16:34 - 2014-10-21 16:34 - 00050477 _____ () C:\Users\Chris\Downloads\Defogger.exe 2014-10-21 16:34 - 2014-10-21 16:34 - 00050477 _____ () C:\Users\Chris\Desktop\Defogger.exe 2014-10-21 14:53 - 2014-10-21 18:02 - 00024731 _____ () C:\Users\Chris\Documents\Lasagne Rezept.odt 2014-10-16 19:37 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-10-16 19:37 - 2014-08-29 04:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2014-10-16 19:37 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL 2014-10-16 19:37 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL 2014-10-16 19:37 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL 2014-10-16 19:37 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL 2014-10-16 19:37 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL 2014-10-16 19:37 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL 2014-10-16 19:37 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL 2014-10-16 19:37 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL 2014-10-16 19:37 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL 2014-10-16 19:37 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL 2014-10-16 19:37 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls 2014-10-16 19:37 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls 2014-10-16 19:37 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2014-10-16 19:37 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll 2014-10-16 19:37 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll 2014-10-16 19:37 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2014-10-16 19:37 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll 2014-10-16 19:37 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2014-10-16 19:36 - 2014-10-10 04:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-10-16 19:36 - 2014-10-10 04:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-10-16 19:36 - 2014-10-10 04:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-10-16 19:36 - 2014-10-07 04:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-10-16 19:36 - 2014-10-07 04:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-10-16 19:36 - 2014-09-26 00:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-10-16 19:36 - 2014-09-26 00:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-10-16 19:36 - 2014-09-26 00:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-10-16 19:36 - 2014-09-26 00:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-10-16 19:36 - 2014-09-26 00:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-10-16 19:36 - 2014-09-26 00:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-10-16 19:36 - 2014-09-26 00:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-10-16 19:36 - 2014-09-19 04:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-10-16 19:36 - 2014-09-19 03:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-10-16 19:36 - 2014-09-19 03:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-10-16 19:36 - 2014-09-19 03:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-10-16 19:36 - 2014-09-19 03:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-10-16 19:36 - 2014-09-19 03:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-10-16 19:36 - 2014-09-19 03:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-10-16 19:36 - 2014-09-19 03:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-10-16 19:36 - 2014-09-19 03:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-10-16 19:36 - 2014-09-19 03:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-10-16 19:36 - 2014-09-19 03:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-10-16 19:36 - 2014-09-19 03:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-10-16 19:36 - 2014-09-19 03:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-10-16 19:36 - 2014-09-19 03:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-10-16 19:36 - 2014-09-19 03:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-10-16 19:36 - 2014-09-19 03:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-10-16 19:36 - 2014-09-19 03:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-10-16 19:36 - 2014-09-19 03:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-10-16 19:36 - 2014-09-19 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-10-16 19:36 - 2014-09-19 03:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-10-16 19:36 - 2014-09-19 03:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-10-16 19:36 - 2014-09-19 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-10-16 19:36 - 2014-09-19 03:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-10-16 19:36 - 2014-09-19 03:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-10-16 19:36 - 2014-09-19 03:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-10-16 19:36 - 2014-09-19 03:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-10-16 19:36 - 2014-09-19 02:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-10-16 19:36 - 2014-09-19 02:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-10-16 19:36 - 2014-09-19 02:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-10-16 19:36 - 2014-09-19 02:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-10-16 19:36 - 2014-09-19 02:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-10-16 19:36 - 2014-09-19 02:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-10-16 19:36 - 2014-09-19 02:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-10-16 19:36 - 2014-09-19 02:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-10-16 19:36 - 2014-09-19 02:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-10-16 19:36 - 2014-09-19 02:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-10-16 19:36 - 2014-09-19 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-10-16 19:36 - 2014-09-19 02:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-10-16 19:36 - 2014-09-19 02:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-10-16 19:36 - 2014-09-19 02:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-10-16 19:36 - 2014-09-19 02:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-10-16 19:36 - 2014-09-19 02:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-10-16 19:36 - 2014-09-19 02:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-10-16 19:36 - 2014-09-19 01:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-10-16 19:36 - 2014-09-19 01:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-10-16 19:36 - 2014-09-19 01:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-10-16 19:36 - 2014-09-19 01:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-10-16 19:33 - 2014-09-18 04:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-10-16 19:33 - 2014-09-18 03:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-10-16 19:32 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-10-16 19:32 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2014-10-16 19:32 - 2014-09-05 04:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-10-16 19:32 - 2014-09-05 03:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-10-16 19:32 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2014-10-16 19:32 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll 2014-10-16 19:32 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-10-16 19:32 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-10-16 19:32 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll 2014-10-16 19:32 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2014-10-16 19:32 - 2014-07-17 04:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-10-16 19:32 - 2014-07-17 04:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-10-16 19:32 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll 2014-10-16 19:32 - 2014-07-17 03:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-10-16 19:32 - 2014-07-17 03:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-10-16 19:32 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2014-10-16 19:32 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2014-10-15 11:03 - 2014-10-15 11:03 - 00000418 _____ () C:\Users\Chris\Downloads\GDA-ORGAcheck 15-10-2014 (1).gda 2014-10-15 11:02 - 2014-10-15 11:02 - 00000418 _____ () C:\Users\Chris\Downloads\GDA-ORGAcheck 15-10-2014.gda 2014-10-01 14:48 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2014-10-01 14:48 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2014-09-30 08:10 - 2014-09-30 08:10 - 00001141 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk 2014-09-29 08:02 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-09-29 08:02 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-25 09:43 - 2010-09-20 21:06 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2939C52E-8CED-4836-BCA9-A203DC71A142} 2014-10-25 09:40 - 2014-03-02 18:08 - 00011839 _____ () C:\Windows\setupact.log 2014-10-25 09:40 - 2010-06-17 07:32 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-10-25 09:40 - 2010-03-26 00:17 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-10-25 09:40 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-10-24 22:51 - 2010-06-17 07:24 - 01241052 _____ () C:\Windows\WindowsUpdate.log 2014-10-24 22:37 - 2010-06-17 07:32 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-10-24 22:27 - 2013-02-28 20:27 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-10-24 21:10 - 2013-07-21 03:05 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3461466893-888975716-1916642457-1001UA.job 2014-10-24 07:22 - 2010-06-17 17:19 - 00699682 _____ () C:\Windows\system32\perfh007.dat 2014-10-24 07:22 - 2010-06-17 17:19 - 00149790 _____ () C:\Windows\system32\perfc007.dat 2014-10-24 07:22 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-10-24 07:13 - 2009-07-14 06:45 - 00018928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-10-24 07:13 - 2009-07-14 06:45 - 00018928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-10-22 21:19 - 2014-03-02 18:08 - 00045764 _____ () C:\Windows\PFRO.log 2014-10-21 21:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-10-21 16:35 - 2010-09-20 20:57 - 00000000 ____D () C:\Users\Chris 2014-10-17 20:48 - 2009-07-14 06:45 - 00315136 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-10-17 20:45 - 2014-05-06 22:46 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-10-16 21:43 - 2013-08-15 22:54 - 00000000 ____D () C:\Windows\system32\MRT 2014-10-16 21:37 - 2010-09-20 21:48 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-10-07 20:57 - 2011-10-06 23:48 - 00000000 ____D () C:\Users\Chris\Documents\Bewerbung 2014-10-01 14:39 - 2010-09-20 21:21 - 00000000 ____D () C:\Update 2014-09-30 08:17 - 2010-06-17 07:34 - 00000000 ____D () C:\Program Files\Sony 2014-09-30 08:11 - 2011-04-13 23:58 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation 2014-09-30 08:11 - 2010-03-26 01:44 - 00000000 ____D () C:\ProgramData\Sony Corporation 2014-09-30 08:10 - 2010-03-26 00:14 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-09-30 08:01 - 2014-01-29 15:50 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-09-30 07:57 - 2013-02-28 20:27 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-09-29 08:27 - 2013-01-04 12:20 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-09-29 08:27 - 2011-12-20 09:40 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl Some content of TEMP: ==================== C:\Users\Chris\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe C:\Users\Chris\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe C:\Users\Chris\AppData\Local\Temp\Quarantine.exe C:\Users\Chris\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-16 21:11 ==================== End Of Log ============================ Ob ich noch Probleme habe? Keine Ahnung... Mein Problem waren die scheinbar von meinem Yahoo Account verschickten Spams. Habe zumindest keine weiteren Hinweise über neue Spams erhalten. Haben die Scans denn irgendeinen Plagegeist gefunden, der für mein Problem verantwortlich gewesen sein könnte? Gruß Chris |
|
25.10.2014, 19:08
| #10 |
| /// the machine /// TB-Ausbilder | Windows 7, von meinem Yahoo Account werden scheinbar Spam-Mails verschickt Da war überwiegend nur Adware drauf. Ich denke eher das Konto wurde einfach gehackt. AUf jeden Fall Passwort ändern. Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.11.2014, 22:05
| #11 |
| | Windows 7, von meinem Yahoo Account werden scheinbar Spam-Mails verschickt Hallo Schrauber, sorry für die späte Rückmeldung. Es scheint vorerst alles ok zu sein. Danke für Deine Mühe, für die schnelle Unterstützung und für die Tipps. LG Chris |
|
13.11.2014, 17:16
| #12 |
| /// the machine /// TB-Ausbilder | Windows 7, von meinem Yahoo Account werden scheinbar Spam-Mails verschickt Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows 7, von meinem Yahoo Account werden scheinbar Spam-Mails verschickt |
| canon, dvdvideosoft ltd., fehlercode 0x81000006, fehlercode 0xc0000005, fehlercode 0xe0434352, fehlercode windows, mcafee firewall, pup.optional.opencandy, pup.optional.opencandy.a, pup.optional.softonic.a, pup.optional.softtonic.a, pup.optional.solimba, pup.optional.systemspeedup, win32/downloadsponsor.a, win32/firseriainstaller.f, win32/toolbar.montiera.i, win64/systweak.a, wscript.exe |
Linear-Darstellung
